{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T19:46:03Z","timestamp":1766087163965,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,11,28]],"date-time":"2016-11-28T00:00:00Z","timestamp":1480291200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,11,28]]},"DOI":"10.1145\/3011141.3011157","type":"proceedings-article","created":{"date-parts":[[2017,2,14]],"date-time":"2017-02-14T13:43:23Z","timestamp":1487079803000},"page":"303-312","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["TAON"],"prefix":"10.1145","author":[{"given":"Robert","family":"Luh","sequence":"first","affiliation":[{"name":"Josef Ressel Center TARGET, Austria and DMU Leicester, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sebastian","family":"Schrittwieser","sequence":"additional","affiliation":[{"name":"Josef Ressel Center TARGET, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefan","family":"Marschalek","sequence":"additional","affiliation":[{"name":"Josef Ressel Center TARGET, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2016,11,28]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"65","volume-title":"IEEE","author":"Abdoli Fateme","year":"2009","unstructured":"Fateme Abdoli and Mohsen Kahani . \"Ontology-based distributed intrusion detection system\". In: 14th Int'l Computer Conference . IEEE , 2009 , pp. 65 -- 70 . Fateme Abdoli and Mohsen Kahani. \"Ontology-based distributed intrusion detection system\". In: 14th Int'l Computer Conference. IEEE, 2009, pp. 65--70."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/PERSER.2005.1506559"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2014.15"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382284"},{"key":"e_1_3_2_1_5_1","volume-title":"4th Joint Workshop on Information Security. Da-Yeh University","author":"Chiang Hsiu-Sen","year":"2009","unstructured":"Hsiu-Sen Chiang and Woei-Jiunn Tsaur . \"Ontology-based Mobile Malware Behavioral Analysis\". In: 4th Joint Workshop on Information Security. Da-Yeh University , 2009 . Hsiu-Sen Chiang and Woei-Jiunn Tsaur. \"Ontology-based Mobile Malware Behavioral Analysis\". In: 4th Joint Workshop on Information Security. Da-Yeh University, 2009."},{"key":"e_1_3_2_1_6_1","first-page":"1881","article-title":"Attack subplan-based attack scenario correlation","volume":"4","author":"Chien Sheng-Hui","year":"2007","unstructured":"Sheng-Hui Chien . \" Attack subplan-based attack scenario correlation \". In: Int'l Conference on Machine Learning and Cybernetics. Vol. 4 . IEEE, 2007 , pp. 1881 -- 1887 . Sheng-Hui Chien et al. \"Attack subplan-based attack scenario correlation\". In: Int'l Conference on Machine Learning and Cybernetics. Vol. 4. IEEE, 2007, pp. 1881--1887.","journal-title":"Int'l Conference on Machine Learning and Cybernetics."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecurity.2012.14"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SOSE.2014.52"},{"key":"e_1_3_2_1_9_1","first-page":"85","volume-title":"IFIP Int'l Information Security Conference","author":"Andreas Ekelhart","year":"2007","unstructured":"Andreas Ekelhart et al. \" Ontological mapping of common criteria's security assurance requirements \". In: IFIP Int'l Information Security Conference . Springer . 2007 , pp. 85 -- 95 . Andreas Ekelhart et al. \"Ontological mapping of common criteria's security assurance requirements\". In: IFIP Int'l Information Security Conference. Springer. 2007, pp. 85--95."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2007.478"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/832309.837243"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecurity.2012.16"},{"key":"e_1_3_2_1_13_1","unstructured":"Adam Greenberg. Russians fingered for 'Uroburos' spy malware campaign went undetected for years - SC Magazine. Accessed 2015-07-29. url: http:\/\/www.scmagazine.com\/russians-fingered-for-uroburos-spy-malware-campaign-went-undetected-for-years\/article\/336570\/.  Adam Greenberg. Russians fingered for 'Uroburos' spy malware campaign went undetected for years - SC Magazine. Accessed 2015-07-29. url: http:\/\/www.scmagazine.com\/russians-fingered-for-uroburos-spy-malware-campaign-went-undetected-for-years\/article\/336570\/."},{"key":"e_1_3_2_1_14_1","unstructured":"Liona Herman. Malware Attack at US Health Organization Went Undetected for 2 Years. Accessed 2015-10-20. url: http:\/\/www.hackbusters.com\/news\/stories\/187232-malware-attack-at-us-health-organization-went-undetected-for-2-years.  