{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T03:37:07Z","timestamp":1743046627966,"version":"3.40.3"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030715892"},{"type":"electronic","value":"9783030715908"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-71590-8_11","type":"book-chapter","created":{"date-parts":[[2021,3,6]],"date-time":"2021-03-06T15:02:33Z","timestamp":1615042953000},"page":"185-198","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detection and Defense Methods of Cyber Attacks"],"prefix":"10.1007","author":[{"given":"Kai","family":"Xing","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aiping","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rong","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Jia","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,3,7]]},"reference":[{"key":"11_CR1","first-page":"870","volume":"48","author":"R-D Chen","year":"2019","unstructured":"Chen, R.-D., Zhang, X.-S., Niu, W.-N., Lan, H.-Y.: A research on architecture of apt attack detection and countering technology. J. Univ. Electron. Sci. Technol. China 48, 870\u2013879 (2019)","journal-title":"J. Univ. Electron. Sci. Technol. China"},{"issue":"3","key":"11_CR2","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"R Langner","year":"2011","unstructured":"Langner, R.: StuxNet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49\u201351 (2011)","journal-title":"IEEE Secur. Priv."},{"issue":"8","key":"11_CR3","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/S1353-4858(11)70086-1","volume":"2011","author":"C Tankard","year":"2011","unstructured":"Tankard, C.: Advanced persistent threats and how to monitor and deter them. Netw. Secur. 2011(8), 16\u201319 (2011)","journal-title":"Netw. Secur."},{"issue":"4","key":"11_CR4","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1016\/S1353-4858(15)30028-3","volume":"2015","author":"M Auty","year":"2015","unstructured":"Auty, M.: Anatomy of an advanced persistent threat. Netw. Secur. 2015(4), 13\u201316 (2015)","journal-title":"Netw. Secur."},{"issue":"1","key":"11_CR5","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.eng.2018.01.004","volume":"4","author":"Y Jia","year":"2018","unstructured":"Jia, Y., Qi, Y., Shang, H., Jiang, R., Li, A.: A practical approach to constructing a knowledge graph for cybersecurity. Engineering 4(1), 1\u2013164 (2018)","journal-title":"Engineering"},{"issue":"4","key":"11_CR6","doi-asserted-by":"publisher","first-page":"2567","DOI":"10.1007\/s11280-020-00811-0","volume":"23","author":"X Zhao","year":"2020","unstructured":"Zhao, X., Jia, Y., Li, A., Jiang, R., Song, Y.: Multi-source knowledge fusion: a survey. World Wide Web 23(4), 2567\u20132592 (2020). https:\/\/doi.org\/10.1007\/s11280-020-00811-0","journal-title":"World Wide Web"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Lee, C.Y., Lee, T.J., Park, H.R.: The characteristics of APT attacks and strategies of countermeasure. In: International Conference on Information Engineering (2014)","DOI":"10.2495\/ICIE130251"},{"key":"11_CR8","unstructured":"Radack, S.: Managing information security risk: organization, mission and information system view. Technical report, National Institute of Standards and Technology (2011)"},{"issue":"11","key":"11_CR9","doi-asserted-by":"publisher","first-page":"2512","DOI":"10.1109\/TMC.2018.2814052","volume":"17","author":"L Xiao","year":"2018","unstructured":"Xiao, L., Xu, D., Mandayam, N.B., Poor, H.V.: Attacker-centric view of a detection game against advanced persistent threats. IEEE Trans. Mob. Comput. 17(11), 2512\u20132523 (2018)","journal-title":"IEEE Trans. Mob. Comput."},{"key":"11_CR10","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.future.2019.01.056","volume":"96","author":"AM Lajevardi","year":"2019","unstructured":"Lajevardi, A.M., Amini, M.: A semantic-based correlation approach for detecting hybrid and low-level APTs. Future Gener. Comput. Syst. 96, 64\u201388 (2019)","journal-title":"Future Gener. Comput. Syst."