{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,21]],"date-time":"2026-05-21T03:49:24Z","timestamp":1779335364053,"version":"3.51.4"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031106835","type":"print"},{"value":"9783031106842","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-10684-2_7","type":"book-chapter","created":{"date-parts":[[2022,7,12]],"date-time":"2022-07-12T07:05:06Z","timestamp":1657609506000},"page":"110-122","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Knowledge Mining in\u00a0Cybersecurity: From Attack to\u00a0Defense"],"prefix":"10.1007","author":[{"given":"Khandakar Ashrafi","family":"Akbar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sadaf Md","family":"Halim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yibo","family":"Hu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Latifur","family":"Khan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bhavani","family":"Thuraisingham","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,7,13]]},"reference":[{"key":"7_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-92571-0_1","volume-title":"Information Systems Security","author":"KA Akbar","year":"2021","unstructured":"Akbar, K.A., Wang, Y., Islam, M.S., Singhal, A., Khan, L., Thuraisingham, B.: Identifying tactics of\u00a0advanced persistent threats with\u00a0limited attack traces. In: Tripathy, S., Shyamasundar, R.K., Ranjan, R. (eds.) ICISS 2021. LNCS, vol. 13146, pp. 3\u201325. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92571-0_1"},{"key":"7_CR2","doi-asserted-by":"publisher","unstructured":"Ayoade, G., et al.: Evolving advanced persistent threat detection using provenance graph and metric learning. In: 2020 IEEE Conference on Communications and Network Security (CNS), pp. 1\u20139 (2020). https:\/\/doi.org\/10.1109\/CNS48642.2020.9162264","DOI":"10.1109\/CNS48642.2020.9162264"},{"key":"7_CR3","doi-asserted-by":"publisher","unstructured":"Ayoade, G., Chandra, S., Khan, L., Hamlen, K., Thuraisingham, B.: Automated threat report classification over multi-source data. In: 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC), pp. 236\u2013245 (2018). https:\/\/doi.org\/10.1109\/CIC.2018.00040","DOI":"10.1109\/CIC.2018.00040"},{"key":"7_CR4","doi-asserted-by":"crossref","unstructured":"Booth, H., Rike, D., Witte, G.: The national vulnerability database (NVD): Overview (2013-12-18 2013). https:\/\/tsapps.nist.gov\/publication\/get_pdf.cfm?pub_id=915172","DOI":"10.1016\/S0969-4765(13)70130-9"},{"key":"7_CR5","doi-asserted-by":"publisher","unstructured":"Debnath, B., et al.: Loglens: a real-time log analysis system. In: 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), pp. 1052\u20131062 (2018). https:\/\/doi.org\/10.1109\/ICDCS.2018.00105","DOI":"10.1109\/ICDCS.2018.00105"},{"key":"7_CR6","unstructured":"Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. In: NAACL (2019)"},{"key":"7_CR7","unstructured":"Face, H.: RoBERTae (2019). https:\/\/huggingface.co\/docs\/transformers\/model_doc\/roberta. Accessed 26 Mar 2022"},{"key":"7_CR8","unstructured":"GloVe: Global vectors for word representation (2014). https:\/\/nlp.stanford.edu\/projects\/glove\/. Accessed 21 Mar 2022"},{"key":"7_CR9","unstructured":"Han, J., Khan, L., Masud, M., Gao, J., Thuraisingham, B.: Systems and methods for detecting a novel data class, October 2015, 9165051"},{"key":"7_CR10","first-page":"80","volume":"1","author":"EM Hutchins","year":"2011","unstructured":"Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Lead. Issues Inf. Warfare Secur. Res. 1, 80 (2011)","journal-title":"Lead. Issues Inf. Warfare Secur. Res."},{"key":"7_CR11","unstructured":"Jibilian, I., Canales, K.: The US is readying sanctions against Russia over the SolarWinds cyber attack. Here\u2019s a simple explanation of how the massive hack happened and why it\u2019s such a big deal (2021). https:\/\/www.businessinsider.com\/solarwinds-hack-explained-government-agencies-cyber-security-2020-12. Accessed 13-April 2022"},{"key":"7_CR12","unstructured":"Liu, Y., et al.: RoBERTa: a robustly optimized BERT pretraining approach. arXiv:abs\/1907.11692 (2019)"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-642-13672-6_31","volume-title":"Advances in Knowledge Discovery and Data Mining","author":"MM Masud","year":"2010","unstructured":"Masud, M.M., Gao, J., Khan, L., Han, J., Thuraisingham, B.: Classification and novel class detection in data streams with active mining. In: Zaki, M.J., Yu, J.X., Ravindran, B., Pudi, V. (eds.) PAKDD 2010. LNCS (LNAI), vol. 6119, pp. 311\u2013324. