{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T10:30:26Z","timestamp":1762338626021,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031849237"},{"type":"electronic","value":"9783031849244"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-84924-4_15","type":"book-chapter","created":{"date-parts":[[2025,3,17]],"date-time":"2025-03-17T12:00:47Z","timestamp":1742212847000},"page":"233-247","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Exploring Answer Set Programming for\u00a0Provenance Graph-Based Cyber Threat Detection: A Novel Approach"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6401-284X","authenticated-orcid":false,"given":"Fang","family":"Li","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8902-1753","authenticated-orcid":false,"given":"Fei","family":"Zuo","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9727-0362","authenticated-orcid":false,"given":"Gopal","family":"Gupta","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,3,18]]},"reference":[{"key":"15_CR1","volume-title":"Foundations of databases","author":"S Abiteboul","year":"1995","unstructured":"Abiteboul, S., Hull, R., Vianu, V.: Foundations of databases, vol. 8. Addison-Wesley Reading, San Francisco (1995)"},{"key":"15_CR2","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/s13218-018-0533-0","volume":"32","author":"W Adrian","year":"2018","unstructured":"Adrian, W., Alviano, M., Calimeri, F.: Others: the ASP system DLV: advancements and applications. K\u00fcnstl. Intell. 32, 177\u2013179 (2018)","journal-title":"K\u00fcnstl. Intell."},{"issue":"3\u20134","key":"15_CR3","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1017\/S1471068418000285","volume":"18","author":"J Arias","year":"2018","unstructured":"Arias, J., Carro, M., Salazar, E., Marple, K., Gupta, G.: Constraint answer set programming without grounding. Theory Pract. Logic Program. 18(3\u20134), 337\u2013354 (2018)","journal-title":"Theory Pract. Logic Program."},{"key":"15_CR4","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511543357","volume-title":"Knowledge Representation, Reasoning and Declarative Problem Solving","author":"C Baral","year":"2003","unstructured":"Baral, C.: Knowledge Representation, Reasoning and Declarative Problem Solving. Cambridge University Press, Cambridge (2003)"},{"issue":"1","key":"15_CR5","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1017\/S1471068422000072","volume":"23","author":"S Cao Tran","year":"2023","unstructured":"Cao Tran, S., Pontelli, E., Balduccini, M., Schaub, T.: Answer set planning: a survey. Theory Pract. Logic Program. 23(1), 226\u2013298 (2023)","journal-title":"Theory Pract. Logic Program."},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Dal\u00a0Pal\u00f9, A., Dovier, A., Formisano, A., Pontelli, E.: Exploring life: answer set programming in bioinformatics, pp. 359\u2013412. Association for Computing Machinery and Morgan & Claypool (2018)","DOI":"10.1145\/3191315.3191323"},{"key":"15_CR7","unstructured":"Gebser, M., Kaminski, R., Kaufmann, B., Schaub, T.: Clingo= asp+ control. arXiv preprint arXiv:1405.3694 (2014)"},{"key":"15_CR8","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781139342124","volume-title":"Knowledge Representation, Reasoning, and The Design of Intelligent Agents: The Answer-Set Programming Approach","author":"M Gelfond","year":"2014","unstructured":"Gelfond, M., Kahl, Y.: Knowledge Representation, Reasoning, and The Design of Intelligent Agents: The Answer-Set Programming Approach. Cambridge University Press, Cambridge (2014)"},{"key":"15_CR9","unstructured":"Han, X., Pasquier, T., Seltzer, M.: Provenance-based intrusion detection: opportunities and challenges. In: 10th USENIX Workshop on the Theory and Practice of Provenance (2018)"},{"key":"15_CR10","doi-asserted-by":"crossref","unstructured":"Hassan, W.U., Bates, A., Marino, D.: Tactical provenance analysis for endpoint detection and response systems. In: IEEE Symposium on Security and Privacy, pp. 1172\u20131189. IEEE (2020)","DOI":"10.1109\/SP40000.2020.00096"},{"key":"15_CR11","doi-asserted-by":"publisher","first-page":"4363","DOI":"10.1109\/TIFS.2021.3098977","volume":"16","author":"H Irshad","year":"2021","unstructured":"Irshad, H., et al.: Trace: enterprise-wide provenance tracking for real-time APT detection. IEEE Trans. Inf. Forensics Secur. 