{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,20]],"date-time":"2025-12-20T22:26:04Z","timestamp":1766269564957,"version":"3.37.3"},"reference-count":195,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T00:00:00Z","timestamp":1565654400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T00:00:00Z","timestamp":1565654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100011710","name":"Shaanxi Provincial Science and Technology Department","doi-asserted-by":"crossref","award":["2013K1117"],"award-info":[{"award-number":["2013K1117"]}],"id":[{"id":"10.13039\/501100011710","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Xi'an Polytechnic University doctoral research start-up fund","award":["20170914"],"award-info":[{"award-number":["20170914"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Wireless Com Network"],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1186\/s13638-019-1506-1","type":"journal-article","created":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T14:24:10Z","timestamp":1565706250000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":45,"title":["Analysis framework of network security situational awareness and comparison of implementation methods"],"prefix":"10.1186","volume":"2019","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5326-9327","authenticated-orcid":false,"given":"Yan","family":"Li","sequence":"first","affiliation":[]},{"given":"Guang-qiu","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Chun-zi","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Ying-chao","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,8,13]]},"reference":[{"key":"1506_CR1","unstructured":"China Information Yearbook 2014[M], Editorial board of China Information Yearbook (Publication of the electronics industry, 2015)"},{"key":"1506_CR2","volume-title":"Fuzz-revisited: a re-examination of the reliability of UNIX utilities and services","author":"BP Miller","year":"2001","unstructured":"Miller B P. Fuzz-revisited: a re-examination of the reliability of UNIX utilities and services. ftp:\/\/grilled.cs.wisc.edu\/technical_papers\/fuzz-revisited.ps.Z , 2001."},{"key":"1506_CR3","unstructured":"S.E. Smaha, Haystack: an intrusion detection system[A]. Aerospace Computer Security Applications Conference[C] (IEEE, 2002), pp. 37\u201344"},{"key":"1506_CR4","first-page":"26","volume-title":"Computer security threat monitoring and surveillance[A]","author":"JP Anderson","year":"1980","unstructured":"J.P. Anderson, Computer security threat monitoring and surveillance[A] (James P Anderson Co Fort [C], Washington, 1980), pp. 26\u201332"},{"key":"1506_CR5","doi-asserted-by":"crossref","unstructured":"C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis[A] (The Workshop on New Security Paradigms[C]. IEEE, 1998), pp. 71\u201379","DOI":"10.1145\/310889.310919"},{"key":"1506_CR6","unstructured":"R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities[A] (Proceedings of IEEE Symposium on Security and Privacy[C]. IEEE, 2000), pp. 156\u2013165"},{"key":"1506_CR7","unstructured":"T. Bass, Multisensor data fusion for next generation distributed intrusion detection systems[A] (Proceedings of the Iris National Symposium on Sensor & Data Fusion[C]. Hopkins University Applied Physics Laboratory, 1999), pp. 24\u201327"},{"issue":"4","key":"1506_CR8","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1145\/332051.332079]","volume":"43","author":"T Bass","year":"2000","unstructured":"T. Bass, Intrusion systems and multisensor data fusion: creating cyberspace situation awareness. Commun. ACM 43(4), 99\u2013105 (2000). https:\/\/doi.org\/10.1145\/332051.332079]","journal-title":"Commun. ACM"},{"key":"1506_CR9","unstructured":"J. Mcdermott, Attack-potential-based survivability modeling for high-consequence systems[A] (IEEE International Workshop on Information Assurance[C]. IEEE Comp. Soc, 2005), pp. 119\u2013130"},{"issue":"33","key":"1506_CR10","first-page":"1748","volume":"33","author":"W Yuanzhuo","year":"2010","unstructured":"W. Yuanzhuo, L. Chuang, C. Xueqi, et al., Analysis for network attack-defense based on stochastic game model[J]. Chin. J. Comput. Phys. 33(33), 1748\u20131762 (2010)","journal-title":"Chin. J. Comput. Phys."},{"issue":"1","key":"1506_CR11","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"N. Poolsappasit, R. Dewri, I. Ray, Dynamic security risk management using Bayesian attack graphs[J]. Dependable Secure Comput. 9(1), 61\u201374 (2012)","journal-title":"Dependable Secure Comput."},{"issue":"2","key":"1506_CR12","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/s101110050031","volume":"2","author":"J Theureau","year":"2000","unstructured":"J. Theureau, Nuclear reactor control room simulators: human factors research and development[J]. Cogn. Tech. Work 2(2), 97\u2013105 (2000)","journal-title":"Cogn. Tech. Work"},{"issue":"1","key":"1506_CR13","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1177\/154193128803200221","volume":"32","author":"MR Endsley","year":"1988","unstructured":"M.R. Endsley, Design and evaluation for situation awareness enhancement[J]. Proceed. Hum. Factors Ergon. Soc. Ann. Meet. 32(1), 97\u2013101 (1988)","journal-title":"Proceed. Hum. Factors Ergon. Soc. Ann. Meet."},{"issue":"1","key":"1506_CR14","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1518\/001872095779049543","volume":"37","author":"MR Endsley","year":"1995","unstructured":"M.R. Endsley, Toward a theory of situation awareness in dynamic systems[J]. Hum. Factors 37(1), 32\u201364 (1995)","journal-title":"Hum. Factors"},{"key":"1506_CR15","unstructured":"Boyd J R. A Discourse on Winning and Losing[C]\/\/ Strategic game of 1987."},{"key":"1506_CR16","doi-asserted-by":"crossref","unstructured":"G.P. Tadda, J.S. Salerno, Overview of cyber situation awareness. Cyber Situational Awareness[M] (Springer US, 2010), pp. 15\u201335","DOI":"10.1007\/978-1-4419-0140-8_2"},{"issue":"8","key":"1506_CR17","first-page":"2099","volume":"27","author":"XW Liu","year":"2016","unstructured":"X.W. Liu, H.Q. Wang, H.W. L\u00fc, J.G. Yu, S.W. Zhang, Fusion-based cognitive awareness-control model for network security situation[J]. J. Soft. 27(8), 2099\u20132114 (2016)","journal-title":"J. Soft."},{"key":"1506_CR18","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2014.06.008","volume":"46","author":"U Franke","year":"2014","unstructured":"U. Franke, J. Brynielsson, Cyber situational awareness a systematic review of the literature. Comput. Secur. 46, 18\u201331 (2014). https:\/\/doi.org\/10.1016\/j.cose.2014.06.008","journal-title":"Comput. Secur."