Liona Herman. Malware Attack at US Health Organization Went Undetected for 2 Years. Accessed 2015-10-20. url: http:\/\/www.hackbusters.com\/news\/stories\/187232-malware-attack-at-us-health-organization-went-undetected-for-2-years."},{"key":"e_1_3_2_1_15_1","first-page":"1","volume-title":"IEEE","author":"Hsien-Der","year":"2010","unstructured":"Hsien-Der Huang et al. \"Ontology-based intelligent system for malware behavioral analysis\". In: IEEE Int'l Conference on Fuzzy Systems . IEEE , 2010 , pp. 1 -- 6 . Hsien-Der Huang et al. \"Ontology-based intelligent system for malware behavioral analysis\". In: IEEE Int'l Conference on Fuzzy Systems. IEEE, 2010, pp. 1--6."},{"key":"e_1_3_2_1_16_1","first-page":"80","article-title":"\"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins Eric M.","year":"2011","unstructured":"Eric M. Hutchins , Michael J. Cloppert , and Rohan M. Amin . \"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains \". In: Leading Issues in Information Warfare & Security Research 1 ( 2011 ), p. 80 . Eric M. Hutchins, Michael J. Cloppert, and Rohan M. Amin. \"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains\". In: Leading Issues in Information Warfare & Security Research 1 (2011), p. 80.","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0086-0"},{"key":"e_1_3_2_1_18_1","unstructured":"Kaspersky Lab. What is Flame Malware | Definition and Risks | Kaspersky Lab. Accessed 2015-07-29. url: http:\/\/www.kaspersky.com\/flame.  Kaspersky Lab. What is Flame Malware | Definition and Risks | Kaspersky Lab. Accessed 2015-07-29. url: http:\/\/www.kaspersky.com\/flame."},{"key":"e_1_3_2_1_19_1","unstructured":"Kaspersky Lab's Global Research & Analysis Team. Gauss: Abnormal Distribution - Securelist. Accessed 2015-07-29. url: https:\/\/securelist.com\/analysis\/36620\/gauss-abnormal-distribution\/.  Kaspersky Lab's Global Research & Analysis Team. Gauss: Abnormal Distribution - Securelist. Accessed 2015-07-29. url: https:\/\/securelist.com\/analysis\/36620\/gauss-abnormal-distribution\/."},{"key":"e_1_3_2_1_20_1","unstructured":"Shawn Knight. Sophisticated malware dubbed 'The Mask' went undetected for the past seven years - TechSpot. Accessed 2015-07-29. url: http:\/\/www.techspot.com\/news\/55640-sophisticated-malware-dubbed-the-mask-went-undetected-for-the-past-seven-years.html.  Shawn Knight. Sophisticated malware dubbed 'The Mask' went undetected for the past seven years - TechSpot. Accessed 2015-07-29. url: http:\/\/www.techspot.com\/news\/55640-sophisticated-malware-dubbed-the-mask-went-undetected-for-the-past-seven-years.html."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/185403.185412"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2011.6112333"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2667190.2667192"},{"key":"e_1_3_2_1_24_1","first-page":"1","article-title":"Semantics-aware detection of targeted attacks: a survey","author":"Robert Luh","year":"2016","unstructured":"Robert Luh et al . \" Semantics-aware detection of targeted attacks: a survey \". In: Journal of Computer Virology and Hacking Techniques ( 2016 ), pp. 1 -- 39 . Robert Luh et al. \"Semantics-aware detection of targeted attacks: a survey\". In: Journal of Computer Virology and Hacking Techniques (2016), pp. 1--39.","journal-title":"Journal of Computer Virology and Hacking Techniques ("},{"key":"e_1_3_2_1_25_1","volume-title":"W3C recommendation 10.10","author":"McGuinness Deborah L.","year":"2004","unstructured":"Deborah L. McGuinness , Frank Van Harmelen, et al. \"OWL web ontology language overview \". In: W3C recommendation 10.10 ( 2004 ). Deborah L. McGuinness, Frank Van Harmelen, et al. \"OWL web ontology language overview\". In: W3C recommendation 10.10 (2004)."},{"key":"e_1_3_2_1_26_1","unstructured":"Elinor Mills. A who's who of Mideast-targeted malware. Accessed 2015-09-18. url: http:\/\/www.cnet.com\/news\/a-whos-who-of-mideast-targeted-malware\/.  Elinor Mills. A who's who of Mideast-targeted malware. Accessed 2015-09-18. url: http:\/\/www.cnet.com\/news\/a-whos-who-of-mideast-targeted-malware\/."},{"key":"e_1_3_2_1_27_1","unstructured":"Christopher Munsey. Economic Espionage: Competing For Trade By Stealing Industrial Secrets. Accessed 2015-09-15. url: https:\/\/leb.fbi.gov\/2013\/october-november\/economic-espionage-competing-for-trade-by-stealing-industrial-secrets.  