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13672-6_31"},{"key":"7_CR14","unstructured":"Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estimation of word representations in vector space (2013)"},{"key":"7_CR15","unstructured":"Mikolov, T., Sutskever, I., Chen, K., Corrado, G., Dean, J.: Distributed representations of words and phrases and their compositionality. CoRR abs\/1310.4546 (2013). http:\/\/arxiv.org\/abs\/1310.4546"},{"key":"7_CR16","unstructured":"MITRE: CVE. https:\/\/cve.mitre.org\/"},{"key":"7_CR17","unstructured":"MITRE: Enterprise matrix (2015\u20132021). https:\/\/attack.mitre.org\/matrices\/enterprise\/. Accessed 10 Mar 2022"},{"key":"7_CR18","unstructured":"MITRE: D3fend (2021). https:\/\/d3fend.mitre.org. Accessed 10 Mar 2022"},{"key":"7_CR19","unstructured":"OpenCV: Zero-shot learning : An introduction (2020). https:\/\/learnopencv.com\/zero-shot-learning-an-introduction\/. Accessed 13 Mar 2022"},{"key":"7_CR20","unstructured":"OpenIOC: Open indicator of compromise (2013). https:\/\/www.fireeye.com\/blog\/threat-research\/2013\/10\/openioc-basics.html. Accessed 18 June 2021"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Pennington, J., Socher, R., Manning, C.D.: Glove: Global vectors for word representation. In: Empirical Methods in Natural Language Processing (EMNLP), pp. 1532\u20131543 (2014). http:\/\/www.aclweb.org\/anthology\/D14-1162","DOI":"10.3115\/v1\/D14-1162"},{"key":"7_CR22","doi-asserted-by":"publisher","unstructured":"Sammut, C., Webb, G.I. (eds.): TF-IDF, pp. 986\u2013987. Springer, US, Boston, MA (2010). https:\/\/doi.org\/10.1007\/978-0-387-30164-8_832","DOI":"10.1007\/978-0-387-30164-8_832"},{"key":"7_CR23","unstructured":"STIX: Structured threat information expression (2021). https:\/\/oasis-open.github.io\/cti-documentation. Accessed 18 June 2021"},{"key":"7_CR24","unstructured":"Strom, B.E., et al.: Finding cyber threats with ATT &CK - based analytics, June 2017. https:\/\/www.mitre.org\/publications\/technical-papers\/finding-cyber-threats-with-attck-based-analytics"},{"key":"7_CR25","unstructured":"TAXII: Trusted automated exchange of intelligence information (2021). https:\/\/oasis-open.github.io\/cti-documentation. Accessed 18 June 2021"},{"key":"7_CR26","doi-asserted-by":"publisher","unstructured":"Zou, Q., Singhal, A., Sun, X., Liu, P.: Deep learning for detecting network attacks: an end to end approach. No. 12840, DBSec 2021: Data and Applications Security and Privacy XXXV, Virtual, US (2021-07-19 04:07:00 2021). https:\/\/doi.org\/10.1007\/978-3-030-81242-3_13, https:\/\/tsapps.nist.gov\/publication\/get_pdf.cfm?pub_id=930878","DOI":"10.1007\/978-3-030-81242-3_13"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXXVI"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-10684-2_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,12]],"date-time":"2022-07-12T07:07:50Z","timestamp":1657609670000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-10684-2_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031106835","9783031106842"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-10684-2_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"13 July 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DBSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP Annual Conference on Data and Applications Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Newark, NJ","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 July 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 July 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dbsec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/cs.iit.edu\/~dbsec2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"36% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}