},{"issue":"4","key":"1506_CR19","first-page":"1010","volume":"28","author":"J Gong","year":"2017","unstructured":"J. Gong, X.D. Zang, Q. Su, X.Y. Hu, J. Xu, Survey of network security situation awareness[J]. J. Softw 28(4), 1010\u20131026 (2017)","journal-title":"J. Softw"},{"issue":"2","key":"1506_CR20","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1109\/TSE.1987.232894","volume":"13","author":"DE Denning","year":"1987","unstructured":"D.E. Denning, An intrusion-detection model. IEEE Trans. Softw. Eng 13(2), 222\u2013232 (1987)","journal-title":"IEEE Trans. Softw. Eng"},{"issue":"8","key":"1506_CR21","doi-asserted-by":"publisher","first-page":"805","DOI":"10.1016\/S1389-1286(98)00017-6","volume":"31","author":"H Debar","year":"1999","unstructured":"H. Debar, M. Dacicr, Andreas wespi towards taxonomy of intrusion-detection systems. Comput. Netw 31(8), 805\u2013822 (1999)","journal-title":"Comput. Netw"},{"key":"1506_CR22","unstructured":"http:\/\/www.cs.ucsb.edu\/~kemm\/NetSTAT\/documents.html ."},{"issue":"1","key":"1506_CR23","doi-asserted-by":"publisher","first-page":"37","DOI":"10.3233\/JCS-1999-7103","volume":"7","author":"G Vigna","year":"1999","unstructured":"G. Vigna, R.A. Kemmerer, NetSTAT: a network-based intrusion detection system. Journal of Computer Security 7(1), 37\u201371 (1999)","journal-title":"Journal of Computer Security"},{"key":"1506_CR24","unstructured":"http:\/\/www.cs.purdue.edu\/coast\/projects\/aafid.html ."},{"issue":"3","key":"1506_CR25","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1109\/65.283931","volume":"8","author":"B. Mukherjee","year":"1994","unstructured":"B. Mukherjee, L.T. Heberlein, Network Intrusion Detection[M]. IEEE Netw., 26\u201341 (1994)","journal-title":"IEEE Network"},{"issue":"10","key":"1506_CR26","doi-asserted-by":"publisher","first-page":"2746","DOI":"10.3724\/SP.J.1001.2008.02746","volume":"19","author":"J Shi","year":"2008","unstructured":"J. Shi, S.Q. Guo, Y. Lu, L. Xie, An intrusion response method based on attack graph. J. Softw. 19(10), 2746\u20132753 (2008)","journal-title":"J. Softw."},{"issue":"37","key":"1506_CR27","first-page":"1184","volume":"5","author":"ZH Tian","year":"2014","unstructured":"Z.H. Tian, X.Z. Yu, H.L. Zhang, B.X. Fang, A real time network intrusion forensics method based on evidence reasoning network. Chin. J. Comput. Phys. 5(37), 1184\u20131193 (2014)","journal-title":"Chin. J. Comput. Phys."},{"issue":"12","key":"1506_CR28","doi-asserted-by":"publisher","first-page":"2132","DOI":"10.1360\/jos162132","volume":"16","author":"XH Bao","year":"2005","unstructured":"X.H. Bao, Y.X. Dai, P.H. Feng, P.F. Zhu, J. Wei, A detection and forecast algorithm for multi-step attack based on intrusion intention. J. Softw. 16(12), 2132\u20132138 (2005)","journal-title":"J. Softw."},{"issue":"3","key":"1506_CR29","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1109\/32.372146","volume":"21","author":"K Ilgun","year":"1995","unstructured":"K. Ilgun, R.A. Kemmerer, P.A. Porras, State transition analysis: a rule-based intrusion detection approach. IEEE Trans. Softw. Eng. 21(3), 181\u2013199 (1995)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"1506_CR30","unstructured":"T. Bass, R. Robichaux, in Proc. of the Communications for Network-Centric Operations: Creating the Information Force (MILCOM). Defense-in-depth revisited: qualitative risk analysis methodology for complex network-centric operations (IEEE, 2001), pp. 64\u201370"},{"key":"1506_CR31","volume-title":"Distributed intrusion detection and attack containment for organizational cyber security","author":"SG Batsell","year":"2005","unstructured":"Batsell S G, Rao N S, Shankar M . Distributed intrusion detection and attack containment for organizational cyber security. http:\/\/www.ioc.ornl.gov\/projects\/documents\/containment.pdf , 2005"},{"issue":"1","key":"1506_CR32","first-page":"13","volume":"3","author":"J Shifflet","year":"2005","unstructured":"J. Shifflet, A technique independent fusion model for network intrusion detection. Proceedings of the Midstates Conference on Undergraduate Research in Computer Science and Mathematics 3(1), 13\u201319 (2005)","journal-title":"Proceedings of the Midstates Conference on Undergraduate Research in Computer Science and Mathematics"},{"key":"1506_CR33","unstructured":"R. Bearavolu, K. Lakkaraju, W. Yurcik, NVisionIP: an animated state analysis tool for visualizing NetFlows (FLOCON Network Flow Analysis Work shop (Network Flow Analysis for Security Situational Awareness), 2005)"},{"key":"1506_CR34","unstructured":"X. Yin, W. Yurcik, A. Slagell, The design of VisFlowConnect-IP: a link analysis system for IP security situational awareness[A] (IEEE International Workshop on Information Assurance[C]. IEEE, 2005), pp. 141\u2013153"},{"key":"1506_CR35","unstructured":"Z. Li, J. Taylor, E. Partridge, et al., UCLog: A unified, correlated logging architecture for intrusion detection[J] (Telecommunication Systems \u2013 TELSYS, 2004), pp. 12\u201327"},{"key":"1506_CR36","doi-asserted-by":"crossref","unstructured":"Endsley, M. R. and Garland D.J(Eds.)(2000) Situation awareness analysis and measurement. Mahwah: Lawrence Erlbaum Associates.","DOI":"10.1201\/b12461"},{"key":"1506_CR37","doi-asserted-by":"crossref","unstructured":"J. Kopylec, A. D'Amico, J. Goodall, in Critical Infrastructure Protection[M]. Visualizing cascading failures in critical cyber infrastructures (Springer US, 2007), pp. 351\u2013364","DOI":"10.1007\/978-0-387-75462-8_25"},{"key":"1506_CR38","doi-asserted-by":"crossref","unstructured":"Goodall J R. Introduction to visualization for computer security[A]. The Workshop on Vizsec[C]. DBLP, 2008.1-17.","DOI":"10.1007\/978-3-540-78243-8_1"},{"key":"1506_CR39","doi-asserted-by":"crossref","unstructured":"Jajodia S, Liu P, Swarup V, et al. Cyber situational awareness[M]. Springer US, 2010.132(2):1-4.","DOI":"10.1007\/978-1-4419-0140-8"},{"issue":"5","key":"1506_CR40","first-page":"1","volume":"7710","author":"NA Giacobe","year":"2010","unstructured":"N.A. Giacobe, Application of the JDL data fusion process model for cyber security[J]. Proc Spie 7710(5), 1\u201310 (2010)","journal-title":"Proc Spie"},{"key":"1506_CR41","doi-asserted-by":"crossref","unstructured":"Klein G, Tolle J, Martini P. From detection to reaction - a holistic approach to cyber defense[A]. Defense Science Research Conference and Expo[C]. IEEE, 2011.1-4.","DOI":"10.1109\/DSR.2011.6026824"},{"key":"1506_CR42","doi-asserted-by":"crossref","unstructured":"S. Schreiber-Ehle, W. Koch, The JDL model of data fusion applied to cyber defense - a review paper[A] (Sensor Data Fusion: Trends, Solutions, Applications[C]. IEEE, 2012), pp. 116\u2013119","DOI":"10.1109\/SDF.2012.6327919"},{"issue":"1","key":"1506_CR43","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1109\/TII.2012.2198666","volume":"9","author":"M Cheminod","year":"2013","unstructured":"M. Cheminod, L. Durante, A. Valenzano, Review of security issues in industrial networks[J]. IEEE Trans. Ind. Inf. 9(1), 277\u2013293 (2013)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"1506_CR44","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2014.06.008","volume":"46","author":"U Franke","year":"2014","unstructured":"U. Franke, J. Brynielsson, Cyber situational awareness \u2013 a systematic review of the literature[J]. Comput. Sec. 46, 18\u201331 (2014)","journal-title":"Comput. Sec."