{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,20]],"date-time":"2026-05-20T21:27:16Z","timestamp":1779312436373,"version":"3.51.4"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031637483","type":"print"},{"value":"9783031637490","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-63749-0_6","type":"book-chapter","created":{"date-parts":[[2024,6,27]],"date-time":"2024-06-27T19:21:12Z","timestamp":1719516072000},"page":"78-93","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["From Fine-Grained to\u00a0Refined: APT Malware Knowledge Graph Construction and\u00a0Attribution Analysis Driven by\u00a0Multi-stage Graph Computation"],"prefix":"10.1007","author":[{"given":"Rongqi","family":"Jing","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhengwei","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qiuyun","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shuwei","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hao","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiao","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,6,28]]},"reference":[{"key":"6_CR1","unstructured":"Malware Attribute Enumeration and Characterization (MAEC) (2023). https:\/\/maecproject.github.io\/. Accessed 11 Nov 2023"},{"key":"6_CR2","doi-asserted-by":"publisher","unstructured":"Balan, G., Gavrilu\u0163, D.T., Luchian, H.: Using API calls for sequence-pattern feature mining-based malware detection. In: Su, C., Gritzalis, D., Piuri, V. (eds.) ISPEC 2022, pp. 233\u2013251. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-21280-2_13","DOI":"10.1007\/978-3-031-21280-2_13"},{"key":"6_CR3","doi-asserted-by":"crossref","unstructured":"Busch, J., Kocheturov, A., Tresp, V., Seidl, T.: Nf-gnn: network flow graph neural networks for malware detection and classification. In: Proceedings of the 33rd International Conference on Scientific and Statistical Database Management, pp. 121\u2013132. Association for Computing Machinery (2021)","DOI":"10.1145\/3468791.3468814"},{"key":"6_CR4","first-page":"5439","volume":"13","author":"HY Chang","year":"2023","unstructured":"Chang, H.Y., Yang, T.Y., Zhuang, C.J., Tseng, W.L.: Ransomware detection by distinguishing api call sequences through lstm and bert models. Comput. J. 13, 5439 (2023)","journal-title":"Comput. J."},{"key":"6_CR5","doi-asserted-by":"publisher","first-page":"698","DOI":"10.1057\/s41288-022-00266-6","volume":"47","author":"F Cremer","year":"2022","unstructured":"Cremer, F., Sheehan, B., Fortmann, M., Kia, A.N., Mullins, M., Murphy, F., Materne, S.: Cyber risk and cybersecurity: a systematic review of data availability. Geneva Papers Risk Insur. Issues Pract. 47, 698\u2013736 (2022)","journal-title":"Geneva Papers Risk Insur. Issues Pract."},{"key":"6_CR6","unstructured":"CyberMonitor, Robert\u00a0Haist, K., et al.: APT and cybercriminals campaign collection. GitHub repository (2022). https:\/\/github.com\/CyberMonitor\/APT_CyberCriminal_Campagin_Collections"},{"issue":"12","key":"6_CR7","doi-asserted-by":"publisher","first-page":"14005","DOI":"10.1007\/s10489-021-03138-z","volume":"52","author":"C Do Xuan","year":"2022","unstructured":"Do Xuan, C., Huong, D.: A new approach for apt malware detection based on deep graph network for endpoint systems. Appl. Intell. 52(12), 14005\u201314024 (2022)","journal-title":"Appl. Intell."},{"key":"6_CR8","unstructured":"Dutta, S., Rastogi, N., Yee, D., Gu, C., Ma, Q.: Malware knowledge graph: a comprehensive knowledge base for malware analysis and detection. In: 2021 IEEE Network Security and Privacy Protection International Conference (NSPW) (2021)"},{"key":"6_CR9","unstructured":"Feurer, M., et\u00a0al.: auto-sklearn: automated machine learning toolkit (2023). https:\/\/automl.github.io\/auto-sklearn\/master\/. gitHub repository"},{"key":"6_CR10","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/s42979-023-01744-x","volume":"4","author":"MM Hasan","year":"2023","unstructured":"Hasan, M.M., Islam, M.U., Uddin, J.: Advanced persistent threat identification with boosting and explainable AI. SN Comput. Sci. 4, 271\u2013279 (2023)","journal-title":"SN Comput. Sci."