16, 4363\u20134376 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"15_CR12","unstructured":"Jenkinson, G., et al.: Applying provenance in APT monitoring and analysis: practical challenges for scalable, efficient and trustworthy distributed provenance. In: 9th USENIX Workshop on the Theory and Practice of Provenance (2017)"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Li, Z., Chen, Q.A., Yang, R., Chen, Y., Ruan, W.: Threat detection and investigation with system-level provenance graphs: a survey. Comput. Secur. 106 (2021)","DOI":"10.1016\/j.cose.2021.102282"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Marek, V.W., Truszczy\u0144ski, M.: Stable models and an alternative logic programming paradigm. In: The Logic Programming Paradigm, pp. 375\u2013398. Springer (1999)","DOI":"10.1007\/978-3-642-60085-2_17"},{"key":"15_CR15","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1007\/s10207-018-0421-5","volume":"18","author":"M Rezvani","year":"2019","unstructured":"Rezvani, M., Rajaratnam, D., Ignjatovic, A., Pagnucco, M., Jha, S.: Analyzing XACML policies using answer set programming. Int. J. Inf. Secur. 18, 465\u2013479 (2019)","journal-title":"Int. J. Inf. Secur."},{"key":"15_CR16","doi-asserted-by":"crossref","unstructured":"Schaub, T., Thiele, S.: Metabolic network expansion with answer set programming. In: International Conference on Logic Programming, pp. 312\u2013326. Springer (2009)","DOI":"10.1007\/978-3-642-02846-5_27"},{"issue":"2","key":"15_CR17","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/s44227-023-00014-9","volume":"11","author":"M Shrestha","year":"2023","unstructured":"Shrestha, M., et al.: ProvSec: open cybersecurity system provenance analysis benchmark dataset with labels. Int. J. Netw. Distrib. Comput. 11(2), 112\u2013123 (2023)","journal-title":"Int. J. Netw. Distrib. Comput."},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Sterlicchio, G., Lisi, F.A.: Detecting patterns of attacks to network security in urban air mobility with answer set programming. In: European Conference on Artificial Intelligence, pp. 1285\u20131292. IOS Press (2024)","DOI":"10.3233\/FAIA240626"},{"key":"15_CR19","doi-asserted-by":"crossref","unstructured":"Tabiban, A., Zhao, H., Jarraya, Y., Pourzandi, M., Wang, L.: Vincidecoder: automatically interpreting provenance graphs into textual forensic reports with application to openstack. In: Nordic Conference on Secure IT Systems, pp. 346\u2013367. Springer International Publishing (2022)","DOI":"10.1007\/978-3-031-22295-5_19"},{"key":"15_CR20","doi-asserted-by":"crossref","unstructured":"Wang, Z., Zhou, Y., Liu, H., Qiu, J., Fang, B., Tian, Z.: Threatinsight: innovating early threat detection through threat-intelligence-driven analysis and attribution. IEEE Trans. Knowl. Data Eng. (2024)","DOI":"10.1109\/TKDE.2024.3474792"},{"key":"15_CR21","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1016\/j.diin.2018.05.001","volume":"26","author":"Y Xie","year":"2018","unstructured":"Xie, Y., Feng, D., Liao, X., Qin, L.: Efficient monitoring and forensic analysis via accurate network-attached provenance collection with minimal storage overhead. Digit. Investig. 26, 19\u201328 (2018)","journal-title":"Digit. Investig."},{"issue":"7","key":"15_CR22","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3539605","volume":"55","author":"M Zipperle","year":"2022","unstructured":"Zipperle, M., Gottwalt, F., Chang, E., Dillon, T.: Provenance-based intrusion detection systems: a survey. ACM Comput. Surv. 55(7), 1\u201336 (2022)","journal-title":"ACM Comput. Surv."}],"container-title":["Lecture Notes in Computer Science","Practical Aspects of Declarative Languages"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-84924-4_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,17]],"date-time":"2025-03-17T12:00:55Z","timestamp":1742212855000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-84924-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031849237","9783031849244"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-84924-4_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"18 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PADL","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Practical Aspects of Declarative Languages","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denver, CO","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 January 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 January 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"padl2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}