},{"issue":"2","key":"1506_CR45","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1109\/MSP.2015.30","volume":"13","author":"V Lenders","year":"2015","unstructured":"V. Lenders, A. Tanner, A. Blarer, Gaining an edge in cyberspace with advanced situational awareness[J]. IEEE Secur. Priv. 13(2), 65\u201374 (2015)","journal-title":"IEEE Secur. Priv."},{"key":"1506_CR46","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1016\/j.ins.2017.08.063","volume":"421","author":"S Rathore","year":"2017","unstructured":"S. Rathore, P.K. Sharma, V. Loia, Y.-S. Jeong, J.H. Park, Social network security: issues, challenges, threats, and solutions. Inf. Sci 421, 43\u201369 (2017)","journal-title":"Inf. Sci"},{"issue":"4","key":"1506_CR47","doi-asserted-by":"publisher","first-page":"583","DOI":"10.1016\/j.isatra.2007.04.003","volume":"46","author":"PA Ralston","year":"2007","unstructured":"P.A. Ralston, J.H. Graham, J.L. Hieb, Cyber security risk assessment for SCADA and DCS networks[J]. ISA Trans. 46(4), 583\u2013594 (2007)","journal-title":"ISA Trans."},{"key":"1506_CR48","doi-asserted-by":"crossref","unstructured":"P. Barford, M. Dacier, T.G. Dietterich, M. Fredrikson, J. Giffin, S. Jajodia, et al., in Cyber Situational Awareness. Cyber SA: situational awareness for cyber defense (Springer, 2010), pp. 3\u201313","DOI":"10.1007\/978-1-4419-0140-8_1"},{"key":"1506_CR49","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/SURV.2011.122211.00162","volume":"15","author":"AG Fragkiadakis","year":"2013","unstructured":"A.G. Fragkiadakis, E.Z. Tragos, I.G. Askoxylakis, A survey on security threats and detection techniques in cognitive radio networks. IEEE Comm. Surveys Tutorials 15, 1 (2013)","journal-title":"IEEE Comm. Surveys Tutorials"},{"key":"1506_CR50","volume-title":"Proceedings \u2013 IEEE Military Communications Conference MILCOM","author":"D King","year":"2012","unstructured":"D. King, G. Orlando, J. Kohler, in Proceedings \u2013 IEEE Military Communications Conference MILCOM. A case for trusted sensors: encryptors with deep packet inspection capabilities (2012)"},{"issue":"1","key":"1506_CR51","doi-asserted-by":"publisher","first-page":"472","DOI":"10.1109\/SURV.2012.062612.00056","volume":"15","author":"X Liang","year":"2013","unstructured":"X. Liang, Y. Xiao, Game theory for network security[J]. IEEE Commun. Surv. Tutorials 15(1), 472\u2013486 (2013)","journal-title":"IEEE Commun. Surv. Tutorials"},{"issue":"3","key":"1506_CR52","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/2480741.2480742","volume":"45","author":"MH Manshaei","year":"2013","unstructured":"M.H. Manshaei, Q.Y. Zhu, T. Alpcan, et al., Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25 (2013)","journal-title":"ACM Comput. Surv."},{"key":"1506_CR53","unstructured":"H. He, Y. Shuping, P. Wu, in Proceedings e2009 International Conference on Information Engineering and Computer Science. Security decision making based on domain partitional Markov decision process (ICIECS, 2009), p. 2009"},{"key":"1506_CR54","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1007\/978-3-642-39454-6_10","volume-title":"Foundations of Augmented Cognition[M]","author":"S Stevens-Adams","year":"2013","unstructured":"S. Stevens-Adams, A. Carbajal, A. Silva, et al., in Foundations of Augmented Cognition[M]. Enhanced training for cyber situational awareness (Springer, Berlin Heidelberg, 2013), pp. 90\u201399"},{"issue":"4","key":"1506_CR55","doi-asserted-by":"publisher","first-page":"571","DOI":"10.1093\/jigpal\/jzs034","volume":"21","author":"S Roschke","year":"2013","unstructured":"S. Roschke, F. Cheng, C. Meinel, High-quality attack graph-based IDS correlation[J]. Log. J. IGPL 21(4), 571\u2013591 (2013)","journal-title":"Log. J. IGPL"},{"key":"1506_CR56","first-page":"123","volume-title":"2011 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2011","author":"J Preden","year":"2011","unstructured":"J. Preden, L. Motus, M. Meriste, A. Riid, in 2011 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support, CogSIMA 2011. Situation awareness for networked systems (2011), pp. 123\u2013130"},{"key":"1506_CR57","first-page":"8385","volume-title":"Proceedings of SPIE - The International Society for Optical Engineering","author":"Y Cheng","year":"2012","unstructured":"Y. Cheng, Y. Sagduyu, J. Deng, J. Li, P. Liu, in Proceedings of SPIE - The International Society for Optical Engineering. Integrated situational awareness for cyber attack detection, analysis, and mitigation (2012), p. 8385"},{"key":"1506_CR58","unstructured":"M.L. Hinman, Some computational approaches for situation assessment and impact assessment[A] (International Conference on Information Fusion[C]. IEEE, 2002), pp. 687\u2013693"},{"key":"1506_CR59","first-page":"387","volume-title":"Security situation assessment and response evaluation (SSARE)\/\/DISCEX'O1. Proceedings: DARPA Information Survivability Conference & Exposition II","author":"B D\u2019 Amhrosio","year":"2001","unstructured":"B. D\u2019 Amhrosio, Security situation assessment and response evaluation (SSARE)\/\/DISCEX'O1. Proceedings: DARPA Information Survivability Conference & Exposition II (IPPP Computer Society, Los Alamitos, 2001), pp. 387\u2013394"},{"key":"1506_CR60","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1109\/MINES.2009.130","volume-title":"1st International Conference on Multimedia Information Networking and Security, MINES 2009","author":"H Hu","year":"2009","unstructured":"H. Hu, X. Wang, X. Yang, in 1st International Conference on Multimedia Information Networking and Security, MINES 2009. A decision-support model for information systems based on situational awareness, vol 2 (2009), pp. 405\u2013408"},{"key":"1506_CR61","first-page":"217","volume-title":"ACM Conference on Computer and Communications Security 2002[C]","author":"P Ammann","year":"2002","unstructured":"P. Ammann, D. Wijesekera, S. Kaushik, in ACM Conference on Computer and Communications Security 2002[C]. Scalable, graph-based network vulnerability analysis[A] (DBLP, Washington DC, 2002), pp. 217\u2013224"},{"key":"1506_CR62","first-page":"1146","volume-title":"Proceedings of 2009 4th International Conference on Computer Science and Education, ICCSE 2009","author":"T Ke","year":"2009","unstructured":"T. Ke, M.-T. Zhou, W.-Y. Wang, in Proceedings of 2009 4th International Conference on Computer Science and Education, ICCSE 2009. Insider cyber threat situational awareness framwork using dynamic bayesian networks (2009), pp. 1146\u20131150"},{"issue":"3","key":"1506_CR63","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/s10878-009-9285-y","volume":"22","author":"J-Y Cai","year":"2011","unstructured":"J.