{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T15:57:39Z","timestamp":1726070259632},"publisher-location":"Singapore","reference-count":33,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789811538162"},{"type":"electronic","value":"9789811538179"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-981-15-3817-9_3","type":"book-chapter","created":{"date-parts":[[2020,3,5]],"date-time":"2020-03-05T10:03:36Z","timestamp":1583402616000},"page":"38-54","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Decepticon: A Hidden Markov Model Approach to Counter Advanced Persistent Threats"],"prefix":"10.1007","author":[{"given":"Rudra Prasad","family":"Baksi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shambhu J.","family":"Upadhyaya","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,3,6]]},"reference":[{"key":"3_CR1","unstructured":"Baksi, R.P., Upadhyaya, S.J.: Kidemonas: the silent guardian. arXiv preprint \narXiv:1712.00841\n\n (2017)"},{"key":"3_CR2","unstructured":"Baksi, R.P., Upadhyaya, S.J.: A comprehensive model for elucidating advanced persistent threats (APT). In: Proceedings of the International Conference on Security and Management (SAM), pp. 245\u2013251. The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (2018)"},{"issue":"4","key":"3_CR3","doi-asserted-by":"publisher","first-page":"971","DOI":"10.3390\/fi4040971","volume":"4","author":"B Bencs\u00e1th","year":"2012","unstructured":"Bencs\u00e1th, B., P\u00e9k, G., Butty\u00e1n, L., Felegyhazi, M.: The cousins of stuxnet: Duqu, flame, and gauss. Future Internet 4(4), 971\u20131003 (2012)","journal-title":"Future Internet"},{"key":"3_CR4","unstructured":"Bennett, J.T., Moran, N., Villeneuve, N.: Poison ivy: assessing damage and extracting intelligence. FireEye Threat Research Blog (2013)"},{"key":"3_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-319-47413-7_2","volume-title":"Decision and Game Theory for Security","author":"H \u00c7eker","year":"2016","unstructured":"\u00c7eker, H., Zhuang, J., Upadhyaya, S., La, Q.D., Soong, B.-H.: Deception-based game theoretical approach to mitigate DoS attacks. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 18\u201338. Springer, Cham (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-319-47413-7_2"},{"issue":"5","key":"3_CR6","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1109\/34.291449","volume":"16","author":"MY Chen","year":"1994","unstructured":"Chen, M.Y., Kundu, A., Zhou, J.: Off-line handwritten word recognition using a hidden Markov model type stochastic network. IEEE Trans. Pattern Anal. Mach. Intell. 16(5), 481\u2013496 (1994)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"3_CR7","unstructured":"Clark, Z.: The worm that spreads WanaCrypt0r. Malwarebytes Labs, May 2017. \nhttps:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/05\/the-worm-that-spreadswanacrypt0r\/"},{"issue":"086","key":"3_CR8","first-page":"1","volume":"2016","author":"V Costan","year":"2016","unstructured":"Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptol. ePrint Arch. 2016(086), 1\u2013118 (2016)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"3_CR9","unstructured":"Falliere, N., Murchu, L.O., Chien, E.: W32. Stuxnet dossier. White paper, Symantec Corporation, Security Response 5(6), 29 (2011)"},{"key":"3_CR10","unstructured":"Greenberg, A.: Hackers are trying to reignite WannaCry with nonstop botnet attacks. Wired Security, May 2017. \nhttps:\/\/www.wired.com\/2017\/05\/wannacry-ransomware-ddos-attack\/"},{"issue":"1","key":"3_CR11","first-page":"80","volume":"1","author":"EM Hutchins","year":"2011","unstructured":"Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Lead. Issues Inf. Warfare Secur. Res. 1(1), 80 (2011)","journal-title":"Lead. Issues Inf. Warfare Secur. Res."},{"issue":"5","key":"3_CR12","doi-asserted-by":"publisher","first-page":"797","DOI":"10.1109\/TDSC.2016.2622261","volume":"15","author":"J Jang","year":"2016","unstructured":"Jang, J., et al.: PrivateZone: providing a private execution environment using arm trustzone. IEEE Trans. Depend. Secure Comput. 15(5), 797\u2013810 (2016)","journal-title":"IEEE Trans. Depend. Secure Comput."},{"issue":"3","key":"3_CR13","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"R Langner","year":"2011","unstructured":"Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49\u201351 (2011)","journal-title":"IEEE Secur. Priv."},{"key":"3_CR14","unstructured":"Leonard, C.: 2015 threat report. Websense Security Labs (2015)"},{"issue":"1","key":"3_CR15","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1109\/78.80762","volume":"39","author":"A Ljolje","year":"1991","unstructured":"Ljolje, A., Levinson, S.E.: Development of an acoustic-phonetic hidden Markov model for continuous speech recognition. IEEE Trans. Sig. Process. 39(1), 29\u201339 (1991)","journal-title":"IEEE Trans. Sig. Process."