{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T16:59:36Z","timestamp":1771261176274,"version":"3.50.1"},"reference-count":17,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T00:00:00Z","timestamp":1746403200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T00:00:00Z","timestamp":1746403200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,5,5]]},"DOI":"10.1109\/cscwd64889.2025.11033564","type":"proceedings-article","created":{"date-parts":[[2025,6,23]],"date-time":"2025-06-23T17:24:40Z","timestamp":1750699480000},"page":"600-605","source":"Crossref","is-referenced-by-count":1,"title":["Autumn: An Unsupervised APT Detection via Detailed Process-Level Analysis"],"prefix":"10.1109","author":[{"given":"Zehui","family":"Wang","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Yunxiang","family":"Wang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Wenhao","family":"Yan","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Yinhao","family":"Qi","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Tian","family":"Tian","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Bo","family":"Jiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]},{"given":"Zhigang","family":"Lu","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Evading Provenance-Based ML Detectors with Adversarial System Actions","author":"Mukherjee"},{"key":"ref2","volume-title":"APT Attacks: Exploring Advanced Persistent Threats - ThreatDown by Malwarebytes"},{"key":"ref3","volume-title":"SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data","author":"Hossain"},{"key":"ref4","doi-asserted-by":"crossref","first-page":"1137","DOI":"10.1109\/SP.2019.00026","article-title":"HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows","volume-title":"2019 IEEE Symposium on Security and Privacy (SP)","author":"Milajerdi","year":"2019"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243829"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363217"},{"key":"ref7","volume-title":"linux-audit\/audit-kernel: GitHub mirror of the Linux Kernel\u2019s audit repository"},{"key":"ref8","volume-title":"Security Issues in Network Event Logging (syslog)"},{"key":"ref9","volume-title":"Event Viewer","year":"2019"},{"key":"ref10","volume-title":"Attention Is All You Need","author":"Vaswani","year":"2023"},{"key":"ref11","article-title":"Efficient Estimation of Word Representations in Vector Space","author":"Mikolov","year":"2013"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/0306-4573(88)90021-0"},{"key":"ref13","volume-title":"StreamSpot: Detecting network anomalies in edge streams"},{"key":"ref14","volume-title":"Transparent-Computing\/README-E3.md at master.darpa-i20\/Transparent-Computing"},{"key":"ref15","volume-title":"DeepLog | Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"},{"key":"ref16","volume-title":"Robust log-based anomaly detection on unstable log data | Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering"},{"key":"ref17","volume-title":"LogGAN: A Sequence-Based Generative Adversarial Network for Anomaly Detection Based on System Logs | SpringerLink"}],"event":{"name":"2025 28th International Conference on Computer Supported Cooperative Work in Design (CSCWD)","location":"Compiegne, France","start":{"date-parts":[[2025,5,5]]},"end":{"date-parts":[[2025,5,7]]}},"container-title":["2025 28th International Conference on Computer Supported Cooperative Work in Design (CSCWD)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11033175\/11033221\/11033564.pdf?arnumber=11033564","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,24]],"date-time":"2025-06-24T06:56:26Z","timestamp":1750748186000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11033564\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5,5]]},"references-count":17,"URL":"https:\/\/doi.org\/10.1109\/cscwd64889.2025.11033564","relation":{},"subject":[],"published":{"date-parts":[[2025,5,5]]}}}