{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T21:16:02Z","timestamp":1743023762170,"version":"3.40.3"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030927073"},{"type":"electronic","value":"9783030927080"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-92708-0_11","type":"book-chapter","created":{"date-parts":[[2022,1,3]],"date-time":"2022-01-03T23:02:43Z","timestamp":1641250963000},"page":"185-201","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["An Architecture for\u00a0Processing a\u00a0Dynamic Heterogeneous Information Network of\u00a0Security Intelligence"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9193-8517","authenticated-orcid":false,"given":"Marios","family":"Anagnostopoulos","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0542-5334","authenticated-orcid":false,"given":"Egon","family":"Kidmose","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7891-4505","authenticated-orcid":false,"given":"Amine","family":"Laghaout","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0815-5395","authenticated-orcid":false,"given":"Rasmus L.","family":"Olsen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9371-9759","authenticated-orcid":false,"given":"Sajad","family":"Homayoun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0921-7148","authenticated-orcid":false,"given":"Christian D.","family":"Jensen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1903-2921","authenticated-orcid":false,"given":"Jens M.","family":"Pedersen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,1,4]]},"reference":[{"issue":"5","key":"11_CR1","doi-asserted-by":"publisher","first-page":"455","DOI":"10.1007\/s10207-015-0310-0","volume":"15","author":"M Anagnostopoulos","year":"2016","unstructured":"Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Sec. 15(5), 455\u2013473 (2016)","journal-title":"Int. J. Inf. Sec."},{"key":"11_CR2","first-page":"1","volume":"11","author":"S Barnum","year":"2012","unstructured":"Barnum, S.: Standardizing cyber threat intelligence information with the structured threat information expression (stix). Mitre Corporation 11, 1\u201322 (2012)","journal-title":"Mitre Corporation"},{"issue":"1","key":"11_CR3","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1016\/j.comnet.2011.07.018","volume":"56","author":"H Choi","year":"2012","unstructured":"Choi, H., Lee, H.: Identifying botnets by capturing group activities in DNS traffic. Comput. Netw. 56(1), 20\u201333 (2012)","journal-title":"Comput. Netw."},{"doi-asserted-by":"publisher","unstructured":"Gao, Y., Xiaoyong, L., Hao, P., Fang, B., Yu, P.: Hincti: A cyber threat intelligence modeling and identification system based on heterogeneous information network. IEEE Trans. Knowl. Data Eng., 1\u20131 (2020). https:\/\/doi.org\/10.1109\/TKDE.2020.2987019","key":"11_CR4","DOI":"10.1109\/TKDE.2020.2987019"},{"doi-asserted-by":"crossref","unstructured":"Garcia-Lebron, R.B., Schweitzer, K.M., Bateman, R.M., Xu, S.: A framework for characterizing the evolution of cyber attacker-victim relation graphs. In: MILCOM 2018\u20132018 IEEE Military Communications Conference (MILCOM), pp. 70\u201375. IEEE (2018)","key":"11_CR5","DOI":"10.1109\/MILCOM.2018.8599852"},{"doi-asserted-by":"crossref","unstructured":"Hageman, K., Kidmose, E., Hansen, R.R., Pedersen, J.M.: Can a TLS Certificate Be Phishy? In: 18th International Conference on Security and Cryptography, SECRYPT 2021, pp. 38\u201349 (2021)","key":"11_CR6","DOI":"10.5220\/0010516600002998"},{"unstructured":"Hamilton, W.L., Ying, R., Leskovec, J.: Inductive representation learning on large graphs. In: Proceedings of the 31st International Conference on Neural Information Processing Systems, pp. 1025\u20131035 (2017)","key":"11_CR7"},{"doi-asserted-by":"crossref","unstructured":"Khalil, I., Yu, T., Guan, B.: Discovering malicious domains through passive DNS data graph analysis. In: Proceedings of the 11th ACM ASIACCS, pp. 663\u2013674. ACM (2016)","key":"11_CR8","DOI":"10.1145\/2897845.2897877"},{"unstructured":"Laghaout, A.: Supervised learning on heterogeneous, attributed entities interacting over time. arXiv preprint arXiv:2007.11455 (2020)","key":"11_CR9"},{"unstructured":"Li, V.G., Dunn, M., Pearce, P., McCoy, D., Voelker, G.M., Savage, S.: Reading the tea leaves: a comparative analysis of threat intelligence. In: 28th USENIX Security Symposium, pp. 851\u2013867 (2019)","key":"11_CR10"},{"key":"11_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-11203-9_1","volume-title":"Computer Security - ESORICS 2014","author":"PK Manadhata","year":"2014","unstructured":"Manadhata, P.K., Yadav, S., Rao, P., Horne, W.: Detecting malicious domains via graph inference. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 1\u201318. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11203-9_1"},{"doi-asserted-by":"crossref","unstructured":"Modi, A., et al.: Towards automated threat intelligence fusion. In: 2nd IEEE CIC, pp. 408\u2013416. IEEE (2016)","key":"11_CR12","DOI":"10.1109\/CIC.2016.060"},{"doi-asserted-by":"crossref","unstructured":"Moura, G.C., M\u00fcller, M., Wullink, M., Hesselman, C.: ndews: a new domains early warning system for TLDS. In: NOMS 2016, pp. 1061\u20131066. IEEE (2016)","key":"11_CR13","DOI":"10.1109\/NOMS.2016.7502961"},{"unstructured":"Panum, T.K., Hageman, K., Hansen, R.R., Pedersen, J.M.: Towards adversarial phishing detection. In: 13th USENIX Workshop on CSET20 (2020)","key":"11_CR14"},{"key":"11_CR15","first-page":"35","volume":"67","author":"S Qamar","year":"2017","unstructured":"Qamar, S., Anwar, Z., Rahman, M.A., Al-Shaer, E., Chu, B.T.: Data-driven analytics for cyber-threat intelligence and information sharing. COSE 67, 35\u201358 (2017)","journal-title":"COSE"},{"doi-asserted-by":"crossref","unstructured":"Rahbarinia, B., Perdisci, R., Antonakakis, M.: Segugio: efficient behavior-based tracking of malware-control domains in large ISP networks. In: 45th Annual IEEE\/IFIP DSN, pp. 403\u2013414. IEEE (2015)","key":"11_CR16","DOI":"10.1109\/DSN.2015.35"},{"key":"11_CR17","first-page":"102057","volume":"99","author":"X Sun","year":"2020","unstructured":"Sun, X., Wang, Z., Yang, J., Liu, X.: Deepdom: malicious domain detection with scalable and heterogeneous graph convolutional networks. COSE 99, 102057 (2020)","journal-title":"COSE"},{"doi-asserted-by":"crossref","unstructured":"Tran, H., Nguyen, A., Vo, P., Vu, T.: Dns graph mining for malicious domain detection. In: 2017 IEEE International Conference on Big Data (Big Data), pp. 4680\u20134685. IEEE (2017)","key":"11_CR18","DOI":"10.1109\/BigData.2017.8258515"},{"key":"11_CR19","first-page":"101589","volume":"87","author":"TD Wagner","year":"2019","unstructured":"Wagner, T.D., Mahbub, K., Palomar, E., Abdallah, A.E.: Cyber threat intelligence sharing: survey and research directions. COSE 87, 101589 (2019)","journal-title":"COSE"},{"unstructured":"Zhang, J., Shi, X., Xie, J., Ma, H., King, I., Yeung, D.Y.: GaAN: gated attention networks for learning on large and spatiotemporal graphs. arXiv preprint arXiv:1803.07294 (2018)","key":"11_CR20"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-92708-0_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,29]],"date-time":"2022-04-29T16:06:38Z","timestamp":1651248398000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-92708-0_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030927073","9783030927080"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-92708-0_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"4 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Network and System Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tianjin","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nss2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/nss2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"62","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.75","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}