},{"key":"3_CR16","unstructured":"Ponemon Institute LLC: The state of advanced persistent threats. Ponemon Institute Research Report, December 2013"},{"key":"3_CR17","unstructured":"LogRhythm: The APT lifecycle and its log trail. Technical report, July 2013"},{"key":"3_CR18","unstructured":"Lorch, J.R., Wang, Y.M., Verbowski, C., Wang, H.J., King, S.: Isolation environment-based information access, 20 September 2011. US Patent 8,024,815"},{"key":"3_CR19","doi-asserted-by":"publisher","unstructured":"Madnick, S.E., Donovan, J.J.: Application and analysis of the virtual machine approach to information system security and isolation. In: Proceedings of the Workshop on Virtual Computer Systems, pp. 210\u2013224. ACM, New York (1973). \nhttps:\/\/doi.org\/10.1145\/800122.803961","DOI":"10.1145\/800122.803961"},{"key":"3_CR20","unstructured":"Mehresh, R.: Schemes for surviving advanced persistent threats. Faculty of the Graduate School of the University at Buffalo, State University of New York (2013)"},{"key":"3_CR21","unstructured":"Mehresh, R., Upadhyaya, S.: A deception framework for survivability against next generation cyber attacks. In: Proceedings of the International Conference on Security and Management (SAM). p. 1. The Steering Committee of The World Congress in Computer Science, Computer Computer Engineering and Applied Computing (2012)"},{"key":"3_CR22","doi-asserted-by":"crossref","unstructured":"Messaoud, B.I., Guennoun, K., Wahbi, M., Sadik, M.: Advanced persistent threat: new analysis driven by life cycle phases and their challenges. In: 2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS), pp. 1\u20136. IEEE (2016)","DOI":"10.1109\/ACOSIS.2016.7843932"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Pauna, A.: Improved self adaptive honeypots capable of detecting rootkit malware. In: 2012 9th International Conference on Communications (COMM), pp. 281\u2013284. IEEE (2012)","DOI":"10.1109\/ICComm.2012.6262612"},{"key":"3_CR24","unstructured":"Piolle, E.: Simplified schema of a trusted platform module (TPM). Wikipedia, September 2008. \nhttps:\/\/commons.wikimedia.org\/wiki\/File:TPM.svg"},{"issue":"2","key":"3_CR25","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1109\/5.18626","volume":"77","author":"LR Rabiner","year":"1989","unstructured":"Rabiner, L.R.: A tutorial on hidden Markov models and selected applications in speech recognition. Proc. IEEE 77(2), 257\u2013286 (1989)","journal-title":"Proc. IEEE"},{"key":"3_CR26","unstructured":"Rashid, A., et al.: Detecting and preventing data exfiltration (2014)"},{"key":"3_CR27","doi-asserted-by":"crossref","unstructured":"Kumar Sasidharan, S., Thomas, C.: A survey on metamorphic malware detection based on hidden Markov model. In: 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 357\u2013362. IEEE (2018)","DOI":"10.1109\/ICACCI.2018.8554803"},{"key":"3_CR28","unstructured":"Secureworks: WCry Ransomware Campaign. Secureworks Inc., May 2017. \nhttps:\/\/www.secureworks.com\/blog\/wcry-ransomware-campaign"},{"key":"3_CR29","doi-asserted-by":"crossref","unstructured":"Shepherd, C., et al.: Secure and trusted execution: past, present, and future-a critical review in the context of the internet of things and cyber-physical systems. In: 2016 IEEE Trustcom\/BigDataSE\/ISPA, pp. 168\u2013177. IEEE (2016)","DOI":"10.1109\/TrustCom.2016.0060"},{"key":"3_CR30","unstructured":"TCG: TPM main specification. Trusted Computing Group, March 2011. \nhttps:\/\/trustedcomputinggroup.org\/tpm-main-specification\/"},{"key":"3_CR31","doi-asserted-by":"crossref","unstructured":"Vukalovi\u0107, J., Delija, D.: Advanced persistent threats-detection and defense. In: 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1324\u20131330. IEEE (2015)","DOI":"10.1109\/MIPRO.2015.7160480"},{"key":"3_CR32","doi-asserted-by":"crossref","unstructured":"Zakaria, W.Z.A., Abdollah, M.F., Mohd, O., Ariffin, A.F.M.: The rise of ransomware. In: Proceedings of the 2017 International Conference on Software and e-Business, pp. 66\u201370. ACM (2017)","DOI":"10.1145\/3178212.3178224"},{"key":"3_CR33","doi-asserted-by":"crossref","unstructured":"Zhao, C., Saifuding, D., Tian, H., Zhang, Y., Xing, C.: On the performance of Intel SGX. In: 2016 13th Web Information Systems and Applications Conference (WISA), pp. 184\u2013187. IEEE (2016)","DOI":"10.1109\/WISA.2016.45"}],"container-title":["Communications in Computer and Information Science","Secure Knowledge Management In Artificial Intelligence Era"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-15-3817-9_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,5]],"date-time":"2020-03-05T10:16:55Z","timestamp":1583403415000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-15-3817-9_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9789811538162","9789811538179"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-981-15-3817-9_3","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"6 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SKM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference On Secure Knowledge Management In Artificial Intelligence Era","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Pilani","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"skm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.secure-km.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.79","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1.68","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}