-Y. Cai, V. Yegneswaran, C. Alfeld, P. Barford, Honeynet games: a game theoretic approach to defending network monitors. J Comb Optim 22(3), 305\u2013324 (2011)","journal-title":"J Comb Optim"},{"key":"1506_CR64","doi-asserted-by":"crossref","unstructured":"T.G. Dietterich, X. Bao, V. Keiser, et al., in Cyber Situational Awareness[M]. Machine learning methods for high level cyber situation awareness (Springer US, 2010), pp. 227\u2013247","DOI":"10.1007\/978-1-4419-0140-8_11"},{"key":"1506_CR65","doi-asserted-by":"crossref","unstructured":"P. Barford, Y. Chen, A. Goyal, Z. Li, V. Paxson, V. Yegneswaran, in Cyber Situational Awareness. Employing honeynets for network situational awareness (Springer, 2010), pp. 71\u2013102","DOI":"10.1007\/978-1-4419-0140-8_5"},{"key":"1506_CR66","volume-title":"FUSION 2007-2007 10th International Conference on Information Fusion","author":"A Stotz","year":"2007","unstructured":"A. Stotz, M. Sudit, in FUSION 2007-2007 10th International Conference on Information Fusion. Information fusion engine for real-time decision-making (inferd): a perceptual system for cyber attack tracking (2007)"},{"issue":"1","key":"1506_CR67","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1016\/j.inffus.2012.02.006","volume":"14","author":"R Dapoigny","year":"2013","unstructured":"R. Dapoigny, P. Barlatier, et al., Formal foundations for situation awareness based on dependent type theory[J]. Information Fusion 14(1), 87\u2013107 (2013)","journal-title":"Information Fusion"},{"key":"1506_CR68","first-page":"1152e7","volume-title":"Proceedings e IEEE Military Communications Conference MILCOM","author":"W Streilein","year":"2011","unstructured":"W. Streilein, J. Truelove, C. Meiners, G. Eakman, in Proceedings e IEEE Military Communications Conference MILCOM. Cyber situational awareness through operational streaming analysis (2011), p. 1152e7"},{"key":"1506_CR69","doi-asserted-by":"crossref","unstructured":"J. Li, X. Ou, R. Rajagopalan, in Cyber Situational Awareness. Uncertainty and risk management in cyber situational awareness (Springer, 2010), pp. 51\u201368","DOI":"10.1007\/978-1-4419-0140-8_4"},{"issue":"1","key":"1506_CR70","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/JSTSP.2012.2237381","volume":"7","author":"R Paffenroth","year":"2013","unstructured":"R. Paffenroth, P.D. Toit, R. Nong, et al., Space-time signal processing for distributed pattern detection in sensor networks[J]. IEEE J. Sel. Top. Sign. Proces. 7(1), 38\u201349 (2013)","journal-title":"IEEE J. Sel. Top. Sign. Proces."},{"key":"1506_CR71","doi-asserted-by":"crossref","unstructured":"M.L. Mathews, P. Halvorsen, A. Joshi, et al., in International Conference on Collaborative Computing: Networking, Applications and Worksharing[C]. A collaborative approach to situational awareness for cybersecurity[A] (IEEE, 2012), pp. 216\u2013222","DOI":"10.4108\/icst.collaboratecom.2012.250794"},{"key":"1506_CR72","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TDSC.2014.3","volume":"11","author":"L Wang","year":"2014","unstructured":"L. Wang, Sushil Jajodia. k-zero day safety: a network security metric for measuring the risk of unknown vulnerabilities. IEEE Transac. Depend Secure Comput 11, 1 (2014)","journal-title":"IEEE Transac. Depend Secure Comput"},{"key":"1506_CR73","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1016\/j.ress.2016.12.015","volume":"161","author":"F Sanfilippo","year":"2017","unstructured":"F. Sanfilippo, A multi-sensor fusion framework for improving situational awareness in demanding maritime training[J]. Reliab. Eng. Syst. Saf. 161, 12\u201324 (2017)","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"1506_CR74","volume-title":"Proceedings of SPIE e The International Society for Optical Engineering","author":"D Shen","year":"2007","unstructured":"D. Shen, G. Chen, J. Cruz Jr., L. Haynes, M. Kruger, E. Blasch, in Proceedings of SPIE e The International Society for Optical Engineering. A markov game theoretic data fusion approach for cyber situational awareness, vol 6571 (2007)"},{"key":"1506_CR75","unstructured":"Renaud Deraison. Nessus Scanner. http:\/\/www.nessus.org . [EB\/OL].2004."},{"key":"1506_CR76","doi-asserted-by":"crossref","unstructured":"R. amassia, B. Palazzi, C. Papamanthou, in Graph Drawing[C]. Graph drawing for security visualization[A] (Springer, 2009), pp. 2\u201313","DOI":"10.1007\/978-3-642-00219-9_2"},{"key":"1506_CR77","volume-title":"Proceedings of SPIE e The International Society for Optical Engineering","author":"J Beaver","year":"2011","unstructured":"J. Beaver, C. Steed, R. Patton, X. Cui, M. Schultz, in Proceedings of SPIE e The International Society for Optical Engineering. Visualization techniques for computer network defense, vol 8019 (2011)"},{"key":"1506_CR78","first-page":"17","volume-title":"ACM International Conference Proceeding Series","author":"R Erbacher","year":"2012","unstructured":"R. Erbacher, in ACM International Conference Proceeding Series. Visualization design for immediate high-level situational assessment (2012), pp. 17\u201324"},{"issue":"2","key":"1506_CR79","doi-asserted-by":"publisher","first-page":"1216","DOI":"10.1109\/TSG.2013.2238261","volume":"4","author":"KJ Ross","year":"2013","unstructured":"K.J. Ross, K.M. Hopkinson, M. Pachter, Using a distributed agent-based communication enabled special protection system to enhance smart grid security[J]. IEEE Transactions on Smart Grid 4(2), 1216\u20131224 (2013)","journal-title":"IEEE Transactions on Smart Grid"},{"key":"1506_CR80","first-page":"51","volume-title":"Twenty-Seventh Computer Security Applications Conference[C]","author":"A Doup\u00e9","year":"2011","unstructured":"A. Doup\u00e9, M. Egele, B. Caillat, et al., in Twenty-Seventh Computer Security Applications Conference[C]. Hit \u2018em where it hurts: a live security exercise on cyber situational awareness[A] (DBLP, Orlando, 2011), pp. 51\u201361"},{"key":"1506_CR81","doi-asserted-by":"publisher","first-page":"656","DOI":"10.1007\/978-3-642-39454-6_70","volume-title":"Foundations of Augmented Cognition [M]","author":"G Fink","year":"2013","unstructured":"G. Fink, D. Best, D. Manz, et al., in Foundations of Augmented Cognition [M]. Gamification for measuring cyber security situational awareness (Springer, Berlin Heidelberg, 2013), pp. 656\u2013665"},{"key":"1506_CR82","doi-asserted-by":"crossref","unstructured":"S. Lee, D.H. Lee, K.J. Kim, in Frontiers of High Performance Computing and NetworkingeISPA 2006 Workshops. A conceptual design of knowledge-based real-time cyber-threat early warning system (Springer, 2006), pp. 1006\u20131017","DOI":"10.1007\/11942634_103"},{"key":"1506_CR83","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1007\/978-3-642-33161-9_46","volume":"318","author":"G Klein","year":"2012","unstructured":"G. Klein, H. G\u00fcnther, S. Tr\u00e4ber, Modularizing cyber defense situational awareness \u2013 technical integration before human understanding[J]. Commu. Comp. Inform. Sci 318, 307\u2013310 (2012)","journal-title":"Commu. Comp. Inform. Sci"},{"key":"1506_CR84","doi-asserted-by":"crossref","unstructured":"A. D\u2019Amico, K. Whitley, The real work of computer network defense analysts[A] (The Workshop on Vizsec[C]. DBLP, 2008), pp. 19\u201337","DOI":"10.1007\/978-3-540-78243-8_2"},{"issue":"3","key":"1506_CR85","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1057\/ivs.2010.5","volume":"9","author":"RF Erbacher","year":"2010","unstructured":"R.F. Erbacher, D.A. Frincke, P.C. Wong, et al., A multi-phase network situational awareness cognitive task analysis[J]. Inform. Visual. 