{"id":"https://openalex.org/W4416949200","doi":"https://doi.org/10.4108/eetsis.9770","title":"An Integrated Cybersecurity Defense Framework for Attack Intelligence Analysis, Counteraction, and Traceability in Complex Network Architectures","display_name":"An Integrated Cybersecurity Defense Framework for Attack Intelligence Analysis, Counteraction, and Traceability in Complex Network Architectures","publication_year":2025,"publication_date":"2025-12-03","ids":{"openalex":"https://openalex.org/W4416949200","doi":"https://doi.org/10.4108/eetsis.9770"},"language":null,"primary_location":{"id":"doi:10.4108/eetsis.9770","is_oa":true,"landing_page_url":"https://doi.org/10.4108/eetsis.9770","pdf_url":"https://publications.eai.eu/index.php/sis/article/download/9770/3801","source":{"id":"https://openalex.org/S4210240886","display_name":"ICST Transactions on Scalable Information Systems","issn_l":"2032-9407","issn":["2032-9407"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321145","host_organization_name":"European Alliance for Innovation","host_organization_lineage":["https://openalex.org/P4310321145"],"host_organization_lineage_names":["European Alliance for Innovation"],"type":"journal"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICST Transactions on Scalable Information Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://publications.eai.eu/index.php/sis/article/download/9770/3801","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100800411","display_name":"Xiangyu Le","orcid":null},"institutions":[{"id":"https://openalex.org/I867306930","display_name":"Power Grid Corporation (India)","ror":"https://ror.org/0136vj189","country_code":"IN","type":"company","lineage":["https://openalex.org/I867306930"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Xiangyu Le","raw_affiliation_strings":["Guangxi Power Grid Co.Ltd"],"affiliations":[{"raw_affiliation_string":"Guangxi Power Grid Co.Ltd","institution_ids":["https://openalex.org/I867306930"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5114180034","display_name":"Hushuang Zeng","orcid":null},"institutions":[{"id":"https://openalex.org/I867306930","display_name":"Power Grid Corporation (India)","ror":"https://ror.org/0136vj189","country_code":"IN","type":"company","lineage":["https://openalex.org/I867306930"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Hushuang Zeng","raw_affiliation_strings":["Guangxi Power Grid Co.Ltd"],"affiliations":[{"raw_affiliation_string":"Guangxi Power Grid Co.Ltd","institution_ids":["https://openalex.org/I867306930"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5100800411"],"corresponding_institution_ids":["https://openalex.org/I867306930"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.20978917,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"12","issue":"6","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.2556999921798706,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.2556999921798706,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10064","display_name":"Complex Network Analysis Techniques","score":0.14630000293254852,"subfield":{"id":"https://openalex.org/subfields/3109","display_name":"Statistical and Nonlinear Physics"},"field":{"id":"https://openalex.org/fields/31","display_name":"Physics and Astronomy"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.08550000190734863,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation awareness","score":0.4025000035762787},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.39959999918937683},{"id":"https://openalex.org/keywords/intelligence-analysis","display_name":"Intelligence analysis","score":0.3865000009536743},{"id":"https://openalex.org/keywords/complex-network","display_name":"Complex network","score":0.3783000111579895},{"id":"https://openalex.org/keywords/traceability","display_name":"Traceability","score":0.3767000138759613},{"id":"https://openalex.org/keywords/bayesian-network","display_name":"Bayesian network","score":0.36579999327659607},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.3614000082015991},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.3587999939918518}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7633000016212463},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49939998984336853},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.4025000035762787},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.39959999918937683},{"id":"https://openalex.org/C517642484","wikidata":"https://www.wikidata.org/wiki/Q2388514","display_name":"Intelligence