{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T15:50:49Z","timestamp":1783007449123,"version":"3.54.5"},"reference-count":60,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"6","license":[{"start":{"date-parts":[[2023,6,1]],"date-time":"2023-06-01T00:00:00Z","timestamp":1685577600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2023,6,1]],"date-time":"2023-06-01T00:00:00Z","timestamp":1685577600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,6,1]],"date-time":"2023-06-01T00:00:00Z","timestamp":1685577600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U20B2046"],"award-info":[{"award-number":["U20B2046"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Research and Development Program of China","award":["2021YFB2012402"],"award-info":[{"award-number":["2021YFB2012402"]}]},{"name":"Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme"},{"name":"Guangzhou University Graduate Student Innovation Ability Training Funding Program","award":["2021GDJC-D17"],"award-info":[{"award-number":["2021GDJC-D17"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Knowl. Data Eng."],"published-print":{"date-parts":[[2023,6,1]]},"DOI":"10.1109\/tkde.2022.3175719","type":"journal-article","created":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T15:36:20Z","timestamp":1658331380000},"page":"5695-5709","source":"Crossref","is-referenced-by-count":162,"title":["CSKG4APT: A Cybersecurity Knowledge Graph for Advanced Persistent Threat Organization Attribution"],"prefix":"10.1109","volume":"35","author":[{"given":"Yitong","family":"Ren","sequence":"first","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yanjun","family":"Xiao","sequence":"additional","affiliation":[{"name":"PINGXING Lab (Nsfocus Technology Group Company), Guangdong, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9424-8282","authenticated-orcid":false,"given":"Yinghai","family":"Zhou","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Zhiyong","family":"Zhang","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9409-5359","authenticated-orcid":false,"given":"Zhihong","family":"Tian","sequence":"additional","affiliation":[{"name":"Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, Guangdong, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref13","year":"0"},{"key":"ref57","article-title":"The diamond model of intrusion analysism","author":"caltagirone","year":"2013","journal-title":"Center for cyber intelligence analysis and threat research hanover md"},{"key":"ref12","author":"haofen","year":"2019","journal-title":"Knowledge Graph Methods Practice and Application"},{"key":"ref56","article-title":"The national vulnerability database (NVD): Overview","author":"booth","year":"2013"},{"key":"ref15","first-page":"10","article-title":"Mandarin chinese: A functional reference grammar","volume":"42","author":"li","year":"1989","journal-title":"The Journal of Asian Studies"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2021.3070843"},{"key":"ref14","year":"0"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/P18-4006"},{"key":"ref53","year":"0"},{"key":"ref52","article-title":"BERT: Pre-training of deep bidirectional transformers for language understanding","author":"devlin","year":"2018"},{"key":"ref11","article-title":"Introducing the knowledge graph: Things, not strings","author":"singhal","year":"2012"},{"key":"ref55","year":"0"},{"key":"ref10","article-title":"AttacKG: Constructing technique knowledge graph from cyber threat intelligence reports","author":"li","year":"2021"},{"key":"ref54","year":"0"},{"key":"ref17","year":"0"},{"key":"ref16","first-page":"3005","article-title":"ATLAS: A sequence-based learning approach for attack investigation","author":"alsaheel","year":"2021","journal-title":"Proc 30th USENIX Secur Symp"},{"key":"ref19","year":"0"},{"key":"ref18","article-title":"The diamond model of intrusion analysis","author":"caltagirone","year":"2013"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/9875199"},{"key":"ref50","year":"0"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-14039-1_8"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1080\/23742917.2021.1895532"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-74753-4_4"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102396"},{"key":"ref42","year":"0"},{"key":"ref41","year":"0"},{"key":"ref44","first-page":"92","article-title":"Framework of cyber attack attribution based on threat intelligence","volume":"190","year":"0"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.02.013"},{"key":"ref49","first-page":"644","article-title":"A Chi-square-based decision for real-time malware detection using PE-file features","volume":"12","author":"belaoued","year":"2016","journal-title":"J Inf Process Syst"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-86890-1_25"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ICASID.2017.8285734"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134646"},{"key":"ref4","first-page":"2052","article-title":"Overview of network security threat intelligence sharing and exchange","volume":"57","author":"yue","year":"2020","journal-title":"Computer Research and Development"},{"key":"ref3","first-page":"4","article-title":"Detection and traceability of high covert unknown threats in cyberspace","volume":"14","author":"zhihong","year":"2020","journal-title":"Inf Commun Technol"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/FIT.2018.00030"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00039"},{"key":"ref40","year":"0"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30796-7_13"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ICASID.2017.8285734"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-29551-6_5"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/3300115.3309531"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134646"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978315"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP51992.2021.00046"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101867"},{"key":"ref2","year":"2021"},{"key":"ref1","year":"2020"},{"key":"ref39","year":"0"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.3390\/s18093053"},{"key":"ref24","first-page":"868","article-title":"TeamDL at SemEval-2018 task 8: Cybersecurity text analysis using convolutional neural network and conditional random fields","author":"manikandan","year":"2018","journal-title":"Proc 12th Int Workshop Semantic Eval"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ICSC.2013.50"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.3390\/app9193945"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2019.8852475"},{"key":"ref20","article-title":"Sophisticated indicators for the modern threat landscape: An introduction to OpenIOC","year":"0"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/WI-IAT.2011.26"},{"key":"ref21","article-title":"Open standards for threat information sharing","year":"2020"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/CIS.2019.00039"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i05.6401"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2020.2987019"},{"key":"ref60","year":"0"}],"container-title":["IEEE Transactions on Knowledge and Data Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/69\/10113816\/09834133.pdf?arnumber=9834133","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T17:42:14Z","timestamp":1760377334000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9834133\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,1]]},"references-count":60,"journal-issue":{"issue":"6"},"URL":"https:\/\/doi.org\/10.1109\/tkde.2022.3175719","relation":{},"ISSN":["1041-4347","1558-2191","2326-3865"],"issn-type":[{"value":"1041-4347","type":"print"},{"value":"1558-2191","type":"electronic"},{"value":"2326-3865","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,6,1]]}}}