9(3), 204\u2013219 (2010)","journal-title":"Inform. Visual."},{"key":"1506_CR86","unstructured":"K. Giles, W. Hagestad, Divided by a common language: cyber definitions in Chinese, Russian and English[A] (International Conference on Cyber Conflict[C]. IEEE, 2013), pp. 1\u201317"},{"key":"1506_CR87","doi-asserted-by":"crossref","unstructured":"U. Adhikari, T.H. Morris, N. Dahal, et al., Development of power system test bed for data mining of synchrophasors data, cyber-attack and relay testing in RTDS[A] (Power and Energy Society General Meeting[C]. IEEE, 2012), pp. 1\u20137","DOI":"10.1109\/PESGM.2012.6345109"},{"issue":"1","key":"1506_CR88","doi-asserted-by":"publisher","first-page":"22e33","DOI":"10.1109\/TNSM.2011.110811.110122","volume":"9","author":"U Franke","year":"2012","unstructured":"U. Franke, Optimal IT service availability: shorter outages, or fewer? Netw. Serv. Manag. IEEE. Transactions. 9(1), 22e33 (2012)","journal-title":"Netw. Serv. Manag. IEEE. Transactions."},{"key":"1506_CR89","doi-asserted-by":"crossref","unstructured":"I.A. Kirillov, S.A. Metcherin, S.V. Klimenko, Metamodel of shared situation awareness for resilience management of built environment[A] (International Conference on Cyberworlds[C]. IEEE, 2012), pp. 137\u2013143","DOI":"10.1109\/CW.2012.26"},{"key":"1506_CR90","doi-asserted-by":"crossref","unstructured":"K. Adams, A. Wassell, M.G. Ceruti, et al., Emergency-management situational-awareness prototype (EMSAP)[A] (IEEE First International Multi-disciplinary Conference on Cognitive Methods in Situation Awareness & Decision Support[C]. IEEE, 2011), pp. 110\u2013114","DOI":"10.1109\/COGSIMA.2011.5753427"},{"key":"1506_CR91","unstructured":"X. Jinping, Speech at the Symposium on Internet Security and information technology (April 19, 2016) [N] (people\u2019s daily, 2016), p. 2"},{"issue":"2","key":"1506_CR92","first-page":"129","volume":"37","author":"S Changxiang","year":"2007","unstructured":"S. Changxiang, Z. Huanguo, F. Dengguo, C. Zhenfu, H. Jiwu, Overview of information security[J]. Sci. Chin. Ser. E. Inform. Sci. 37(2), 129\u2013150 (2007)","journal-title":"Sci. Chin. Ser. E. Inform. Sci."},{"issue":"1","key":"1506_CR93","first-page":"42","volume":"29","author":"J Liu","year":"2018","unstructured":"J. Liu, P. Su, M. Yang, L. He, Y. Zhang, X.Y. Zhu, H. Lin, Software and cyber security - a survey[J]. J. Software 29(1), 42\u201368 (2018)","journal-title":"J. Software"},{"issue":"11","key":"1506_CR94","first-page":"1460","volume":"11","author":"J-c Jiang","year":"2000","unstructured":"J.-c. Jiang, H.-t. Ma, D.-e. Ren, S.-h. Qing, A survey of intrusion detection research on network security[J]. J. Software 11(11), 1460\u20131466 (2000)","journal-title":"J. Software"},{"issue":"2","key":"1506_CR95","first-page":"143","volume":"38","author":"Y-x Lai","year":"2017","unstructured":"Y.-x. Lai, Z.-H. Liu, X.-t. Cai, K.-x. Yang, Research on intrusion detection of industrial control system[J]. J. Commun. 38(2), 143\u2013156 (2017)","journal-title":"J. Commun."},{"issue":"12","key":"1506_CR96","first-page":"1943","volume":"28","author":"L Chuang","year":"2005","unstructured":"L. Chuang, W. Yang, L. Quanlin, Stochastic modeling and evaluation for network security. Chin. J. Comput. 28(12), 1943\u20131956 (2005)","journal-title":"Chin. J. Comput."},{"issue":"10","key":"1506_CR97","first-page":"5","volume":"33","author":"HQ Wang","year":"2006","unstructured":"H.Q. Wang, J.B. Lai, L. Zhu, Y. Liang, Survey of network situation awareness system. J. Comput. Sci. 33(10), 5\u201310 (2006)","journal-title":"J. Comput. Sci."},{"issue":"7","key":"1506_CR98","first-page":"1605","volume":"21","author":"ZH Gong","year":"2010","unstructured":"Z.H. Gong, Y. Zhuo, Research on cyberspace situational awareness. J. Software 21(7), 1605\u20131619 (2010)","journal-title":"J. Software"},{"issue":"4","key":"1506_CR99","doi-asserted-by":"publisher","first-page":"885","DOI":"10.1360\/jos170885","volume":"17","author":"XZ Chen","year":"2006","unstructured":"X.Z. Chen, Q.H. Zheng, X.H. Guan, C.G. Lin, Quantitative hierarchical threat evaluation model for network security. J. Software 17(4), 885\u2013897 (2006)","journal-title":"J. Software"},{"key":"1506_CR100","unstructured":"Us: progress and trend of network situational awareness research [J]. Anonymous. China information security, 2011 (2)."},{"issue":"9","key":"1506_CR101","doi-asserted-by":"publisher","first-page":"1938","DOI":"10.3724\/SP.J.1016.2012.01938","volume":"35","author":"D Wu","year":"2012","unstructured":"D. Wu, Y.-f. Lian, K. Chen, Y.-l. Liu, A security threats identification and analysis method based on attack graph. Chin. J. Comput. 35(9), 1938\u20131950 (2012)","journal-title":"Chin. J. Comput."},{"issue":"1","key":"1506_CR102","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1360\/jos180137","volume":"18","author":"YZ Zhang","year":"2007","unstructured":"Y.Z. Zhang, B.X. Fang, Y. Chi, X.C. Yun, Risk propagation model for assessing network information systems. J. Software 18(1), 137\u2013145 (2007)","journal-title":"J. Software"},{"issue":"3","key":"1506_CR103","first-page":"353","volume":"46","author":"W Yong","year":"2009","unstructured":"W. Yong, L. Yifeng, F. Dengguo, A network security situational awareness model based on information fusion. J. Comput. Res. Dev. 46(3), 353\u2013362 (2009)","journal-title":"J. Comput. Res. Dev."},{"issue":"3","key":"1506_CR104","first-page":"76","volume":"40","author":"M-z Li","year":"2017","unstructured":"M.-z. Li, J.-p. Lan, Smart home intrusion detection algorithm based on spatial-temporal field information fusion. J. Beijing Univ. Posts Tel. 40(3), 76\u201384 (2017)","journal-title":"J. Beijing Univ. Posts Tel."},{"issue":"4","key":"1506_CR105","doi-asserted-by":"publisher","first-page":"811","DOI":"10.3969\/j.issn.1001-0505.2015.04.034]","volume":"45","author":"F Ling","year":"2015","unstructured":"F. Ling, Z. Weijun, M. Shue, Security technology management strategy of multi-intrusion detection systems and manual investigation portfolio[J]. J. Southeast Univ. (Natural Science Edition) 45(4), 811\u2013816 (2015). https:\/\/doi.org\/10.3969\/j.issn.1001-0505.2015.04.034]","journal-title":"J. Southeast Univ. (Natural Science Edition)"},{"issue":"3","key":"1506_CR106","first-page":"899","volume":"45","author":"W-w Ren","year":"2015","unstructured":"W.