{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,2]],"date-time":"2025-11-02T01:18:33Z","timestamp":1762046313877,"version":"build-2065373602"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,26]],"date-time":"2021-11-26T00:00:00Z","timestamp":1637884800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,26]]},"DOI":"10.1145\/3503823.3503884","type":"proceedings-article","created":{"date-parts":[[2022,2,22]],"date-time":"2022-02-22T22:15:51Z","timestamp":1645568151000},"page":"328-333","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["A-DEMO: ATT&CK Documentation, Emulation and Mitigation Operations"],"prefix":"10.1145","author":[{"given":"Stylianos","family":"Karagiannis","sequence":"first","affiliation":[{"name":"PDMFC, Portugal and Department of Informatics, Ionian University, Greece"}]},{"given":"Alexandros","family":"Tokatlis","sequence":"additional","affiliation":[{"name":"DSSLab, National Technical University of Athens, Greece"}]},{"given":"Sotiris","family":"Pelekis","sequence":"additional","affiliation":[{"name":"DSSLab, National Technical University of Athens, Greece"}]},{"given":"Michael","family":"Kontoulis","sequence":"additional","affiliation":[{"name":"DSSLab, National Technical University of Athens, Greece"}]},{"given":"George","family":"Doukas","sequence":"additional","affiliation":[{"name":"DSSLab, National Technical University of Athens, Greece"}]},{"given":"Christos","family":"Ntanos","sequence":"additional","affiliation":[{"name":"DSSLab, National Technical University of Athens, Greece"}]},{"given":"Emmanouil","family":"Magkos","sequence":"additional","affiliation":[{"name":"Department of Informatics, Ionian University, Greece"}]}],"member":"320","published-online":{"date-parts":[[2022,2,22]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Learning the Associations of MITRE ATT & CK Adversarial Techniques. In 2020 IEEE Conference on Communications and Network Security (CNS). IEEE, 1\u20139. https:\/\/doi.org\/10","author":"Al-Shaer Rawan","year":"2020","unstructured":"Rawan Al-Shaer , Jonathan\u00a0 M Spring , and Eliana Christou . 2020 . Learning the Associations of MITRE ATT & CK Adversarial Techniques. In 2020 IEEE Conference on Communications and Network Security (CNS). IEEE, 1\u20139. https:\/\/doi.org\/10 .1109\/CNS48642.2020.9162207 10.1109\/CNS48642.2020.9162207 Rawan Al-Shaer, Jonathan\u00a0M Spring, and Eliana Christou. 2020. Learning the Associations of MITRE ATT & CK Adversarial Techniques. In 2020 IEEE Conference on Communications and Network Security (CNS). IEEE, 1\u20139. https:\/\/doi.org\/10.1109\/CNS48642.2020.9162207"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2891891"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2016.2521727"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_4_1","unstructured":"Attacksim. 2021 . Rootkit r-77: An example of A-DEMO . Retrieved September 30, 2021 from https:\/\/github.com\/attacksim\/A-demo\/wiki\/UC3-rootkit Attacksim. 2021. Rootkit r-77: An example of A-DEMO. Retrieved September 30, 2021 from https:\/\/github.com\/attacksim\/A-demo\/wiki\/UC3-rootkit"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_5_1","unstructured":"Bytecode. 2021 . r77rootkit - Fileless ring 3 rootkit . Retrieved September 10, 2021 from https:\/\/github.com\/bytecode77\/r77-rootkit Bytecode. 2021. r77rootkit - Fileless ring 3 rootkit. Retrieved September 10, 2021 from https:\/\/github.com\/bytecode77\/r77-rootkit"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_6_1","unstructured":"Caldera. 2021 . CALDERA - Scalable Automated Adversary Emulation Platform . Retrieved September 13, 2021 from https:\/\/github.com\/mitre\/caldera Caldera. 2021. CALDERA - Scalable Automated Adversary Emulation Platform. Retrieved September 13, 2021 from https:\/\/github.com\/mitre\/caldera"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.3390\/app11041809"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.35940\/ijitee.B1115.1292S219"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3009748"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3465481.3470475"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.03.015"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3314058.3317728"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_13_1","unstructured":"InfectionMonkey. 