},{"key":"6_CR11","doi-asserted-by":"publisher","unstructured":"Kiesling, E., Ekelhart, A., Kurniawan, K., Ekaputra, F.: The SEPSES knowledge graph: an integrated resource for cybersecurity. In: Ghidini, C., et al. (eds.) ISWC 2019. LNCS, vol. 11779, pp. 198\u2013214. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-30796-7_13","DOI":"10.1007\/978-3-030-30796-7_13"},{"key":"6_CR12","unstructured":"Kiran\u00a0Bandla, S.C.: Aptnotes data. GitHub repository (2021). https:\/\/github.com\/aptnotes\/data"},{"key":"6_CR13","doi-asserted-by":"publisher","first-page":"2894","DOI":"10.3390\/app13052894","volume":"13","author":"K Lee","year":"2023","unstructured":"Lee, K., Lee, J., Yim, K.: Classification and analysis of malicious code detection techniques based on the apt attack. Appl. Sci. 13, 2894 (2023)","journal-title":"Appl. Sci."},{"key":"6_CR14","doi-asserted-by":"publisher","first-page":"4182","DOI":"10.1007\/s11227-021-04020-y","volume":"78","author":"S Li","year":"2022","unstructured":"Li, S., Zhou, Q., Zhou, R., Lv, Q.: Intelligent malware detection based on graph convolutional network. J. Supercomput. 78, 4182\u20134198 (2022)","journal-title":"J. Supercomput."},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Li, S., Zhang, Q., Wu, X., Han, W., Tian, Z.: Attribution classification method of apt malware in IoT using machine learning techniques. Secur. Commun. Netw. 2021, 1\u201312 (2021)","DOI":"10.1155\/2021\/9396141"},{"key":"6_CR16","doi-asserted-by":"publisher","unstructured":"Li, Z., Zeng, J., Chen, Y., Liang, Z.: AttacKG: constructing technique knowledge graph from\u00a0cyber threat intelligence Reports. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds.) ESORICS 2022, pp. 589\u2013609. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-17140-6_29","DOI":"10.1007\/978-3-031-17140-6_29"},{"key":"6_CR17","unstructured":"MLG at Neo4j. Community detection (2022). https:\/\/neo4j.com\/docs\/graph-data-science\/current\/algorithms\/community\/"},{"key":"6_CR18","doi-asserted-by":"publisher","unstructured":"Moon, H.-J., Bu, S.-J., Cho, S.-B.: Directional graph transformer-based control flow embedding for malware classification. In: Yin, H., et al. (eds.) IDEAL 2021. LNCS, vol. 13113, pp. 426\u2013436. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-91608-4_42","DOI":"10.1007\/978-3-030-91608-4_42"},{"key":"6_CR19","doi-asserted-by":"publisher","first-page":"13071","DOI":"10.1007\/s10462-023-10465-9","volume":"56","author":"C Peng","year":"2023","unstructured":"Peng, C., Xia, F., Naseriparsa, M., Osborne, F.: Knowledge graphs: opportunities and challenges. Artif. Intell. Rev. 56, 13071\u201313102 (2023)","journal-title":"Artif. Intell. Rev."},{"key":"6_CR20","unstructured":"RedDrip7. Apt_digital_weapon: indicators of compromise (IOCS) collected from public resources and categorized by qi-anxin. GitHub repository (2022)"},{"key":"6_CR21","first-page":"5695","volume":"35","author":"Y Ren","year":"2023","unstructured":"Ren, Y., Xiao, Y., Zhou, Y., Zhang, Z., Tian, Z.: Cskg4apt: a cybersecurity knowledge graph for advanced persistent threat organization attribution. IEEE Trans. Knowl. Data Eng. 35, 5695\u20135709 (2023)","journal-title":"IEEE Trans. Knowl. Data Eng."},{"key":"6_CR22","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/s00287-022-01489-6","volume":"45","author":"M Renz","year":"2022","unstructured":"Renz, M., Kr\u00f6ger, P., Koschmider, A., Landsiedel, O., de Sousa, N.T.: Cross domain fusion for spatiotemporal applications: taking interdisciplinary, holistic research to the next level. Informatik Spektrum 45, 271\u2013277 (2022)","journal-title":"Informatik Spektrum"},{"key":"6_CR23","doi-asserted-by":"publisher","unstructured":"Sahoo, D.: Cyber threat attribution with multi-view heuristic analysis. In: Choo, K.