-w. Ren, L. Hu, K. Zhao, Intrusion alert correlation model based on data mining and ontology. J Jilin Univ. (Eng. Sci.) 45(3), 899\u2013906 (2015)","journal-title":"J Jilin Univ. (Eng. Sci.)"},{"issue":"3","key":"1506_CR107","first-page":"718","volume":"52","author":"T Chenghua","year":"2015","unstructured":"T. Chenghua, L. Pengcheng, T. Shensheng, X. Yi, Anomaly intrusion behavior detection based on fuzzy clustering and features selection. J. Comput. Res. Dev. 52(3), 718\u2013728 (2015)","journal-title":"J. Comput. Res. Dev."},{"issue":"8","key":"1506_CR108","first-page":"1873","volume":"52","author":"W Yichuan","year":"2015","unstructured":"W. Yichuan, M. Jianfeng, L. Di, Z. Liumei, M. Xianjia, Game optimization for internal DDoS attack detection in cloud computing. J. Comput. Res. Dev. 52(8), 1873\u20131882 (2015)","journal-title":"J. Comput. Res. Dev."},{"issue":"11","key":"1506_CR109","first-page":"2493","volume":"51","author":"F Xuewei","year":"2014","unstructured":"F. Xuewei, W. Dongxia, L.J. Huang Minhuan, A mining approach for causal knowledge in alert correlating based on the markov property. J. Comput. Res. Dev. 51(11), 2493\u20132504 (2014)","journal-title":"J. Comput. Res. Dev."},{"issue":"5","key":"1506_CR110","first-page":"1392","volume":"44","author":"Z-y Luo","year":"2014","unstructured":"Z.-y. Luo, B. You, J.-z. Xu, Y. Liang, Automatic recognition model of intrusive intention based on three layers attack graph. J Jilin Univ. (Eng. Sci.) 44(5), 1392\u20131397 (2014)","journal-title":"J Jilin Univ. (Eng. Sci.)"},{"issue":"9","key":"1506_CR111","first-page":"1745","volume":"51","author":"Y Yu","year":"2017","unstructured":"Y. Yu, C.-h. Xia, X.-y. Hu, Defense scheme generation method using mixed path attack graph. J. Zhejiang Univ. (Eng. Sci) 51(9), 1745\u20131759 (2017)","journal-title":"J. Zhejiang Univ. (Eng. Sci)"},{"issue":"12","key":"1506_CR112","first-page":"2477","volume":"42","author":"F Yan","year":"2014","unstructured":"F. Yan, S.-f. Liu, H. Leng, Study on analysis of attack graphs based on conversion. Chin. J. Electronics 42(12), 2477\u20132480 (2014)","journal-title":"Chin. J. Electronics"},{"issue":"9","key":"1506_CR113","first-page":"2056","volume":"52","author":"M Chunguang","year":"2015","unstructured":"M. Chunguang, W. Chenghong, Z. Donghong, L. Yingtao, A dynamic network risk assessment model based on attacker\u2019s inclination. Journal of Computer Research and Development 52(9), 2056\u20132068 (2015)","journal-title":"Journal of Computer Research and Development"},{"issue":"1","key":"1506_CR114","first-page":"111","volume":"48","author":"N Gao","year":"2016","unstructured":"N. Gao, L. Gao, Y.-y. He, Dynamic security risk assessment model based on bayesian attack graph[J]. Journal of Sichuan University(Engineering Science Edition) 48(1), 111\u2013118 (2016)","journal-title":"Journal of Sichuan University(Engineering Science Edition)"},{"issue":"10","key":"1506_CR115","first-page":"122","volume":"38","author":"HU Hao","year":"2017","unstructured":"H.U. Hao, Y.E. Run-guo, Z.H.A.N.G. Hong-qi, Y.A.N.G. Ying-jie, L.I.U. Yu-ling, Quantitative method for network security situation based on attack prediction[J]. Journal on Communications 38(10), 122\u2013134 (2017)","journal-title":"Journal on Communications"},{"issue":"11","key":"1506_CR116","first-page":"2630","volume":"35","author":"G Hai-Hui","year":"2013","unstructured":"G. Hai-Hui, X. Da, C. Tian-Ping, Yang Yi-Xian. Quantitative evaluation approach for real-time risk based on attack event correlating. 35(11), 2630\u20132636 (2013)","journal-title":"Quantitative evaluation approach for real-time risk based on attack event correlating."},{"issue":"10","key":"1506_CR117","first-page":"2296","volume":"54","author":"L Kenan","year":"2017","unstructured":"L. Kenan, Z. Yuqing, W. Chensi, M. Hua, A system for scoring the exploitability of vulnerability based types. Journal of Computer Research and Development 54(10), 2296\u20132309 (2017)","journal-title":"Journal of Computer Research and Development"},{"issue":"5","key":"1506_CR118","first-page":"792","volume":"42","author":"HUANG Jia-Hui","year":"2016","unstructured":"H.U.A.N.G. Jia-Hui, F.E.N.G. Dong-Qin, W.A.N.G. Hong-Jian, A method for quantifying vulnerability of industrial control system based on attack graph. Acta Automatica Sinica 42(5), 792\u2013798 (2016)","journal-title":"Acta Automatica Sinica"},{"issue":"12","key":"1506_CR119","first-page":"2123","volume":"48","author":"G Meng-Zhou","year":"2014","unstructured":"G. Meng-Zhou, F. Dong-Qin, L. Cong-Li, C. Jian, Vulnerability analysis of industrial control system based on attack graph. Journal Of Zhejiang University (Engineering Science) 48(12), 2123\u20132131 (2014)","journal-title":"Journal Of Zhejiang University (Engineering Science)"},{"issue":"6","key":"1506_CR120","first-page":"1490","volume":"36","author":"W Yufei","year":"2016","unstructured":"W. Yufei, G. Kunlun, Z. Ting, Q. Jian, Assessing the harmfulness of cascading failures across space in electric cyber-physical system based on improved attack graph. Proceedings of the CSEE 36(6), 1490\u20131499 (2016)","journal-title":"Proceedings of the CSEE"},{"issue":"Z1","key":"1506_CR121","first-page":"91~98","volume":"47","author":"W Jinrong","year":"2015","unstructured":"W. Jinrong, F. Dingyi, C. Xiaojiang, W. Huaijun, H. Lu, Taxonomy of software attack technique oriented to automated modeling[J]. Journal of SiChuan University: Engineer Science Edition. 47(Z1), 91~98 (2015)","journal-title":"Journal of SiChuan University: Engineer Science Edition."},{"key":"1506_CR122","first-page":"29","volume-title":"Cyber threat & legal issues[A]","author":"J Christy","year":"1999","unstructured":"J. Christy, Cyber threat & legal issues[A] (Shadowcon Conference[C], USA, 1999), pp. 29\u201350"},{"key":"1506_CR123","volume-title":"Common Vulnerability Scoring System[EB\/OL]","author":"CVSS","year":"2008","unstructured":"CVSS. Common Vulnerability Scoring System[EB\/OL]. http:\/\/nvd.nist.gov\/cvss.cfm , 2008."