{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T01:26:43Z","timestamp":1773883603166,"version":"3.50.1"},"reference-count":51,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T00:00:00Z","timestamp":1772323200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U24A20336"],"award-info":[{"award-number":["U24A20336"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U24B20148"],"award-info":[{"award-number":["U24B20148"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62272114"],"award-info":[{"award-number":["62272114"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100018537","name":"National Science and Technology Major Project","doi-asserted-by":"publisher","award":["2022ZD0119602"],"award-info":[{"award-number":["2022ZD0119602"]}],"id":[{"id":"10.13039\/501100018537","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Major Key Project of PCL","award":["PCL2024A05"],"award-info":[{"award-number":["PCL2024A05"]}]},{"name":"Science and Technology Program of Guangzhou","award":["2024A03J0399"],"award-info":[{"award-number":["2024A03J0399"]}]},{"name":"Joint Research Foundation of Guangzhou University","award":["202201020380"],"award-info":[{"award-number":["202201020380"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2026,3]]},"DOI":"10.1109\/tdsc.2025.3642153","type":"journal-article","created":{"date-parts":[[2025,12,10]],"date-time":"2025-12-10T18:35:15Z","timestamp":1765391715000},"page":"4009-4026","source":"Crossref","is-referenced-by-count":0,"title":["Large-Scale Intranet Security Assessment Based on Bayesian Attack Graphs Using System Audit Logs"],"prefix":"10.1109","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-7892-4104","authenticated-orcid":false,"given":"Chengliang","family":"Gao","sequence":"first","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4202-7802","authenticated-orcid":false,"given":"Jing","family":"Qiu","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-6835-6488","authenticated-orcid":false,"given":"Jiaxu","family":"Xing","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7238-9620","authenticated-orcid":false,"given":"Ximing","family":"Chen","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Du","family":"Cheng","sequence":"additional","affiliation":[{"name":"Institute for Network Science and Cyberspace, Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3458-7431","authenticated-orcid":false,"given":"Lejun","family":"Zhang","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7748-964X","authenticated-orcid":false,"given":"Tiejun","family":"Wu","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group Company Ltd., Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2023.110004"},{"key":"ref2","doi-asserted-by":"crossref","first-page":"302","DOI":"10.1016\/j.comcom.2024.06.016","article-title":"AGCM: A multi-stage attack correlation and scenario reconstruction method based on graph aggregation","volume":"224","author":"Hongshuo","year":"2024","journal-title":"Comput. Commun."},{"issue":"2","key":"ref3","first-page":"89","article-title":"Host security assessment method based on attack graph","volume":"43","author":"Hongyu","year":"2022","journal-title":"J. Commun."},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(21)00065-9"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1002\/qre.2754"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1051\/bioconf\/20249700085"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2019.100219"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2016.02.001"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103081"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103602"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2023.109730"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC54236.2022.00122"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-023-00155-y"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.heliyon.2024.e26317"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.3390\/electronics12081849"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623187"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00009"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3273918"},{"key":"ref19","first-page":"139","article-title":"TREC: APT tactic\/technique recognition via few-shot provenance subgraph learning","volume-title":"Proc. 2024 ACM SIGSAC Conf. Comput. Commun. Secur.","author":"Mingqi","year":"2024"},{"key":"ref20","first-page":"113","article-title":"MulVAL: A logic-based network security analyzer","volume-title":"Proc. 2005 USENIX Secur. Symp.","author":"Ou","year":"2005"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2016.7795462"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103410"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.108795"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.104296"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00971-4"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/ICSC63108.2024.10895716"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2022.3231567"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/3576842.3582326"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS54207.2022.9789803"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.23919\/CNSM62983.2024.10814501"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/ICASID.2013.6825274"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3257721"},{"key":"ref33","first-page":"61","article-title":"Network vulnerability assessment using bayesian networks","volume-title":"Proc. Data Mining, Intrusion Detection Inf. Assurance Data Netw. Secur.","volume":"5812","author":"Yu","year":"2005"},{"key":"ref34","article-title":"Attack Dynamics: An automatic attack graph generation framework based on system topology, CAPEC, CWE, and CVE databases","volume":"123","author":"Hankin","year":"2022","journal-title":"Comput. Secur."},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-020-09558-5"},{"issue":"4","key":"ref36","first-page":"106","article-title":"Computer network vulnerability assessment based on bayesian attribute network","volume":"38","author":"Xiujuan","year":"2015","journal-title":"J. Beijing Univ. Posts Telecommun."},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/s10489-010-0266-8"},{"issue":"10","key":"ref38","first-page":"2296","article-title":"A system for scoring the exploitability of vulnerability based types","volume":"54","author":"Kenan","year":"2017","journal-title":"J. Comput. Res. Develop."},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW59978.2023.00027"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.34"},{"issue":"3","key":"ref41","first-page":"62","article-title":"Dynamic network security analysis based on Bayesian attack graph","volume":"49","author":"Jiarui","year":"2022","journal-title":"Comput. Sci."},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2024.3512793"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2015.2423682"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2023.119703"},{"key":"ref45","article-title":"Attack scenario reconstruction approach using attack graph and alert data mining","volume":"54","author":"Hao","year":"2020","journal-title":"J. Inf. Secur. Appl."},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/3447548.3467159"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/3695864"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/3719027.3765086"},{"key":"ref49","first-page":"13","article-title":"TORCHLIGHT: Shedding LIGHT on real-world attacks on cloudless IoT devices concealed within the tor network","volume-title":"Proc. the 34th USENIX Secur. Sympos.","author":"Pan","year":"2025"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2025.3547010"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2025.3569593"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8858\/11434575\/11291155.pdf?arnumber=11291155","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T19:42:07Z","timestamp":1773862927000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11291155\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3]]},"references-count":51,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2025.3642153","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3]]}}}