},{"key":"11_CR11","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1016\/j.comnet.2016.05.018","volume":"109","author":"M Marchetti","year":"2016","unstructured":"Marchetti, M., Pierazzi, F., Colajanni, M., Guido, A.: Analysis of high volumes of network traffic for advanced persistent threat detection. Comput. Netw. 109, 127\u2013141 (2016)","journal-title":"Comput. Netw."},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Lu, J., Zhang, X., Junfeng, W., Lingyun, Y.: APT traffic detection based on time transform. In: International Conference on Intelligent Transportation (2017)","DOI":"10.1109\/ICITBS.2016.87"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Siddiqui, S., Khan, M.S., Ferens, K., Kinsner, W.: Detecting advanced persistent threats using fractal dimension based machine learning classification. In: Verma, R.M. Rusinowitch, M. (eds.) Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics, IWSPA@CODASPY 2016, New Orleans, LA, USA, 11 March 2016, pp. 64\u201369. ACM (2016)","DOI":"10.1145\/2875475.2875484"},{"key":"11_CR14","unstructured":"Brogi, G.: Real-time detection of advanced persistent threats using information flow tracking and hidden Markov models. (D\u00e9tection temps r\u00e9el de Menaces Persistantes Avanc\u00e9es par Suivi de Flux d\u2019Information et Mod\u00e8les de Markov Cach\u00e9s). Ph.D. thesis, Conservatoire national des arts et m\u00e9tiers, Paris, France (2018)"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"498","DOI":"10.1007\/978-3-030-04648-4_42","volume-title":"Computational Data and Social Networks","author":"T Bodstr\u00f6m","year":"2018","unstructured":"Bodstr\u00f6m, T., H\u00e4m\u00e4l\u00e4inen, T.: A novel method for detecting APT attacks by using OODA loop and black swan theory. In: Chen, X., Sen, A., Li, W.W., Thai, M.T. (eds.) CSoNet 2018. LNCS, vol. 11280, pp. 498\u2013509. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-04648-4_42"},{"issue":"6","key":"11_CR16","doi-asserted-by":"publisher","first-page":"1055","DOI":"10.3390\/app9061055","volume":"9","author":"T Bodstrm","year":"2019","unstructured":"Bodstrm, T., Hmlinen, T.: A novel deep learning stack for apt detection. Appl. Sci. 9(6), 1055 (2019)","journal-title":"Appl. Sci."},{"issue":"1","key":"11_CR17","first-page":"281","volume":"47","author":"H Liu","year":"2020","unstructured":"Liu, H., Wu, T., Shen, J., Shi, C.: Advanced persistent threat detection based on generative adversarial networks and long short-term memory. Comput. Sci. 47(1), 281\u2013286 (2020)","journal-title":"Comput. Sci."},{"key":"11_CR18","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1016\/j.future.2018.06.055","volume":"89","author":"I Ghafir","year":"2018","unstructured":"Ghafir, I., et al.: Detection of advanced persistent threat using machine-learning correlation analysis. Future Gener. Comput. Syst. 89, 349\u2013359 (2018)","journal-title":"Future Gener. Comput. Syst."},{"key":"11_CR19","doi-asserted-by":"publisher","first-page":"525","DOI":"10.1016\/j.future.2019.02.045","volume":"96","author":"A Zimba","year":"2019","unstructured":"Zimba, A., Chen, H., Wang, Z.: Bayesian network based weighted APT attack paths modeling in cloud computing. Future Gener. Comput. Syst. 96, 525\u2013537 (2019)","journal-title":"Future Gener. Comput. Syst."},{"key":"11_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-319-25594-1_6","volume-title":"Decision and Game Theory for Security","author":"M Zhang","year":"2015","unstructured":"Zhang, M., Zheng, Z., Shroff, N.B.: A game theoretic model for defending against stealthy attacks with limited resources. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 93\u2013112. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-25594-1_6"},{"issue":"7","key":"11_CR21","doi-asserted-by":"publisher","first-page":"1713","DOI":"10.1109\/TIFS.2018.2885251","volume":"14","author":"L Yang","year":"2019","unstructured":"Yang, L., Li, P., Zhang, Y., Yang, X., Xiang, Y., Zhou, W.: Effective repair strategy against advanced persistent threat: a differential game approach. IEEE Trans. Inf. Forensics Secur. 