},{"key":"1506_CR124","doi-asserted-by":"crossref","unstructured":"J. Wei, F. Bin-Xing, Z. Hong-Li, Evaluating network security and optimal active defense based on attack-defense game model[J]. Chinese Journal of Computers. (4, 1), 817\u2013827 (2009)","DOI":"10.3724\/SP.J.1016.2009.00817"},{"issue":"5","key":"1506_CR125","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1016\/j.cose.2007.03.002","volume":"26","author":"HR Shahriari","year":"2007","unstructured":"H.R. Shahriari, R. Jalili, Vulnerability take grant (VTG): an efficient approach to analyze network vulnerabilities[J]. Computers & Security 26(5), 349\u2013360 (2007)","journal-title":"Computers & Security"},{"key":"1506_CR126","doi-asserted-by":"crossref","unstructured":"H. Tianfield, in IEEE International Conference on Internet of Things[C]. Cyber security situational awareness[A] (IEEE, 2017), pp. 782\u2013787","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData.2016.165"},{"issue":"5","key":"1506_CR127","first-page":"996","volume":"22","author":"X Fu","year":"2011","unstructured":"X. Fu, J. Shi, L. Xie, Layered intrusion scenario reconstruction method for automated evidence analysis. Journal of Software 22(5), 996\u20131008 (2011)","journal-title":"Journal of Software"},{"issue":"1","key":"1506_CR128","first-page":"62","volume":"37","author":"CX Jun","year":"2014","unstructured":"C.X. Jun, F.B. Xing, T.Q.F.Z.H. Liang, Inferring attack intent of malicious insider based on probabilistic attack graph model. Chinese Journal of Computers. 37(1), 62\u201372 (2014)","journal-title":"Chinese Journal of Computers."},{"issue":"10","key":"1506_CR129","doi-asserted-by":"publisher","first-page":"001987","DOI":"10.3724\/SP.J.1016.2010.01987","volume":"33","author":"Y Yun","year":"2010","unstructured":"Y. Yun, X. Xi-shan, J. Yan, An Attack graph based probabilistic computing approach of network security. Chinese Journal of Computers. 33(10), 001987\u2013001996 (2010)","journal-title":"Chinese Journal of Computers."},{"key":"1506_CR130","doi-asserted-by":"crossref","unstructured":"M. Frigault, L.Y. Wang, A. Singhal, S. Jajodia, Measuring network security using dynamic Bayesian network[A]. Proceedings of the 4th ACM Workshop on Quality of Protection[C]. IEEE, 23\u201330 (2008)","DOI":"10.1145\/1456362.1456368"},{"key":"1506_CR131","unstructured":"L. Wang, B. Wang, Y. Peng, Research the information security risk assessment technique based on Bayesian network[A]. International Conference on Advanced Computer Theory and Engineering[C] (IEEE, 2010), pp. 600\u2013604"},{"issue":"9","key":"1506_CR132","first-page":"2376","volume":"21","author":"SJ Zhang","year":"2010","unstructured":"S.J. Zhang, J.H. Li, S.S. Song, L. Li, X.Z. Chen, Using Bayesian inference for computing attack graph node beliefs. Journal of Software 21(9), 2376\u20132386 (2010)","journal-title":"Journal of Software"},{"key":"1506_CR133","doi-asserted-by":"publisher","first-page":"8486","DOI":"10.1109\/WCICA.2006.1713634","volume":"2","author":"YT Liao","year":"2006","unstructured":"Y.T. Liao, C.B. Ma, C. Zhang, A new fuzzy risk assessment method for the network security based on fuzzy similarity measure. The 6th World Congress on. Intelligent Control and Automation 2, 8486\u20138490 (2006)","journal-title":"Intelligent Control and Automation"},{"key":"1506_CR134","unstructured":"T.P. Chen, X.Y. Zhang, L.Q. Zheng, Network security risk assessment based on fuzzy integrated judgment[J]. Journal of Naval University of Engineering, 38\u201341 (2009)"},{"issue":"4","key":"1506_CR135","first-page":"413","volume":"16","author":"L Zhao","year":"2010","unstructured":"L. Zhao, Z. Xue, Synthetic security assessment based on variable consistency dominance-based rough set approach. High Technology Letters. 16(4), 413\u2013421 (2010)","journal-title":"High Technology Letters."},{"key":"1506_CR136","unstructured":"L.S. Kong, X.F. Ren, Y.J. Fan, in IEEE International Conference on Intelligent Computing and Intelligent Systems[C]. Study on assessment method for computer network security based on rough set[A] (IEEE, 2009), pp. 617\u2013621"},{"issue":"7","key":"1506_CR137","doi-asserted-by":"publisher","first-page":"1633","DOI":"10.1360\/jos171633","volume":"17","author":"Ping-Hui FENG","year":"2006","unstructured":"Feng PH, Lian YF, Dai YX, Bao XH. A vulnerability model of distributed systems based on reliability theory. Journal of Software, 2006,17(7):1633\u2009\u2212\u20091640.","journal-title":"Journal of Software"},{"issue":"10","key":"1506_CR138","first-page":"1407","volume":"10","author":"L Yan","year":"2016","unstructured":"L. Yan, H. Guangqiu, C. Lixia, The probability controllability of complex network via attack[J]. Journal of Frontiers of Computer Science & Technology 10(10), 1407\u20131419 (2016)","journal-title":"Journal of Frontiers of Computer Science & Technology"},{"issue":"24","key":"1506_CR139","first-page":"21","volume":"12","author":"B Scheier","year":"1999","unstructured":"B. Scheier, Attack trees: modeling security threats[J]. Dr Dobb\u2019s Journal 12(24), 21\u201329 (1999)","journal-title":"Dr Dobb\u2019s Journal"},{"key":"1506_CR140","first-page":"273","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"O Sheyner","year":"2002","unstructured":"O. Sheyner, J. Haines, S. Jha, in Proceedings of the IEEE Symposium on Security and Privacy. Automated generation and analysis of attack graphs[C] (IEEE Computer Society Press, Oakland, 2002), pp. 273\u2013284"},{"key":"1506_CR141","first-page":"307","volume-title":"Proceedings of the DARPA Information Survivability Conference and Exposition II, Anaheim, CA","author":"LP Swiler","year":"2001","unstructured":"L.P. Swiler, C. Phillips, D. Ellis, S. Chakerian, in Proceedings of the DARPA Information Survivability Conference and Exposition II, Anaheim, CA. Computer attack graph generation tool (2001), pp. 307\u2013321"},{"key":"1506_CR142","first-page":"68","volume-title":"Improving attack graph visualization through data reduction and attack grouping \/\/Proceedings of the 5th International Workshop on Visualization for Computer Security(VizSec2008) Cambridge, MA, USA, 2008","author":"J Homer","year":"2008","unstructured":"J. Homer, A. Varikuti, X.M. Ou, M.Q. MA, Improving attack graph visualization through data reduction and attack grouping \/\/Proceedings of the 5th International Workshop on Visualization for Computer Security(VizSec2008) Cambridge, MA, USA, 2008 (Springer Verlag, Belin Heidelberg, Germany, 2008), pp. 68\u201379"},{"key":"1506_CR143","first-page":"2033","volume":"10","author":"Y Yun","year":"2013","unstructured":"Y. Yun, X. Xishan, Q. Zhichang, et al., Attack graph generation algorithm for large-scale network system[J]. Journal of Computer Research and Development 10, 2033\u20132139 (2013)","journal-title":"Journal of Computer Research and Development"},{"key":"1506_CR144","doi-asserted-by":"crossref","unstructured":"K. Ingols, M. Chu, R. Lippmann, S. Webster, S. Boyer, Modeling modern network attacks and counter measures using attack graphs\/\/Proceedings of the 25th Annual Computer Security Applications Conference (Honolulu, Hawaii, USA, 2009), pp. 117\u2013126","DOI":"10.1109\/ACSAC.2009.21"},{"key":"1506_CR145","unstructured":"L. Weixin, Z. Kangfeng, W. Bin, Alert processing based on attack graph and multi-source analyzing [J]. journal of communications 2015(9), 135\u2013144"},{"issue":"1","key":"1506_CR146","first-page":"82","volume":"38","author":"LIU Wei-xin","year":"2015","unstructured":"L.I.U. Wei-xin, Z.H.E.N.G. Kang-feng, H.U. Ying, et al., Approach of goal-oriented attack graph-based threat evaluation