{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T12:10:12Z","timestamp":1767960612194,"version":"3.49.0"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031429903","type":"print"},{"value":"9783031429910","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-42991-0_10","type":"book-chapter","created":{"date-parts":[[2023,10,18]],"date-time":"2023-10-18T12:02:32Z","timestamp":1697630552000},"page":"179-201","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Identifying Superspreaders by Ranking System Object Instance Graphs"],"prefix":"10.1007","author":[{"given":"Rajani","family":"Suryavanshi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaoyan","family":"Sun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Dai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,10,19]]},"reference":[{"key":"10_CR1","doi-asserted-by":"crossref","unstructured":"P. Ammann, D. Wijesekera and S. Kaushik, Scalable graph-based network vulnerability analysis, Proceedings of the Ninth ACM Conference on Computer and Communications Security, pp. 217\u2013224, 2002.","DOI":"10.1145\/586110.586140"},{"key":"10_CR2","unstructured":"A. Bates, D. Tian, K. Butler and T. Moyer, Trustworthy whole-system provenance for the Linux kernel, Proceedings of the Twenty-Fourth USENIX Security Symposium, pp. 319\u2013334, 2015."},{"key":"10_CR3","doi-asserted-by":"crossref","unstructured":"U. Braun, S. Garfinkel, D. Holland, K. Muniswamy-Reddy and M. Seltzer, Issues in automatic provenance collection, in Provenance and Annotation of Data, L. Moreau and I. Foster (Eds.), Springer, Berlin Heidelberg, Germany, pp. 171\u2013183, 2006.","DOI":"10.1007\/11890850_18"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"J. Dai, X. Sun and P. Liu, Patrol: Revealing zero-day attack paths through network-wide system object dependencies, Proceedings of the Eighteenth European Symposium on Research in Computer Security, pp. 536\u2013555, 2013.","DOI":"10.1007\/978-3-642-40203-6_30"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"A. Gehani and D. Tariq, SPADE: Support for provenance auditing in distributed environments, Proceedings of the Thirteenth ACM\/ IFIP\/USENIX International Middleware Conference, pp. 101\u2013120, 2012.","DOI":"10.1007\/978-3-642-35170-9_6"},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"D. Gleich, PageRank beyond the web, SIAM Review, vol. 57(3), pp. 321\u2013363, 2015.","DOI":"10.1137\/140976649"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"A. Goel, W. Feng, D. Maier, W. Feng and J. Walpol, Forensix: A robust high-performance reconstruction system, Proceedings of the Twenty-Fifth IEEE International Conference on Distributed Computing Systems, pp. 155\u2013162, 2005.","DOI":"10.1109\/ICDCSW.2005.62"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"A. Goel, K. Po, K. Farhadi, Z. Li and E. de Lara, The Taser intrusion recovery system, ACM SIGOPS Operating Systems Review, vol. 39(5), pp. 163\u2013176, 2005.","DOI":"10.1145\/1095809.1095826"},{"key":"10_CR9","unstructured":"M. Hossain, S. Milajerdi, J. Wang, B. Eshete, R. Gjomemo, R. Sekar, S. Stoller and V. Venkatakrishnan, SLEUTH: Real-time attack scenario reconstruction from COTS audit data, Proceedings of the Twenty-Sixth USENIX Security Symposium, pp. 487\u2013504, 2017."},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"H. Huang, S. Zhang, X. Ou, A. Prakash and K. Sakallah, Distilling critical attack graph surface iteratively through minimum-cost SAT solving, Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, pp. 31\u201340, 2011.","DOI":"10.1145\/2076732.2076738"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"K. Ingols, R. Lippmann and K. Piwowarski, Practical attack graph generation for network defense, Proceedings of the Twenty-Second Annual Computer Security Applications Conference, pp. 121\u2013130, 2006.","DOI":"10.1109\/ACSAC.2006.39"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"S. Jajodia, S. Noel and B. O\u2019Berry, Topological analysis of network attack vulnerability, in Managing Cyber Threats, V. Kumar, J. Srivastava and A. Lazarevic (Eds.), Springer, Boston, Massachusetts, pp. 247\u2013266, 2005.","DOI":"10.1007\/0-387-24230-9_9"},{"key":"10_CR13","unstructured":"X. Jiang, A. Walters, D. Xu, E. Spafford, F. Buchholz and Y. Wang, Provenance-aware tracing of worm break-in and contaminations: A process coloring approach, Proceedings of the Twenty-Sixth IEEE International Conference on Distributed Computing Systems, 2006."