{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T17:59:45Z","timestamp":1775066385077,"version":"3.50.1"},"reference-count":30,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100005073","name":"Agency for Defense Development, Republic of Korea","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100005073","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2023]]},"DOI":"10.1109\/access.2023.3315121","type":"journal-article","created":{"date-parts":[[2023,9,13]],"date-time":"2023-09-13T17:41:11Z","timestamp":1694626871000},"page":"100823-100831","source":"Crossref","is-referenced-by-count":10,"title":["Exploiting TTP Co-Occurrence via GloVe-Based Embedding With MITRE ATT&CK Framework"],"prefix":"10.1109","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-5397-185X","authenticated-orcid":false,"given":"Chanho","family":"Shin","sequence":"first","affiliation":[{"name":"Cyber Technology Center, Agency for Defense Development, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9822-9860","authenticated-orcid":false,"given":"Insup","family":"Lee","sequence":"additional","affiliation":[{"name":"Cyber Technology Center, Agency for Defense Development, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-4302-3522","authenticated-orcid":false,"given":"Changhee","family":"Choi","sequence":"additional","affiliation":[{"name":"Cyber Technology Center, Agency for Defense Development, Seoul, South Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref13","first-page":"1606","article-title":"Towards GloVe-based TTP embedding with ATT&CK framework","author":"shin","year":"2023","journal-title":"Proc Korea Inst Military Sci Technol"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1162"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/INDS.2014.22"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/CoASE.2015.7294263"},{"key":"ref30","year":"2023","journal-title":"CyberCriminal Campaign Collections"},{"key":"ref11","article-title":"Investigating co-occurrences of MITRE ATT&CK techniques","author":"rayhanur rahman","year":"2022","journal-title":"arXiv 2211 06495"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/1699657"},{"key":"ref2","year":"2023","journal-title":"ATT&CK MITRE"},{"key":"ref1","year":"2018","journal-title":"Olympic Destroyer is Here to Trick the Indsutry"},{"key":"ref17","first-page":"1678","article-title":"An information retrieval approach for malware classification based on windows API calls","volume":"4","author":"yu-chin cheng","year":"2013","journal-title":"Proc Int Conf Mach Learn Cybern"},{"key":"ref16","first-page":"6","article-title":"Native API based windows anomaly intrusion detection method using SVM","volume":"1","author":"wang","year":"2006","journal-title":"Proc IEEE Int Conf Sensor Netw Ubiquitous Trustworthy Comput (SUTC)"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/1654988.1655003"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2017.0430"},{"key":"ref24","year":"2018","journal-title":"Lazarus Under The Hood"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.34028\/iajit\/17\/4A\/4"},{"key":"ref26","first-page":"13:1","article-title":"Command similarity measurement using NLP","author":"hussain","year":"2021","journal-title":"Proc 10th Symp Languages Appl Technol"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW55150.2022.00038"},{"key":"ref20","article-title":"Detecting APT activity with network traffic analysis","author":"villeneuve","year":"2012"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2013.6504162"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2015.2458581"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA52953.2021.00256"},{"key":"ref27","article-title":"Linking common vulnerabilities and exposures to the MITRE ATT&CK framework: A self-distillation approach","author":"ampel","year":"2021","journal-title":"arXiv 2108 01696"},{"key":"ref29","year":"2023","journal-title":"Cyber Kill Chain"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/BigData52589.2021.9671343"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ICACCS51430.2021.9441956"},{"key":"ref9","first-page":"1","article-title":"Cyber attack group classification based on MITRE ATT&CK model","volume":"23","author":"choi","year":"2022","journal-title":"J Korean Soc Internet Inf"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.icte.2023.05.008"},{"key":"ref3","first-page":"15","article-title":"Cyberattack goal classification based on MITRE ATT&CK: CIA labeling","volume":"23","author":"shin","year":"2022","journal-title":"J Korean Soc Internet Inf"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/eCrime54498.2021.9738756"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/ICELTICs56128.2022.9932097"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10005208\/10250779.pdf?arnumber=10250779","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,9]],"date-time":"2023-10-09T19:21:12Z","timestamp":1696879272000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10250779\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/access.2023.3315121","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]}}}