14(7), 1713\u20131728 (2019)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"11_CR22","doi-asserted-by":"publisher","first-page":"13958","DOI":"10.1109\/ACCESS.2018.2814481","volume":"6","author":"Q Zhu","year":"2018","unstructured":"Zhu, Q., Rass, S.: On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6, 13958\u201313971 (2018)","journal-title":"IEEE Access"},{"issue":"1","key":"11_CR23","doi-asserted-by":"publisher","first-page":"18:1","DOI":"10.1145\/2886100","volume":"16","author":"K Wang","year":"2016","unstructured":"Wang, K., Du, M., Yang, D., Zhu, C., Shen, J., Zhang, Y.: Game-theory-based active defense for intrusion detection in cyber-physical embedded systems. ACM Trans. Embed. Comput. Syst. 16(1), 18:1\u201318:21 (2016)","journal-title":"ACM Trans. Embed. Comput. Syst."},{"key":"11_CR24","first-page":"1","volume":"9","author":"C Aijuan","year":"2004","unstructured":"Aijuan, C., Baoxu, L., Rongsheng, X.U.: Summary of the honeynet and entrapment defense technology. Comput. Eng. 9, 1\u20133 (2004)","journal-title":"Comput. Eng."},{"issue":"1","key":"11_CR25","doi-asserted-by":"publisher","first-page":"585","DOI":"10.4218\/etrij.2019-0152","volume":"41","author":"W Tian","year":"2019","unstructured":"Tian, W., XiaoPeng, J., Liu, W., Zhai, J., Huang, S.: Honeypot game-theoretical model for defending against apt attacks with limited resources in cyber-physical systems. ETRI J. 41(1), 585\u2013598 (2019)","journal-title":"ETRI J."},{"key":"11_CR26","unstructured":"Zhen, F.: Design of security monitor module at runtime based on dynamic information flow tracking. Comput. Appl. Softw. (2012)"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Sahabandu, D., Xiao, B., Clark, A., Lee, S., Lee, W., Poovendran, R.: DIFT games: dynamic information flow tracking games for advanced persistent threats. In: 57th IEEE Conference on Decision and Control, CDC 2018, Miami, FL, USA, 17\u201319 December 2018, pp. 1136\u20131143. IEEE (2018)","DOI":"10.1109\/CDC.2018.8619416"},{"key":"11_CR28","unstructured":"Moothedath, S., et al.: A game theoretic approach for dynamic information flow tracking to detect multi-stage advanced persistent threats. CoRR, vol. abs\/1811.05622 (2018)"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Xu, D., Xiao, L., Mandayam, N.B., Poor, H.V.: Cumulative prospect theoretic study of a cloud storage defense game against advanced persistent threats. In: 2017 IEEE Conference on Computer Communications Workshops, INFOCOM Workshops, Atlanta, GA, USA, 1\u20134 May 2017, pp. 541\u2013546. IEEE (2017)","DOI":"10.1109\/INFCOMW.2017.8116435"},{"key":"11_CR30","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-981-13-6621-5_10","volume-title":"Cyber Security","author":"Y Li","year":"2019","unstructured":"Li, Y., Zhang, T., Li, X., Li, T.: A model of APT attack defense based on cyber threat detection. In: Yun, X., et al. (eds.) CNCERT 2018. CCIS, vol. 970, pp. 122\u2013135. Springer, Singapore (2019). https:\/\/doi.org\/10.1007\/978-981-13-6621-5_10"},{"issue":"6","key":"11_CR31","doi-asserted-by":"publisher","first-page":"4250","DOI":"10.1109\/JIOT.2018.2844878","volume":"5","author":"M Min","year":"2018","unstructured":"Min, M., Xiao, L., Xie, C., Hajimirsadeghi, M., Mandayam, N.B.: Defense against advanced persistent threats in dynamic cloud storage: a colonel blotto game approach. IEEE Internet Things J. 5(6), 4250\u20134261 (2018)","journal-title":"IEEE Internet Things J."},{"key":"11_CR32","doi-asserted-by":"publisher","first-page":"8482","DOI":"10.1109\/ACCESS.2017.2691326","volume":"5","author":"AAA Abass","year":"2017","unstructured":"Abass, A.A.A., Xiao, L., Mandayam, N.B., Gajic, Z.: Evolutionary game theoretic analysis of advanced persistent threats against cloud storage. IEEE Access 5, 8482\u20138491 (2017)","journal-title":"IEEE Access"}],"container-title":["Lecture Notes in Computer Science","MDATA: A New Knowledge Representation Model"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-71590-8_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,3,6]],"date-time":"2021-03-06T15:07:07Z","timestamp":1615043227000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-71590-8_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030715892","9783030715908"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-71590-8_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"7 March 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}