{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T16:59:36Z","timestamp":1771261176009,"version":"3.50.1"},"reference-count":21,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T00:00:00Z","timestamp":1684886400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,5,24]],"date-time":"2023-05-24T00:00:00Z","timestamp":1684886400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5,24]]},"DOI":"10.1109\/cscwd57460.2023.10152818","type":"proceedings-article","created":{"date-parts":[[2023,6,23]],"date-time":"2023-06-23T19:57:23Z","timestamp":1687550243000},"page":"1014-1019","source":"Crossref","is-referenced-by-count":8,"title":["GHunter: A Fast Subgraph Matching Method for Threat Hunting"],"prefix":"10.1109","author":[{"given":"Zijun","family":"Cheng","sequence":"first","affiliation":[{"name":"University of Chinese Academy of Sciences,School of Cyber Security,Beijing,China"}]},{"given":"Rujie","family":"Dai","sequence":"additional","affiliation":[{"name":"University of Chinese Academy of Sciences,School of Cyber Security,Beijing,China"}]},{"given":"Leiqi","family":"Wang","sequence":"additional","affiliation":[{"name":"University of Chinese Academy of Sciences,School of Cyber Security,Beijing,China"}]},{"given":"Ziyang","family":"Yu","sequence":"additional","affiliation":[{"name":"University of Chinese Academy of Sciences,School of Cyber Security,Beijing,China"}]},{"given":"Qiujian","family":"Lv","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"}]},{"given":"Yan","family":"Wang","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"}]},{"given":"Degang","family":"Sun","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences,Institute of Information Engineering,Beijing,China"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Mitre. 2018. structured threat information expression (stix)"},{"key":"ref2","article-title":"The pyramid of pain","author":"Bianco","year":"2013","journal-title":"Enterprise Detection & Response"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00026"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00096"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363217"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.2971484"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-90019-9_1"},{"key":"ref8","article-title":"Mining Data Provenance to Detect Advanced Persistent Threats","volume-title":"International Workshop on Theory and Practice of Provenance (TaPP\u201919)","author":"Barr\u00e9"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24046"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24167"},{"key":"ref11","article-title":"Retrosynthesis prediction with conditional graph logic network","author":"Dai","year":"2019"},{"key":"ref12","article-title":"Matching structure and semantics: A survey on graph-based pattern matching","volume-title":"AAAI Fall Symposium: Capturing and Using Patterns for Evidence Detection","author":"Gallagher"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/34.400565"},{"key":"ref14","article-title":"How powerful are graph neural networks?","author":"Xu","year":"2019"},{"key":"ref15","article-title":"Neural subgraph matching","author":"Ying","year":"2020"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/3127479.3129249"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP51992.2021.00046"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-17140-6_29"},{"key":"ref19","article-title":"ATLAS: A Sequence-based Learning Approach for Attack Investigation","volume-title":"Security Symposium (USENIX Sec\u201921)","author":"Alsaheel"},{"key":"ref20","article-title":"Transparent Computing Engagement 3 Data Release","author":"Keromytis","year":"2018"},{"key":"ref21","article-title":"Mitre. adversarial tactics, techniques and common knowledge"}],"event":{"name":"2023 26th International Conference on Computer Supported Cooperative Work in Design (CSCWD)","location":"Rio de Janeiro, Brazil","start":{"date-parts":[[2023,5,24]]},"end":{"date-parts":[[2023,5,26]]}},"container-title":["2023 26th International Conference on Computer Supported Cooperative Work in Design (CSCWD)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10152543\/10151991\/10152818.pdf?arnumber=10152818","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T18:17:41Z","timestamp":1710353861000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10152818\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,24]]},"references-count":21,"URL":"https:\/\/doi.org\/10.1109\/cscwd57460.2023.10152818","relation":{},"subject":[],"published":{"date-parts":[[2023,5,24]]}}}