},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"S. King and P. Chen, Backtracking intrusions, ACM SIGOPS Operating Systems Review, vol. 37(5), pp. 223\u2013236, 2003.","DOI":"10.1145\/1165389.945467"},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"S. Ma, X. Zhang and D. Xu, ProTracer: Towards practical provenance tracing by alternating between logging and tainting, Proceedings of the Twenty-Third Annual Network and Distributed System Security Symposium, 2016.","DOI":"10.14722\/ndss.2016.23350"},{"key":"10_CR16","unstructured":"MITRE Corporation, CVE-2008-0166, Common Vulnerabilities and Exposures, Bedford, Massachusetts (cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2008-0166), January 9, 2008."},{"key":"10_CR17","unstructured":"MITRE Corporation, CVE-2009-2692, Common Vulnerabilities and Exposures, Bedford, Massachusetts (cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2009-2692), August 5, 2009."},{"key":"10_CR18","unstructured":"K. Muniswamy-Reddy, D. Holland, U. Braun and M. Seltzer, Provenance-aware storage systems, Proceedings of the USENIX Annual Technical Conference, pp. 43\u201356, 2006."},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"S. Noel and S. Jajodia, Managing attack graph complexity through visual hierarchical aggregation, Proceedings of the ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109\u2013118, 2004.","DOI":"10.1145\/1029208.1029225"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"S. Noel, S. Jajodia, B. O\u2019Berry and M. Jacobs, Efficient minimum-cost network hardening via exploit dependency graphs, Proceedings of the Nineteenth Annual Computer Security Applications Conference, pp. 86\u201395, 2003.","DOI":"10.1109\/CSAC.2003.1254313"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"X. Ou, W. Boyer and M. McQueen, A scalable approach to attack graph generation, Proceedings of the Thirteenth ACM Conference on Computer and Communications Security, pp. 336\u2013345, 2006.","DOI":"10.1145\/1180405.1180446"},{"key":"10_CR22","unstructured":"X. Ou, S. Govindavajhala and A. Appel, MulVAL: A logic-based network security analyzer, Proceedings of the Fourteenth USENIX Security Symposium, 2005."},{"key":"10_CR23","unstructured":"L. Page, S. Brin, R. Motwani and T. Winograd, The Page-Rank Citation Ranking: Bringing Order to the Web, Technical Report SIDL-WP-1999-0120, Stanford Digital Library Technologies Project, Stanford University, Palo Alto, California, 1998."},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"D. Pohly, S. McLaughlin, P. McDaniel and K. Butler, Hi-Fi: Collecting high-fidelity whole-system provenance, Proceedings of the Twenty-Eighth Annual Computer Security Applications Conference, pp. 259\u2013268, 2012.","DOI":"10.1145\/2420950.2420989"},{"key":"10_CR25","unstructured":"R. Sawilla and X. Ou, Googling Attack Graphs, DRDC Ottawa TM 2007-205, Defence Research and Development Canada, Ottawa, Canada, 2007."},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"R. Sawilla and X. Ou, Identifying critical attack assets in dependency attack graphs, Proceedings of the Thirteenth European Symposium on Research in Computer Security, pp. 18\u201334, 2008.","DOI":"10.1007\/978-3-540-88313-5_2"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"X. Sun, J. Dai, P. Liu, A. Singhal and J. Yen, Towards probabilistic identification of zero-day attack paths, Proceedings of the IEEE Conference on Communications and Network Security, pp. 64\u201372, 2016.","DOI":"10.1109\/CNS.2016.7860471"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"X. Sun, J. Dai, P. Liu, A. Singhal and J. Yen, Using Bayesian networks for probabilistic identification of zero-day attack paths, IEEE Transactions on Information Forensics and Security, vol. 13(10), pp. 2506\u20132521, 2018.","DOI":"10.1109\/TIFS.2018.2821095"}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XIX"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-42991-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T10:35:01Z","timestamp":1767954901000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-42991-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031429903","9783031429910"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-42991-0_10","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"19 October 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 January 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 January 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}