-K.R., Dehghantanha, A. (eds.) Handbook of Big Data Analytics and Forensics, pp. 53\u201373. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-74753-4_4","DOI":"10.1007\/978-3-030-74753-4_4"},{"key":"6_CR24","doi-asserted-by":"publisher","first-page":"9355","DOI":"10.1007\/s12652-023-04603-y","volume":"14","author":"A Sharma","year":"2023","unstructured":"Sharma, A., Gupta, B.B., Singh, A.K., Saraswat, V.K.: Advanced persistent threats (apt): evolution, anatomy, attribution and countermeasures. J. Ambient. Intell. Humaniz. Comput. 14, 9355\u20139381 (2023)","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"6_CR25","doi-asserted-by":"publisher","first-page":"3511","DOI":"10.1007\/s10115-023-01860-3","volume":"65","author":"LF Sikos","year":"2023","unstructured":"Sikos, L.F.: Cybersecurity knowledge graphs. Knowl. Inf. Syst. 65, 3511\u20133531 (2023)","journal-title":"Knowl. Inf. Syst."},{"key":"6_CR26","doi-asserted-by":"crossref","unstructured":"Soni, H., Kishore, P., Mohapatra, D.P.: Opcode and API based machine learning framework for malware classification. In: 2022 2nd International Conference on Intelligent Technologies (CONIT), pp.\u00a01\u20137 (2022)","DOI":"10.1109\/CONIT55038.2022.9848152"},{"key":"6_CR27","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102515","volume":"112","author":"A Tekerek","year":"2022","unstructured":"Tekerek, A., Yapici, M.M.: A novel malware classification and augmentation model based on convolutional neural network. Comput. Secur. 112, 102515 (2022)","journal-title":"Comput. Secur."},{"key":"6_CR28","unstructured":"VirusTotal. Virustotal: analyse suspicious files and URLs to detect malware. Website (2022). https:\/\/www.virustotal.com\/"},{"key":"6_CR29","doi-asserted-by":"crossref","unstructured":"Wai, F.K., Thing, V.L.L.: Clustering based opcode graph generation for malware variant detection. In: 2021 18th International Conference on Privacy, Security and Trust (PST), pp. 1\u201311 (2021)","DOI":"10.1109\/PST52912.2021.9647814"},{"key":"6_CR30","doi-asserted-by":"publisher","first-page":"8077220","DOI":"10.1155\/2021\/8077220","volume":"2021","author":"C Wei","year":"2021","unstructured":"Wei, C., Li, Q., Guo, D., Meng, X.: Toward identifying apt malware through API system calls. Secur. Commun. Netw. 2021, 8077220 (2021)","journal-title":"Secur. Commun. Netw."},{"key":"6_CR31","doi-asserted-by":"publisher","first-page":"8643","DOI":"10.1007\/s00521-021-06808-8","volume":"34","author":"XW Wu","year":"2022","unstructured":"Wu, X.W., Wang, Y., Fang, Y., Jia, P.: Embedding vector generation based on function call graph for effective malware detection and classification. Neural Comput. Appl. 34, 8643\u20138656 (2022)","journal-title":"Neural Comput. Appl."},{"key":"6_CR32","doi-asserted-by":"publisher","first-page":"13251","DOI":"10.1007\/s00521-021-05952-5","volume":"33","author":"CD Xuan","year":"2021","unstructured":"Xuan, C.D., Dao, M.H.: A novel approach for apt attack detection based on combined deep learning model. Neural Comput. Appl. 33, 13251\u201313264 (2021)","journal-title":"Neural Comput. Appl."}],"container-title":["Lecture Notes in Computer Science","Computational Science \u2013 ICCS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-63749-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,27]],"date-time":"2024-06-27T19:22:53Z","timestamp":1719516173000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-63749-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031637483","9783031637490"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-63749-0_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"28 June 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Computational Science","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Malaga","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 July 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iccs-computsci2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iccs-meeting.org\/iccs2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}