2021 . Infection Monkey - An automated pentest tool . Retrieved September 28, 2021 from https:\/\/github.com\/guardicore\/monkey InfectionMonkey. 2021. Infection Monkey - An automated pentest tool. Retrieved September 28, 2021 from https:\/\/github.com\/guardicore\/monkey"},{"key":"e_1_3_2_1_14_1","volume-title":"Retrieved","author":"KALI.","year":"2021","unstructured":"KALI. 2021 . KALI Linux . Retrieved November 14, 2021 from https:\/\/www.kali.org\/ KALI. 2021. KALI Linux. Retrieved November 14, 2021 from https:\/\/www.kali.org\/"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_15_1","unstructured":"Keysight. 2021 . Threat Simulator: Breach and Attack Simulation | Keysight . Retrieved September 28, 2021 from https:\/\/www.keysight.com\/ Keysight. 2021. Threat Simulator: Breach and Attack Simulation | Keysight. Retrieved September 28, 2021 from https:\/\/www.keysight.com\/"},{"volume-title":"Computer and Network Security Essentials","author":"Khan Muhammad\u00a0Salman","key":"e_1_3_2_1_16_1","unstructured":"Muhammad\u00a0Salman Khan , Sana Siddiqui , and Ken Ferens . 2018. A cognitive and concurrent cyber kill chain model . In Computer and Network Security Essentials . Springer , 585\u2013602. https:\/\/doi.org\/10.1007\/978-3-319-58424-9_34 10.1007\/978-3-319-58424-9_34 Muhammad\u00a0Salman Khan, Sana Siddiqui, and Ken Ferens. 2018. A cognitive and concurrent cyber kill chain model. In Computer and Network Security Essentials. Springer, 585\u2013602. https:\/\/doi.org\/10.1007\/978-3-319-58424-9_34"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3465481.3465758"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194877"},{"key":"e_1_3_2_1_20_1","volume-title":"Retrieved","author":"MITRE.","year":"2021","unstructured":"MITRE. 2021 . ATT&CK Framework . Retrieved September 10, 2021 from https:\/\/attack.mitre.org\/ MITRE. 2021. ATT&CK Framework. Retrieved September 10, 2021 from https:\/\/attack.mitre.org\/"},{"key":"e_1_3_2_1_21_1","volume-title":"What is the relationship between ATT&CK and the Lockheed Martin Cyber Kill Chain\u00ae?Retrieved","author":"K\u00ae MITRE.","year":"2021","unstructured":"MITRE. 2021. ATT&C K\u00ae , FAQ | MITRE : What is the relationship between ATT&CK and the Lockheed Martin Cyber Kill Chain\u00ae?Retrieved September 28, 2021 from https:\/\/attack.mitre.org\/resources\/faq\/ MITRE. 2021. ATT&CK\u00ae, FAQ | MITRE: What is the relationship between ATT&CK and the Lockheed Martin Cyber Kill Chain\u00ae?Retrieved September 28, 2021 from https:\/\/attack.mitre.org\/resources\/faq\/"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_22_1","unstructured":"Ncat. 2021 . Ncat - Netcat for the 21st Century . Retrieved November 14, 2021 from https:\/\/nmap.org\/ncat\/ Ncat. 2021. Ncat - Netcat for the 21st Century. Retrieved November 14, 2021 from https:\/\/nmap.org\/ncat\/"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_23_1","unstructured":"Ngrok. 2021 . Ngrok - Secure introspectable tunnels to localhost . Retrieved November 14, 2021 from https:\/\/ngrok.com\/ Ngrok. 2021. Ngrok - Secure introspectable tunnels to localhost. Retrieved November 14, 2021 from https:\/\/ngrok.com\/"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-37228-6_20"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3437120.3437335"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_26_1","unstructured":"Proxychains. 2021 . Proxychains - A Tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy . Retrieved November 14, 2021 from http:\/\/proxychains.sourceforge.net\/ Proxychains. 2021. Proxychains - A Tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Retrieved November 14, 2021 from http:\/\/proxychains.sourceforge.net\/"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_27_1","unstructured":"Rapid7. 2021 . Metasploit Framework . Retrieved November 14, 2021 from https:\/\/github.com\/rapid7\/metasploit-framework Rapid7. 2021. Metasploit Framework. Retrieved November 14, 2021 from https:\/\/github.com\/rapid7\/metasploit-framework"},{"key":"e_1_3_2_1_28_1","volume-title":"A Game Theoretic Software Test-bed for Cyber Security Analysis of Critical Infrastructure.Defence Science Journal 68, 1","author":"Ravishankar Monica","year":"2018","unstructured":"Monica Ravishankar , D\u00a0Vijay Rao , and CRS Kumar . 