Christopher Munsey. Economic Espionage: Competing For Trade By Stealing Industrial Secrets. Accessed 2015-09-15. url: https:\/\/leb.fbi.gov\/2013\/october-november\/economic-espionage-competing-for-trade-by-stealing-industrial-secrets."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.05.005"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.08.007"},{"key":"e_1_3_2_1_30_1","first-page":"1","volume-title":"IEEE","author":"Alireza","year":"2013","unstructured":"Alireza Sadighian et al. \"Semantic-based context-aware alert fusion for distributed Intrusion Detection Systems\". In: Int'l Conference on Risks and Security of Internet and Systems . IEEE , 2013 , pp. 1 -- 6 . Alireza Sadighian et al. \"Semantic-based context-aware alert fusion for distributed Intrusion Detection Systems\". In: Int'l Conference on Risks and Security of Internet and Systems. IEEE, 2013, pp. 1--6."},{"key":"e_1_3_2_1_31_1","unstructured":"Seculert. Mahdi - The Cyberwar Savior? Accessed 2015-07-29. url: http:\/\/www.seculert.com\/blog\/2012\/07\/mahdi-cyberwar-savior.html.  Seculert. Mahdi - The Cyberwar Savior? Accessed 2015-07-29. url: http:\/\/www.seculert.com\/blog\/2012\/07\/mahdi-cyberwar-savior.html."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.90"},{"key":"e_1_3_2_1_33_1","unstructured":"Symantec. Regin: Top-tier espionage tool enables stealthy surveillance. Accessed 2015-09-15. url: http:\/\/www.symantec.com\/connect\/blogs\/regin-top-tier-espionage-tool-enables-stealthy-surveillance.  Symantec. Regin: Top-tier espionage tool enables stealthy surveillance. Accessed 2015-09-15. url: http:\/\/www.symantec.com\/connect\/blogs\/regin-top-tier-espionage-tool-enables-stealthy-surveillance."},{"key":"e_1_3_2_1_34_1","first-page":"20","article-title":"Symantec Internet Security Threat Report Volume XX","year":"2015","unstructured":"Symantec. \" Symantec Internet Security Threat Report Volume XX \". In: Whitepaper 20 ( 2015 ). Symantec. \"Symantec Internet Security Threat Report Volume XX\". In: Whitepaper 20 (2015).","journal-title":"Whitepaper"},{"key":"e_1_3_2_1_35_1","unstructured":"The Hacker News. Harkonnen Operation --- Malware Campaign that Went Undetected for 12 Years. Accessed 2015-07-29. url: http:\/\/thehackernews.com\/2014\/09\/harkonnen-operation-malware-campaign_16.html.  The Hacker News. Harkonnen Operation --- Malware Campaign that Went Undetected for 12 Years. Accessed 2015-07-29. url: http:\/\/thehackernews.com\/2014\/09\/harkonnen-operation-malware-campaign_16.html."},{"key":"e_1_3_2_1_36_1","unstructured":"University of Manchester. OWL: FaCT++. Accessed 2016-07-27. url: http:\/\/owl.man.ac.uk\/factplusplus\/.  University of Manchester. OWL: FaCT++. Accessed 2016-07-27. url: http:\/\/owl.man.ac.uk\/factplusplus\/."},{"key":"e_1_3_2_1_37_1","unstructured":"University of Toronto. GRL Syntax. Accessed 2015-07-27. url: http:\/\/www.cs.toronto.edu\/km\/GRL\/grl_syntax.html.  University of Toronto. GRL Syntax. Accessed 2015-07-27. url: http:\/\/www.cs.toronto.edu\/km\/GRL\/grl_syntax.html."},{"key":"e_1_3_2_1_38_1","volume-title":"Access Policies Model","author":"Veloudis Simos","year":"2015","unstructured":"Simos Veloudis and Iraklis Paraskakis . \"PaaSword : Access Policies Model \". In : PaaSword ( 2015 ). Simos Veloudis and Iraklis Paraskakis. \"PaaSword: Access Policies Model\". In: PaaSword (2015)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2004.57"}],"event":{"name":"iiWAS '16: 18th International Conference on Information Integration and Web-based Applications and Services","acronym":"iiWAS '16","location":"Singapore Singapore"},"container-title":["Proceedings of the 18th International Conference on Information Integration and Web-based Applications and Services"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3011141.3011157","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3011141.3011157","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:05:27Z","timestamp":1750273527000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3011141.3011157"}},"subtitle":["an ontology-based approach to mitigating targeted attacks"],"short-title":[],"issued":{"date-parts":[[2016,11,28]]},"references-count":39,"alternative-id":["10.1145\/3011141.3011157","10.1145\/3011141"],"URL":"https:\/\/doi.org\/10.1145\/3011141.3011157","relation":{},"subject":[],"published":{"date-parts":[[2016,11,28]]},"assertion":[{"value":"2016-11-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}