{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,6]],"date-time":"2026-06-06T17:15:58Z","timestamp":1780766158075,"version":"3.54.1"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031709029","type":"print"},{"value":"9783031709036","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70903-6_4","type":"book-chapter","created":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:04:30Z","timestamp":1725487470000},"page":"65-85","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Leveraging Hierarchies: HMCAT for\u00a0Efficiently Mapping CTI to\u00a0Attack Techniques"],"prefix":"10.1007","author":[{"given":"Zhiqiang","family":"Hao","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chuanyi","family":"Li","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xiao","family":"Fu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bin","family":"Luo","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xiaojiang","family":"Du","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2024,9,5]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Alves, P.M.M.R., Geraldo\u00a0Filho, P.R., Gon\u00e7alves, V.P.: Leveraging BERT\u2019s power to classify TTP from unstructured text. In: 2022 Workshop on Communication Networks and Power Systems (WCNPS), pp. 1\u20137. IEEE (2022)","DOI":"10.1109\/WCNPS56355.2022.9969697"},{"key":"4_CR2","unstructured":"Ampel, B., Samtani, S., Ullman, S., Chen, H.: Linking common vulnerabilities and exposures to the MITRE ATT &CK framework: a self-distillation approach. arXiv preprint arXiv:2108.01696 (2021)"},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Antle, A.N.: The CTI framework: informing the design of tangible systems for children. In: Proceedings of the 1st International Conference on Tangible and Embedded Interaction, pp. 195\u2013202 (2007)","DOI":"10.1145\/1226969.1227010"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Applebaum, A., Miller, D., Strom, B., Korban, C., Wolf, R.: Intelligent, automated red team emulation. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 363\u2013373 (2016)","DOI":"10.1145\/2991079.2991111"},{"key":"4_CR5","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1016\/S2212-5671(15)01077-1","volume":"28","author":"A Bendovschi","year":"2015","unstructured":"Bendovschi, A.: Cyber-attacks-trends, patterns and security countermeasures. Procedia Econ. Financ. 28, 24\u201331 (2015)","journal-title":"Procedia Econ. Financ."},{"key":"4_CR6","unstructured":"Brown, R., Lee, R.M.: The evolution of cyber threat intelligence (CTI): 2019 sans CTI survey. SANS Institute (2019). https:\/\/www.sans.org\/white-papers\/38790\/. Accessed 12 July 2021"},{"key":"4_CR7","unstructured":"Brown, T.B., et al.: Language models are few-shot learners (2020)"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Chen, H., Ma, Q., Lin, Z., Yan, J.: Hierarchy-aware label semantics matching network for hierarchical text classification. In: Proceedings of the 59th Annual Meeting of the Association for Computational Linguistics and the 11th International Joint Conference on Natural Language Processing (Volume 1: Long Papers), pp. 4370\u20134379 (2021)","DOI":"10.18653\/v1\/2021.acl-long.337"},{"key":"4_CR9","unstructured":"MITRE Corporation. MITRE ATT &CK. https:\/\/attack.mitre.org\/"},{"key":"4_CR10","unstructured":"CTID. Fin6 adversary plan. https:\/\/github.com\/center-for-threat-informed defense\/adversary_emulation_library\/tree\/master\/fin6"},{"key":"4_CR11","unstructured":"Devlin, J., Chang, M.-W., Lee, K., Toutanova, K.: Bert: pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018)"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Dion\u00edsio, N., Alves, F., Ferreira, P.M., Bessani, A.: Cyberthreat detection from twitter using deep neural networks (2019)","DOI":"10.1109\/IJCNN.2019.8852475"},{"key":"4_CR13","unstructured":"Hemberg, E., et al.: Linking threat tactics, techniques, and patterns with defensive weaknesses, vulnerabilities and affected platform configurations for cyber hunting. arXiv preprint arXiv:2010.00533 (2020)"},{"key":"4_CR14","unstructured":"Hutchins, E., Cloppert, M., Amin, R.