{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T16:59:36Z","timestamp":1771261176251,"version":"3.50.1"},"reference-count":20,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,12,4]],"date-time":"2022-12-04T00:00:00Z","timestamp":1670112000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,12,4]],"date-time":"2022-12-04T00:00:00Z","timestamp":1670112000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100002367","name":"Chinese Academy of Sciences","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002367","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,12,4]]},"DOI":"10.1109\/globecom48099.2022.10001525","type":"proceedings-article","created":{"date-parts":[[2023,1,11]],"date-time":"2023-01-11T22:24:18Z","timestamp":1673475858000},"page":"897-902","source":"Crossref","is-referenced-by-count":2,"title":["A Graph Learning Approach with Audit Records for Advanced Attack Investigation"],"prefix":"10.1109","author":[{"given":"Jian","family":"Liu","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100093"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Junjie","family":"Yan","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100093"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhengwei","family":"Jiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100093"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xuren","family":"Wang","sequence":"additional","affiliation":[{"name":"College of Information Engineering, Capital Normal University,Beijing,China,100048"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Jiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100093"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24046"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00026"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243763"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978315"},{"key":"ref5","article-title":"Back-propagating system dependency impact for attack investigation","volume-title":"31 th USENIX Security Symposium (USENIX Security22","author":"Fang","year":"2022"},{"key":"ref6","first-page":"3005","article-title":"ATLAS: A sequence-based learning approach for attack investigation","volume-title":"30th USENIX Security Symposium (USENIX Security21)","author":"Alsaheel","year":"2021"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP51992.2021.00046"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945467"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24549"},{"key":"ref10","volume-title":"Transparent computing engagement 3 data release","author":"Keromytis","year":"2020"},{"key":"ref11","first-page":"639","article-title":"SAQL: A stream-based query system for Real-Time abnormal system behavior detection","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Gao","year":"2018"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2021.acl-long.344"},{"key":"ref13","article-title":"Semi-supervised classification with graph convolutional networks","author":"Kipf","year":"2016","journal-title":"arXiv preprint"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3097983.3098061"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1075\/avt.25.05bei"},{"issue":"9","key":"ref16","article-title":"Weisfeiler-lehman graph kernels","volume":"12","author":"Shervashidze","year":"2011","journal-title":"Journal of Machine Learning Research"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1997.9.8.1735"},{"key":"ref18","volume-title":"Convolutional neural network for sentence classification","author":"Chen","year":"2015"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939754"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623732"}],"event":{"name":"GLOBECOM 2022 - 2022 IEEE Global Communications Conference","location":"Rio de Janeiro, Brazil","start":{"date-parts":[[2022,12,4]]},"end":{"date-parts":[[2022,12,8]]}},"container-title":["GLOBECOM 2022 - 2022 IEEE Global Communications Conference"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10000063\/10000593\/10001525.pdf?arnumber=10001525","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,9]],"date-time":"2024-02-09T03:20:57Z","timestamp":1707448857000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10001525\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,4]]},"references-count":20,"URL":"https:\/\/doi.org\/10.1109\/globecom48099.2022.10001525","relation":{},"subject":[],"published":{"date-parts":[[2022,12,4]]}}}