2018. A Game Theoretic Software Test-bed for Cyber Security Analysis of Critical Infrastructure.Defence Science Journal 68, 1 ( 2018 ). Monica Ravishankar, D\u00a0Vijay Rao, and CRS Kumar. 2018. A Game Theoretic Software Test-bed for Cyber Security Analysis of Critical Infrastructure.Defence Science Journal 68, 1 (2018)."},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_29_1","unstructured":"Social-Engineering-Toolkit. 2021 . Social Engineering Toolkit . Retrieved November 14, 2021 from https:\/\/github.com\/trustedsec\/social-engineer-toolkit Social-Engineering-Toolkit. 2021. Social Engineering Toolkit. Retrieved November 14, 2021 from https:\/\/github.com\/trustedsec\/social-engineer-toolkit"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/EMBC44109.2020.9176698"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SmartCloud49737.2020.00035"},{"key":"e_1_3_2_1_32_1","volume-title":"Mitre att&ck: Design and philosophy. Mitre Product Mp","author":"Strom E","year":"2018","unstructured":"Blake\u00a0 E Strom , Andy Applebaum , Doug\u00a0 P Miller , Kathryn\u00a0 C Nickels , Adam\u00a0 G Pennington , and Cody\u00a0 B Thomas . 2018. Mitre att&ck: Design and philosophy. Mitre Product Mp ( 2018 ), 18\u20130944. Blake\u00a0E Strom, Andy Applebaum, Doug\u00a0P Miller, Kathryn\u00a0C Nickels, Adam\u00a0G Pennington, and Cody\u00a0B Thomas. 2018. Mitre att&ck: Design and philosophy. Mitre Product Mp (2018), 18\u20130944."},{"key":"e_1_3_2_1_33_1","volume-title":"Healthcare Challenges in the Era of Cybersecurity. Health security 18, 3","author":"Tully Jeff","year":"2020","unstructured":"Jeff Tully , Jordan Selzer , James\u00a0 P Phillips , Patrick O\u2019Connor , and Christian Dameff . 2020. Healthcare Challenges in the Era of Cybersecurity. Health security 18, 3 ( 2020 ), 228\u2013231. https:\/\/doi.org\/10.1089\/hs.2019.0123 10.1089\/hs.2019.0123 Jeff Tully, Jordan Selzer, James\u00a0P Phillips, Patrick O\u2019Connor, and Christian Dameff. 2020. Healthcare Challenges in the Era of Cybersecurity. Health security 18, 3 (2020), 228\u2013231. https:\/\/doi.org\/10.1089\/hs.2019.0123"},{"key":"#cr-split#-e_1_3_2_1_34_1.1","doi-asserted-by":"crossref","unstructured":"Wenjun Xiong Emeline Legrand Oscar \u00c5berg and Robert Lagerstr\u00f6m. 2021. Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix. Software and Systems Modeling(2021) 1-21. https:\/\/doi.org\/10.1007\/s10270-021-00898-7 10.1007\/s10270-021-00898-7","DOI":"10.1007\/s10270-021-00898-7"},{"key":"#cr-split#-e_1_3_2_1_34_1.2","doi-asserted-by":"crossref","unstructured":"Wenjun Xiong Emeline Legrand Oscar \u00c5berg and Robert Lagerstr\u00f6m. 2021. Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix. Software and Systems Modeling(2021) 1-21. https:\/\/doi.org\/10.1007\/s10270-021-00898-7","DOI":"10.1007\/s10270-021-00898-7"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.3390\/app10062140"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_36_1","unstructured":"Zenmap. 2021 . Zenmap: The official Nmap Security Scanner GUI . Retrieved November 30, 2021 from https:\/\/nmap.org\/zenmap\/ Zenmap. 2021. Zenmap: The official Nmap Security Scanner GUI. Retrieved November 30, 2021 from https:\/\/nmap.org\/zenmap\/"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2020.3021548"}],"event":{"name":"PCI 2021: 25th Pan-Hellenic Conference on Informatics","acronym":"PCI 2021","location":"Volos Greece"},"container-title":["25th Pan-Hellenic Conference on Informatics"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3503823.3503884","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3503823.3503884","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:31Z","timestamp":1750188631000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3503823.3503884"}},"subtitle":["Deploying and Documenting Realistic Cyberattack Scenarios - A Rootkit Case Study"],"short-title":[],"issued":{"date-parts":[[2021,11,26]]},"references-count":37,"alternative-id":["10.1145\/3503823.3503884","10.1145\/3503823"],"URL":"https:\/\/doi.org\/10.1145\/3503823.3503884","relation":{},"subject":[],"published":{"date-parts":[[2021,11,26]]},"assertion":[{"value":"2022-02-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}