{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:07:13Z","timestamp":1750306033910,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":7,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,12,8]],"date-time":"2017-12-08T00:00:00Z","timestamp":1512691200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,12,8]]},"DOI":"10.1145\/3171592.3171641","type":"proceedings-article","created":{"date-parts":[[2018,3,16]],"date-time":"2018-03-16T12:53:36Z","timestamp":1521204816000},"page":"115-119","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Detecting and Predicting APT Based on the Study of Cyber Kill Chain with Hierarchical Knowledge Reasoning"],"prefix":"10.1145","author":[{"given":"Senhao","family":"Wen","sequence":"first","affiliation":[{"name":"Operation department, CNCERT, Beijing, China"}]},{"given":"Nengqiang","family":"He","sequence":"additional","affiliation":[{"name":"Operation department, CNCERT, Beijing, China"}]},{"given":"Hanbing","family":"Yan","sequence":"additional","affiliation":[{"name":"Operation department, CNCERT, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2017,12,8]]},"reference":[{"issue":"7","key":"e_1_3_2_1_1_1","first-page":"1633","volume":"51","author":"Du Yuejin","year":"2014","unstructured":"Yuejin Du , Lidong zhai, Yue Li , Zhaopeng Jia: Security Architecture to Deal with APT Attacks: Abonormal Discovery , Journal of Computer Research and Development 51 ( 7 ), 1633 -- 1645 , 2014 (in chinese). Yuejin Du, Lidong zhai, Yue Li, Zhaopeng Jia: Security Architecture to Deal with APT Attacks:Abonormal Discovery,Journal of Computer Research and Development 51(7),1633--1645, 2014(in chinese).","journal-title":"Journal of Computer Research and Development"},{"key":"e_1_3_2_1_2_1","unstructured":"The Cyber Attack Cycle.{Online}.. Available at: http:\/\/www.lockheedmartin.com\/us\/what-we-do\/aerospace-defense\/cyber\/cyber-kill-chain.html.  The Cyber Attack Cycle.{Online}.. Available at: http:\/\/www.lockheedmartin.com\/us\/what-we-do\/aerospace-defense\/cyber\/cyber-kill-chain.html."},{"key":"e_1_3_2_1_3_1","volume-title":"Breaking Cyber Kill Chains. Tenable Network Security","author":"J. Ranum","year":"2014","unstructured":"J. Ranum M. Breaking Cyber Kill Chains. Tenable Network Security . 2014 . {Online}.. Available at: http:\/\/www.tenable.com\/blog\/breaking-cyber-kill-chains. {Accessed:26- Mar- 2015. J. Ranum M. Breaking Cyber Kill Chains. Tenable Network Security. 2014. {Online}.. Available at: http:\/\/www.tenable.com\/blog\/breaking-cyber-kill-chains. {Accessed:26- Mar- 2015."},{"volume-title":"California: FireEye Inc. Online}. https:\/\/www.fireeye.com\/resources\/pdfs\/fireeye-poison-ivy-report.pdf.{Accessed: 26- Mar- 2015}.","year":"2014","key":"e_1_3_2_1_4_1","unstructured":"FireEye , ( 2014 ). Poison Ivy : Assessing Damage and Extracting Intelligence ( 1st ed., p. 33). California: FireEye Inc. Online}. https:\/\/www.fireeye.com\/resources\/pdfs\/fireeye-poison-ivy-report.pdf.{Accessed: 26- Mar- 2015}. FireEye, (2014). Poison Ivy: Assessing Damage and Extracting Intelligence (1st ed., p. 33). California: FireEye Inc. Online}. https:\/\/www.fireeye.com\/resources\/pdfs\/fireeye-poison-ivy-report.pdf.{Accessed: 26- Mar- 2015}."},{"key":"e_1_3_2_1_5_1","volume-title":"APT Kill chain - Part 3: Reconnaissance -Airbus D&S CyberSecurity blog","author":"Pernet","year":"2014","unstructured":"Pernet C. APT Kill chain - Part 3: Reconnaissance -Airbus D&S CyberSecurity blog . 2014 . {Online}. Available at:http:\/\/blog.cassidiancybersecurity.com\/post\/2014\/05\/APT-Kill-chain-Part-3-%3AReconnaissance. {Accessed: 26-Mar-2015} Pernet C. APT Kill chain - Part 3: Reconnaissance -Airbus D&S CyberSecurity blog. 2014. {Online}. Available at:http:\/\/blog.cassidiancybersecurity.com\/post\/2014\/05\/APT-Kill-chain-Part-3-%3AReconnaissance. {Accessed: 26-Mar-2015}"},{"key":"e_1_3_2_1_6_1","unstructured":"CVE-Common Vulnerabilities and Exposures (CVE). {Online}. Available at: https:\/\/cve.mitre.org.  CVE-Common Vulnerabilities and Exposures (CVE). {Online}. Available at: https:\/\/cve.mitre.org."},{"volume-title":"Proc of the Software Engineering Standards Symposium,2008","author":"Scowe R. S.","key":"e_1_3_2_1_7_1","unstructured":"R. S. Scowe : Extended BNF | A generic base standard , Proc of the Software Engineering Standards Symposium,2008 ,25--34. R. S. Scowe: Extended BNF | A generic base standard, Proc of the Software Engineering Standards Symposium,2008,25--34."}],"event":{"name":"ICNCC 2017: 2017 VI International Conference on Network, Communication and Computing","acronym":"ICNCC 2017","location":"Kunming China"},"container-title":["Proceedings of the 2017 VI International Conference on Network, Communication and Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3171592.3171641","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3171592.3171641","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:02:54Z","timestamp":1750215774000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3171592.3171641"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,12,8]]},"references-count":7,"alternative-id":["10.1145\/3171592.3171641","10.1145\/3171592"],"URL":"https:\/\/doi.org\/10.1145\/3171592.3171641","relation":{},"subject":[],"published":{"date-parts":[[2017,12,8]]},"assertion":[{"value":"2017-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}