analysis","level":2,"score":0.3865000009536743},{"id":"https://openalex.org/C34947359","wikidata":"https://www.wikidata.org/wiki/Q665189","display_name":"Complex network","level":2,"score":0.3783000111579895},{"id":"https://openalex.org/C153876917","wikidata":"https://www.wikidata.org/wiki/Q899704","display_name":"Traceability","level":2,"score":0.3767000138759613},{"id":"https://openalex.org/C33724603","wikidata":"https://www.wikidata.org/wiki/Q812540","display_name":"Bayesian network","level":2,"score":0.36579999327659607},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.3614000082015991},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.3587999939918518},{"id":"https://openalex.org/C2775945657","wikidata":"https://www.wikidata.org/wiki/Q381442","display_name":"Structuring","level":2,"score":0.34119999408721924},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.31790000200271606},{"id":"https://openalex.org/C139502532","wikidata":"https://www.wikidata.org/wiki/Q1122090","display_name":"Computational intelligence","level":2,"score":0.31769999861717224},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.296099990606308},{"id":"https://openalex.org/C177142836","wikidata":"https://www.wikidata.org/wiki/Q44455","display_name":"Game theory","level":2,"score":0.2833999991416931},{"id":"https://openalex.org/C49504249","wikidata":"https://www.wikidata.org/wiki/Q4168000","display_name":"Military intelligence","level":2,"score":0.27799999713897705},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.2775999903678894},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2766000032424927},{"id":"https://openalex.org/C158207573","wikidata":"https://www.wikidata.org/wiki/Q5747224","display_name":"Heterogeneous network","level":4,"score":0.27459999918937683},{"id":"https://openalex.org/C2781187084","wikidata":"https://www.wikidata.org/wiki/Q1140666","display_name":"Network-centric warfare","level":2,"score":0.26190000772476196},{"id":"https://openalex.org/C113336015","wikidata":"https://www.wikidata.org/wiki/Q574010","display_name":"Complete information","level":2,"score":0.2581999897956848},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.2556000053882599}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.4108/eetsis.9770","is_oa":true,"landing_page_url":"https://doi.org/10.4108/eetsis.9770","pdf_url":"https://publications.eai.eu/index.php/sis/article/download/9770/3801","source":{"id":"https://openalex.org/S4210240886","display_name":"ICST Transactions on Scalable Information Systems","issn_l":"2032-9407","issn":["2032-9407"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321145","host_organization_name":"European Alliance for Innovation","host_organization_lineage":["https://openalex.org/P4310321145"],"host_organization_lineage_names":["European Alliance for Innovation"],"type":"journal"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICST Transactions on Scalable Information Systems","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.4108/eetsis.9770","is_oa":true,"landing_page_url":"https://doi.org/10.4108/eetsis.9770","pdf_url":"https://publications.eai.eu/index.php/sis/article/download/9770/3801","source":{"id":"https://openalex.org/S4210240886","display_name":"ICST Transactions on Scalable Information Systems","issn_l":"2032-9407","issn":["2032-9407"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321145","host_organization_name":"European Alliance for Innovation","host_organization_lineage":["https://openalex.org/P4310321145"],"host_organization_lineage_names":["European Alliance for Innovation"],"type":"journal"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICST Transactions on Scalable Information Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4416949200.pdf"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"INTRODUCTION:":[0],"In":[1],"response":[2],"to":[3,130,231,246,291,396,437,463],"the":[4,57,87,185,213,236,241,248,275,378,421,446,479,483],"increasingly":[5],"severe":[6],"and":[7,17,34,79,89,107,113,123,151,176,190,195,211,219,263,285,297,326,330,353,370,400,415,427,452,477],"complex":[8,37,68,431],"cybersecurity":[9],"threats":[10,15,71,319],"posed":[11],"by":[12],"advanced":[13,69,317],"persistent":[14,70,318],"(APTs)":[16,72],"other":[18],"sophisticated":[19],"attacks,":[20],"this":[21],"paper":[22,337],"proposes":[23],"an":[24,96],"integrated":[25],"security":[26,59],"defense":[27,60,94,331,403],"framework":[28,136,254,340,380],"for":[29,56,93,172,367,390],"attack":[30],"intelligence":[31,42,51,88,98,110,120,144,164,238,302,346,362,392,442],"analysis,":[32],"counteraction,":[33],"traceability":[35],"in":[36,310,323,429],"network":[38,227,432],"architectures.":[39],"Consolidating":[40],"threat":[41,109,119,143,237,301,345,391,411,424,441,470],"from":[43,67,95,303],"multiple":[44,74,488],"sources":[45,305],"that":[46,137,161,170,274,341,377,409,474],"provide":[47],"different":[48,469],"types":[49],"of":[50,81,140,250,388,423,448,468],"is":[52,158,229,255,306,436],"a":[53,117,127,135,141,152,159,166,177,200,224,264,307,339,343,354,364,385,439,464],"major":[54],"obstacle":[55],"cyber":[58],"community,":[61],"particularly":[62],"when":[63,313],"serious":[64],"challenges":[65],"arise":[66],"involving":[73],"entities.":[75],"Inconsistent":[76],"data":[77,83,324],"formats":[78,325],"methods":[80],"structuring":[82],"further":[84],"complicate":[85],"analyzing":[86],"creating":[90],"improved":[91,368],"strategies":[92,215],"all-source":[97],"model.":[99],"OBJECTIVES:":[100],"The":[101,253,321,406,434,460],"proposed":[102,276,379],"approach":[103],"leverages":[104],"both":[105],"internal":[106],"external":[108],"sources,":[111],"standardizes":[112,360],"integrates":[114,342],"them":[115],"into":[116,126,165,363],"heterogeneous":[118,142,300,344],"knowledge":[121,145,347,443],"graph,":[122,146],"transforms":[124],"it":[125],"homogeneous":[128,168,365],"representation":[129,467],"facilitate":[131],"analysis.":[132],"Here":[133],"introduces":[134,338],"allows":[138,171],"integration":[139],"Bayesian":[147,208,350,449],"game":[148,209],"theoretic":[149],"modeling,":[150,414],"Graph":[153,355,456],"Attention":[154,356,457],"Network":[155,201,357,458],"(GAT).":[156,358,459],"It":[157,359],"method":[160,277],"converts":[162],"multi-source":[163,361],"single,":[167],"graph":[169,225,348,366,444],"more":[173],"informative":[174],"analysis":[175,329,369],"greater":[178],"adaptive":[179,371],"decision-making":[180,428],"capacity.":[181],"METHODS:":[182],"To":[183],"model":[184],"strategic":[186,402],"interaction":[187],"between":[188,244],"attackers":[189],"defenders":[191],"under":[192],"incomplete":[193],"information":[194],"resource":[196],"constraints,":[197],"we":[198],"construct":[199],"Attack-Defense":[202],"Game":[203],"Model":[204],"(NADGM)":[205],"based":[206,454],"on":[207,235,267,455],"theory":[210],"derive":[212],"equilibrium":[214],"using":[216,259],"linear":[217],"programming":[218],"Harsanyi":[220],"transformation.":[221],"RESULTS:":[222],"Furthermore,":[223],"attention":[226],"(GAT)":[228],"applied":[230],"perform":[232],"node":[233],"classification":[234,280,386],"reports,":[239],"exploiting":[240],"semantic":[242],"relations":[243],"entities":[245],"enhance":[247],"accuracy":[249,387,486],"organization-level":[251],"attribution.":[252],"validated":[256],"through":[257],"experiments":[258],"real-world":[260],"APT":[261],"reports":[262],"case":[265],"study":[266],"ransomware":[268],"attack-defense":[269,287],"scenarios.":[270],"Experimental":[271,374],"results":[272,375],"demonstrate":[273],"achieves":[278],"superior":[279],"performance,":[281],"effective":[282],"strategy":[283,332],"optimization,":[284],"reasonable":[286],"situation":[288],"evolution":[289],"compared":[290],"baseline":[292],"models":[293],"such":[294],"as":[295],"GCN":[296],"GraphSAGE.":[298],"Integrating":[299],"diverse":[304],"significant":[308],"challenge":[309],"cybersecurity,":[311],"especially":[312],"dealing":[314],"with":[315,349,445],"complex,":[316],"(APTs).":[320],"variation":[322],"structures":[327],"complicates":[328],"optimization.":[333],"Key":[334],"Contributions":[335],"This":[336,394],"game-theoretic":[351,413,450],"modeling":[352,451],"decision-making.":[372],"Results":[373],"show":[376],"outperforms":[381],"traditional":[382],"models,":[383],"achieving":[384],"0.81":[389],"reports.":[393],"leads":[395,462],"enhanced":[397],"detection":[398,485],"performance":[399],"optimized":[401],"decisions.":[404],"CONCLUSION:":[405],"findings":[407],"suggest":[408],"integrating":[410],"intelligence,":[412],"graph-based":[416],"learning":[417],"can":[418],"significantly":[419],"improve":[420],"efficiency":[422],"detection,":[425],"response,":[426],"large-scale,":[430],"environments.":[433],"novelty":[435],"integrate":[438],"mixed":[440],"application":[447],"classifier":[453,461],"single":[465],"structured":[466],"data,":[471],"recommends":[472],"defenses":[473],"are":[475],"best":[476],"at":[478],"same":[480],"time,":[481],"enhances":[482],"overall":[484],"across":[487],"datasets.":[489]},"counts_by_year":[],"updated_date":"2026-03-11T06:11:40.159057","created_date":"2025-12-03T00:00:00"}