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains, whitepaper, lockheed martin corp., nov. 2011 (2010)"},{"key":"4_CR15","unstructured":"Legoy, V., Caselli, M., Seifert, C., Peter, A.: Automated retrieval of ATT &CK tactics and techniques for cyber threat reports. arXiv preprint arXiv:2004.14322 (2020)"},{"issue":"Apr","key":"4_CR16","first-page":"361","volume":"5","author":"DD Lewis","year":"2004","unstructured":"Lewis, D.D., Yang, Y., Russell-Rose, T., Li, F.: RCV1: a new benchmark collection for text categorization research. J. Mach. Learn. Res. 5(Apr), 361\u2013397 (2004)","journal-title":"J. Mach. Learn. Res."},{"key":"4_CR17","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2022.108826","volume":"122","author":"C Liu","year":"2022","unstructured":"Liu, C., Wang, J., Chen, X.: Threat intelligence ATT &CK extraction based on the attention transformer hierarchical recurrent neural network. Appl. Soft. Comput. 122, 108826 (2022)","journal-title":"Appl. Soft. Comput."},{"key":"4_CR18","unstructured":"Liu, Y., et al.: Roberta: a robustly optimized bert pretraining approach. arXiv preprint arXiv:1907.11692 (2019)"},{"key":"4_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.compind.2020.103225","volume":"121","author":"D Mazzini","year":"2020","unstructured":"Mazzini, D., Napoletano, P., Piccoli, F., Schettini, R.: A novel approach to data augmentation for pavement distress segmentation. Comput. Ind. 121, 103225 (2020)","journal-title":"Comput. Ind."},{"key":"4_CR20","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"406","DOI":"10.1007\/978-3-030-37228-6_20","volume-title":"Security and Privacy in Communication Networks","author":"K Oosthoek","year":"2019","unstructured":"Oosthoek, K., Doerr, C.: SoK: ATT &CK techniques and trends in windows malware. In: Chen, S., Choo, K.-K.R., Fu, X., Lou, W., Mohaisen, A. (eds.) SecureComm 2019. LNICST, vol. 304, pp. 406\u2013425. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-37228-6_20"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Orbinato, V., Barbaraci, M., Natella, R., Cotroneo, D.: Automatic mapping of unstructured cyber threat intelligence: an experimental study. arXiv preprint arXiv:2208.12144 (2022)","DOI":"10.1109\/ISSRE55969.2022.00027"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Reimers, N., Gurevych, I.: Sentence-BERT: sentence embeddings using siamese BERT-networks. arXiv preprint arXiv:1908.10084 (2019)","DOI":"10.18653\/v1\/D19-1410"},{"key":"4_CR23","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1016\/j.jcss.2016.08.005","volume":"98","author":"D Tosh","year":"2018","unstructured":"Tosh, D., Sengupta, S., Kamhoua, C.A., Kwiat, K.A.: Establishing evolutionary game models for cyber security information exchange (CYBEX). J. Comput. Syst. Sci. 98, 27\u201352 (2018)","journal-title":"J. Comput. Syst. Sci."},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Wang, B., Chen, L., Sun, W., Qin, K., Li, K., Zhou, H.: Ranking-based autoencoder for extreme multi-label classification. arXiv preprint arXiv:1904.05937 (2019)","DOI":"10.18653\/v1\/N19-1289"},{"key":"4_CR25","unstructured":"Wu, Y., et al.: Price tag: towards semi-automatically discovery tactics, techniques and procedures of e-commerce cyber threat intelligence. IEEE Trans. Dependable Secure Comput. (2021)"},{"issue":"1","key":"4_CR26","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1186\/s42400-021-00106-5","volume":"5","author":"Y You","year":"2022","unstructured":"You, Y., et al.: Tim: threat context-enhanced TTP intelligence mining on unstructured threat data. Cybersecurity 5(1), 3 (2022)","journal-title":"Cybersecurity"},{"issue":"8","key":"4_CR27","first-page":"1870","volume":"66","author":"Yu Zhongkun","year":"2022","unstructured":"Zhongkun, Yu., Wang, J.F., Tang, B.H., Li, L.: Tactics and techniques classification in cyber threat intelligence. Comput. J. 66(8), 1870\u20131881 (2022)","journal-title":"Comput. J."},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Zhou, J., et al.: Hierarchy-aware global model for hierarchical text classification. In: Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics, pp. 1106\u20131117 (2020)","DOI":"10.18653\/v1\/2020.acl-main.104"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70903-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T22:05:36Z","timestamp":1725487536000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70903-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031709029","9783031709036"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70903-6_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"5 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}