{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T22:53:23Z","timestamp":1777589603295,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,6]],"date-time":"2023-11-06T00:00:00Z","timestamp":1699228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Bill & Melinda Gates Foundation","award":["INV-001309"],"award-info":[{"award-number":["INV-001309"]}]},{"name":"DSTL","award":["PA0000000454"],"award-info":[{"award-number":["PA0000000454"]}]},{"name":"UKRI","award":["EP\/R007195\/1 and EP\/N510129\/1"],"award-info":[{"award-number":["EP\/R007195\/1 and EP\/N510129\/1"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,6]]},"DOI":"10.1145\/3689933.3690834","type":"proceedings-article","created":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T18:26:07Z","timestamp":1731003967000},"page":"23-33","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Automated APT Defense Using Reinforcement Learning and Attack Graph Risk-based Situation Awareness"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8814-5711","authenticated-orcid":false,"given":"Anh Tuan","family":"Le","sequence":"first","affiliation":[{"name":"WMG, University of Warwick, Coventry, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1054-6368","authenticated-orcid":false,"given":"Gregory","family":"Epiphaniou","sequence":"additional","affiliation":[{"name":"WMG, University of Warwick, Coventry, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4715-212X","authenticated-orcid":false,"given":"Carsten","family":"Maple","sequence":"additional","affiliation":[{"name":"WMG, University of Warwick, Coventry, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7498-4589","authenticated-orcid":false,"given":"Konstantinos G.","family":"Kyriakopoulos","sequence":"additional","affiliation":[{"name":"Loughborough University, Loughborough, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5749-2371","authenticated-orcid":false,"given":"Lincoln","family":"Kiarie","sequence":"additional","affiliation":[{"name":"Loughborough University, Loughborough, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7199-8133","authenticated-orcid":false,"given":"Marios","family":"Aristodemou","sequence":"additional","affiliation":[{"name":"Loughborough University, Loughborough, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8503-7651","authenticated-orcid":false,"given":"Iain","family":"Phillips","sequence":"additional","affiliation":[{"name":"Loughborough University, Loughborough, West Midland, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/EWDTS.2019.8884472"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/CAIDA51941.2021.9425343"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/IECON51785.2023.10312570"},{"key":"e_1_3_2_1_4_1","volume-title":"NICE: Network intrusion detection and countermeasure selection in virtual network systems","author":"Chung Chun-Jen","year":"2013","unstructured":"Chun-Jen Chung, Pankaj Khatkar, Tianyi Xing, Jeongkeun Lee, and Dijiang Huang. 2013. NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE transactions on dependable and secure computing, Vol. 10, 4 (2013), 198--211."},{"key":"e_1_3_2_1_5_1","volume-title":"Deep reinforcement learning for cyber system defense under dynamic adversarial uncertainties. arXiv preprint arXiv:2302.01595","author":"Dutta Ashutosh","year":"2023","unstructured":"Ashutosh Dutta, Samrat Chatterjee, Arnab Bhattacharya, and Mahantesh Halappanavar. 2023. Deep reinforcement learning for cyber system defense under dynamic adversarial uncertainties. arXiv preprint arXiv:2302.01595 (2023)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-75650-9_19"},{"key":"e_1_3_2_1_7_1","volume-title":"A comprehensive detection method for the lateral movement stage of apt attacks","author":"He Daojing","year":"2023","unstructured":"Daojing He, Hongjie Gu, Shanshan Zhu, Sammy Chan, and Mohsen Guizani. 2023. A comprehensive detection method for the lateral movement stage of apt attacks. IEEE Internet of Things Journal (2023)."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103150"},{"key":"e_1_3_2_1_9_1","volume-title":"Valeria Cardellini, and Ioana Banicescu.","author":"Iannucci Stefano","year":"2019","unstructured":"Stefano Iannucci, Ovidiu Daniel Barba, Valeria Cardellini, and Ioana Banicescu. 2019. A performance evaluation of deep reinforcement learning for model-based intrusion response. In 2019 ieee 4th international workshops on foundations and applications of self* systems (fas* w). IEEE, 158--163."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2010.21"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/PDP.2016.96"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-022-06959-2"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.orgel.2018.02.029"},{"key":"e_1_3_2_1_14_1","unstructured":"MITRE. 2024. MITRE ATT&CK. https:\/\/attack.mitre.org\/."},{"key":"e_1_3_2_1_15_1","unstructured":"MITRE. 2024. MITRE CALDERA. https:\/\/caldera.readthedocs.io\/en\/latest\/."},{"key":"e_1_3_2_1_16_1","unstructured":"MITRE. 2024. Sandworm profile - MITRE. https:\/\/attack.mitre.org\/groups\/G0034\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Xinming Ou Sudhakar Govindavajhala Andrew W Appel et al. 2005. MulVAL: A logic-based network security analyzer.. In USENIX security symposium Vol. 8. Baltimore MD 113--128."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2016.87"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2459976.2459988"},{"key":"e_1_3_2_1_20_1","volume-title":"Heuristic approach towards countermeasure selection using attack graphs. arXiv preprint arXiv:1906.10943","author":"Stan Orly","year":"2019","unstructured":"Orly Stan, Ron Bitton, Michal Ezrets, Moran Dadon, Masaki Inokuchi, Yoshinobu Ohta, Tomohiko Yagyu, Yuval Elovici, and Asaf Shabtai. 2019. Heuristic approach towards countermeasure selection using attack graphs. arXiv preprint arXiv:1906.10943 (2019)."},{"key":"e_1_3_2_1_21_1","volume-title":"Quantification of Cyber Risk for Actuaries: An Economic-Functional Approach","author":"Tatar Unal","year":"2020","unstructured":"Unal Tatar, Omer Keskin, Hayretdin Bahsi, and Cesar A Pinto. 2020. Quantification of Cyber Risk for Actuaries: An Economic-Functional Approach. Society of Actuaries (2020)."},{"key":"e_1_3_2_1_22_1","unstructured":"Wazuh. 2024. Wazuh - Open Source XDR. https:\/\/wazuh.com\/."},{"key":"e_1_3_2_1_23_1","volume-title":"Toward cost-sensitive self-optimizing anomaly detection and response in autonomic networks. computers & security","author":"Zhang Zonghua","year":"2011","unstructured":"Zonghua Zhang, Farid Na\"it-Abdesselam, Pin-Han Ho, and Youki Kadobayashi. 2011. Toward cost-sensitive self-optimizing anomaly detection and response in autonomic networks. computers & security, Vol. 30, 6--7 (2011), 525--537."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Workshop on Autonomous Cybersecurity"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689933.3690834","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689933.3690834","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T18:42:24Z","timestamp":1755974544000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689933.3690834"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,6]]},"references-count":23,"alternative-id":["10.1145\/3689933.3690834","10.1145\/3689933"],"URL":"https:\/\/doi.org\/10.1145\/3689933.3690834","relation":{},"subject":[],"published":{"date-parts":[[2023,11,6]]},"assertion":[{"value":"2024-11-07","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}