{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T08:51:01Z","timestamp":1771231861396,"version":"3.50.1"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031001284","type":"print"},{"value":"9783031001291","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-00129-1_40","type":"book-chapter","created":{"date-parts":[[2022,4,22]],"date-time":"2022-04-22T14:23:55Z","timestamp":1650637435000},"page":"468-480","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["RShield: A Refined Shield for Complex Multi-step Attack Detection Based on Temporal Graph Network"],"prefix":"10.1007","author":[{"given":"Weiyong","family":"Yang","sequence":"first","affiliation":[]},{"given":"Peng","family":"Gao","sequence":"additional","affiliation":[]},{"given":"Hao","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Xingshen","family":"Wei","sequence":"additional","affiliation":[]},{"given":"Wei","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Shishun","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Wang","family":"Luo","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,4,8]]},"reference":[{"key":"40_CR1","doi-asserted-by":"crossref","unstructured":"Liu, F., Wen, Y., Zhang, D., Jiang, X., Xing, X., Meng, D.: Log2vec: a heterogeneous graph embedding based approach for detecting cyber threats within enterprise. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1777\u20131794. Association for Computing Machinery, New York (2019)","DOI":"10.1145\/3319535.3363224"},{"key":"40_CR2","doi-asserted-by":"crossref","unstructured":"Han, X., Pasquier, T., Bates, A., Mickens, J., Seltzer, M.: UNICORN: runtime provenance-based detector for advanced persistent threats. In: Proceedings 2020 Network and Distributed System Security Symposium (2020)","DOI":"10.14722\/ndss.2020.24046"},{"key":"40_CR3","unstructured":"Guo, J., Li, R., Zhang, Y., Wang, G.: Graph neural network based anomaly detection in dynamic networks. Ruan Jian Xue Bao\/J. Softw. 31(3), 748\u2013762 (2020). (in Chinese)"},{"key":"40_CR4","unstructured":"Rossi, E., Chamberlain, B., Frasca, F., Eynard, D., Monti, F., Bronstein, M.: Temporal Graph Networks for Deep Learning on Dynamic Graphs. arXiv:2006.10637 [cs, stat]. (2020)"},{"key":"40_CR5","doi-asserted-by":"crossref","unstructured":"More, S., Matthews, M., Joshi, A., Finin, T.: A knowledge-based approach to intrusion detection modeling. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 75\u201381 (2012)","DOI":"10.1109\/SPW.2012.26"},{"key":"40_CR6","doi-asserted-by":"publisher","first-page":"6","DOI":"10.3390\/computers6010006","volume":"6","author":"I Karim","year":"2017","unstructured":"Karim, I., Vien, Q.-T., Le, T.A., Mapp, G.: A comparative experimental design and performance analysis of snort-based intrusion detection system in practical computer networks. Computers 6, 6 (2017)","journal-title":"Computers"},{"key":"40_CR7","doi-asserted-by":"crossref","unstructured":"Gavai, G., Sricharan, K., Gunning, D., Rolleston, R., Hanley, J., Singhal, M.: Detecting insider threat from enterprise social and online activity data. In: Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, pp. 13\u201320. Association for Computing Machinery, New York (2015)","DOI":"10.1145\/2808783.2808784"},{"key":"40_CR8","doi-asserted-by":"crossref","unstructured":"Legg, P.A., Buckley, O., Goldsmith, M., Creese, S.: Caught in the act of an insider attack: detection and assessment of insider threat. In: 2015 IEEE International Symposium on Technologies for Homeland Security (HST), pp. 1\u20136 (2015)","DOI":"10.1109\/THS.2015.7446229"},{"key":"40_CR9","doi-asserted-by":"crossref","unstructured":"Senator, T.E., et al.: Detecting insider threats in a real corporate database of computer usage activity. In: Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1393\u20131401. Association for Computing Machinery, New York (2013)","DOI":"10.1145\/2487575.2488213"},{"key":"40_CR10","doi-asserted-by":"crossref","unstructured":"Du, M., Li, F., Zheng, G., Srikumar, V.: DeepLog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1285\u20131298. Association for Computing Machinery, New York (2017)","DOI":"10.1145\/3133956.3134015"},{"key":"40_CR11","doi-asserted-by":"crossref","unstructured":"Rashid, T., Agrafiotis, I., Nurse, J.R.C.: A new take on detecting insider threats: exploring the use of hidden Markov models. In: Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats, pp. 47\u201356. Association for Computing Machinery, New York (2016)","DOI":"10.1145\/2995959.2995964"},{"key":"40_CR12","doi-asserted-by":"crossref","unstructured":"Shen, Y., Mariconti, E., Vervier, P.A., Stringhini, G.: Tiresias: predicting security events through deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 592\u2013605. Association for Computing Machinery, New York (2018)","DOI":"10.1145\/3243734.3243811"},{"key":"40_CR13","unstructured":"Hossain, M.N., et al.: {SLEUTH}: real-time attack scenario reconstruction from {COTS} audit data. Presented at the 26th {USENIX} Security Symposium ({USENIX} Security 17) (2017)"},{"key":"40_CR14","doi-asserted-by":"crossref","unstructured":"Milajerdi, S.M., Gjomemo, R., Eshete, B., Sekar, R., Venkatakrishnan, V.N.: HOLMES: real-time APT detection through correlation of suspicious information flows. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1137\u20131152 (2019)","DOI":"10.1109\/SP.2019.00026"},{"key":"40_CR15","doi-asserted-by":"crossref","unstructured":"Backes, M., Humbert, M., Pang, J., Zhang, Y.: walk2friends: inferring social links from mobility profiles. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1943\u20131957. Association for Computing Machinery, New York (2017)","DOI":"10.1145\/3133956.3133972"},{"key":"40_CR16","first-page":"2","volume":"14","author":"G Hinton","year":"2012","unstructured":"Hinton, G., Srivastava, N., Swersky, K.: Neural networks for machine learning lecture 6a overview of mini-batch gradient descent. Cited on 14, 2 (2012)","journal-title":"Cited on"},{"key":"40_CR17","doi-asserted-by":"crossref","unstructured":"Kent, A.D.: Cyber security data sources for dynamic network research. In: Dynamic Networks and Cyber-Security, pp. 37\u201365. World Scientific (Europe) (2015)","DOI":"10.1142\/9781786340757_0002"},{"key":"40_CR18","unstructured":"The CERT Division: Insider Threat Tools. https:\/\/www.cert.org\/insiderthreat\/tools\/. Accessed 17 Sept 2021"}],"container-title":["Lecture Notes in Computer Science","Database Systems for Advanced Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-00129-1_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,12]],"date-time":"2022-07-12T09:15:38Z","timestamp":1657617338000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-00129-1_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031001284","9783031001291"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-00129-1_40","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 April 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DASFAA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Database Systems for Advanced Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 April 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 April 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dasfaa2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dasfaa2022.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"CMT","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"543","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"72","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"13% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Conference was originally planned to take place in Hyberabad, India. 24 other papers are included in the volume.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}