for network security[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM 38(1), 82\u201386 (2015)","journal-title":"JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM"},{"key":"1506_CR147","unstructured":"M. Dacier, Towards quantitative evaluation of computer security[D] (Institut National Polytechnique de Toulouse, France, 1994)"},{"issue":"5","key":"1506_CR148","doi-asserted-by":"publisher","first-page":"633","DOI":"10.1109\/32.815323","volume":"25","author":"R Ortalo","year":"1999","unstructured":"R. Ortalo, Y. Deswarte, M. Kaaniche, Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering 25(5), 633\u2013650 (1999)","journal-title":"IEEE Transactions on Software Engineering"},{"key":"1506_CR149","unstructured":"L. Wang, A quantitative computer system and network security risk assessment method[D] (Harbin Institute of Technology, 2002)"},{"key":"1506_CR150","unstructured":"P.A. Porras, R. Kemmerer, in Proceedings of the Eighth Annual Computer Security Applications Conference[C]. A penetration state transition analysis: a rule-based intrusion detection approach[A] (IEEE, 1992), pp. 220\u2013229"},{"key":"1506_CR151","first-page":"184","volume-title":"Model-based validation of an intrusion-tolerant information system[A]","author":"F Stevens","year":"2004","unstructured":"F. Stevens, T. Courtney, S. Singh, A. Agbaria, J.F. Meyer, W.H. Sanders, P. Pal, Model-based validation of an intrusion-tolerant information system[A] (Proceedings of 23rd Symposium on Reliable Distributed Systems ( SRDS 2004)[C]. Florian\u00f3polis, Brazil, 2004), pp. 184\u2013194"},{"issue":"1-4","key":"1506_CR152","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1016\/j.peva.2003.07.008","volume":"56","author":"B Madan","year":"2004","unstructured":"B. Madan, Go eva-Popstojanova K, Vaidyanathan K,Trivedi KS. A method for modeling and quantifying the security attributes of intrusion tolerant systems[J]. Performance Evaluation 56(1-4), 167\u2013186 (2004)","journal-title":"Performance Evaluation"},{"issue":"11","key":"1506_CR153","first-page":"2608","volume":"35","author":"G Xiang","year":"2013","unstructured":"G. Xiang, Zhu Yue-fei,Liu Sheng-li. Attack composition model based on generalized stochastic colored Petri nets[J]. Journal of Electronics & Information Technology 35(11), 2608\u20132614 (2013)","journal-title":"Journal of Electronics & Information Technology"},{"issue":"2","key":"1506_CR154","first-page":"322","volume":"34","author":"LIN Chuang","year":"2006","unstructured":"L.I.N. Chuang, W.A.N.G. Yuan-zhuo, Y.A.N.G. Yang, Q.U. Yang, Research on network dependability analysis methods based on stochastic Petri net[J]. ACTA ELECTRONICA SINICA 34(2), 322\u2013332 (2006)","journal-title":"ACTA ELECTRONICA SINICA"},{"key":"1506_CR155","unstructured":"G.A.O. Xiang, Z.H.U. Yue-fei, L.I.U. Sheng-li, F.E.I. Jin-long, L.I.U. Long, Risk assessment model based on fuzzy Petri nets[J]. Journal on Communications 2013(s1), 126\u2013132"},{"key":"1506_CR156","first-page":"39","volume-title":"Proceedings of 17th Annual Computer Security Application Conference[C]","author":"R ANDERSON","year":"2001","unstructured":"R. ANDERSON, in Proceedings of 17th Annual Computer Security Application Conference[C]. Why information security is hard-an economic perspective[A] (IEEE Computer Society, Washington, DC, USA, 2001), pp. 39\u201340"},{"key":"1506_CR157","first-page":"462","volume-title":"A game theory approach to detect malicious nodes in wireless sensor networks[A]. Procof the 3rd International Conference on Sensor Technologies and Application[C]","author":"YB REDDY","year":"2009","unstructured":"Y.B. REDDY, A game theory approach to detect malicious nodes in wireless sensor networks[A]. Procof the 3rd International Conference on Sensor Technologies and Application[C] (IEEE Computer Society, Washington, DC, 2009), pp. 462\u2013468"},{"issue":"6","key":"1506_CR158","doi-asserted-by":"publisher","first-page":"2404","DOI":"10.1016\/j.camwa.2011.07.027","volume":"62","author":"SG SHEN","year":"2011","unstructured":"S.G. SHEN, Y.J. LI, H.Y. XU, Signaling game based strategy of intrusion detection in wireless sensor networks[J]. Computers & Mathematics with Applications 62(6), 2404\u20132416 (2011)","journal-title":"Computers & Mathematics with Applications"},{"issue":"s2","key":"1506_CR159","first-page":"530","volume":"43","author":"J Chunful","year":"2006","unstructured":"J. Chunful, Z. Anming, Z. Wei, M. Yong, Incomplete informational and dynamic game model in network security[J]. J. Comp. Res. Dev 43(s2), 530\u2013533 (2006)","journal-title":"J. Comp. Res. Dev"},{"key":"1506_CR160","first-page":"54","volume":"1","author":"J-M Zhu","year":"2014","unstructured":"J.-M. Zhu, B. Song, Q.-F. Huang, Evolution game model of offense-defense for network security based on system dynamics[J]. J. Comm. 1, 54\u201361 (2014)","journal-title":"J. Comm."},{"issue":"2","key":"1506_CR161","first-page":"306","volume":"48","author":"W Lin","year":"2011","unstructured":"W. Lin, H. Wang, J. Liu, L. Deng, A. Li, Q. Wu, Y. Jia, Research on cooperative active defense technology in network security based on non-dynamic game theory[J]. J. Comp. Res. Dev. 48(2), 306\u2013316 (2011)","journal-title":"J. Comp. Res. Dev."},{"issue":"3","key":"1506_CR162","doi-asserted-by":"publisher","first-page":"495","DOI":"10.3724\/SP.J.1001.2011.03751","volume":"22","author":"Y Zhang","year":"2011","unstructured":"Y. Zhang, X.B. Tan, X.L. Cui, H.S. Xi, Network security situation awareness approach based on Markov game model. J. Software 22(3), 495\u2013508 (2011)","journal-title":"J. Software"},{"key":"1506_CR163","doi-asserted-by":"crossref","unstructured":"J.X. Ran, B. Xiao, Risk evaluation of network security based on NLPCA\u2212RBF neural network[A]. International Conference on Multimedia Information Networking and Security[C] (IEEE, 2010), pp. 398\u2013402","DOI":"10.1109\/MINES.2010.89"},{"key":"1506_CR164","first-page":"3267","volume-title":"Quantification of network security situational awareness based on evolutionary neural network. The 6th International Conference on Machine Learning and Cybernetics","author":"Y Liang","year":"2007","unstructured":"Y. Liang, H.Q. Wang, J.B. Lai, Quantification of network security situational awareness based on evolutionary neural network. The 6th International Conference on Machine Learning and Cybernetics, vol 6 (2007), pp. 3267\u20133272"},{"issue":"9","key":"1506_CR165","doi-asserted-by":"publisher","first-page":"6225","DOI":"10.1016\/j.eswa.2010.02.102","volume":"37","author":"G Wang","year":"2010","unstructured":"G. Wang, J. Hao, J. Ma, et al., A new approach to intrusion detection using artificial neural networks and fuzzy clustering[J]. Expert Syst. Appl. 37(9), 6225\u20136232 (2010)","journal-title":"Expert Syst. Appl."},{"issue":"3","key":"1506_CR166","first-page":"730","volume":"45","author":"N Gao","year":"2017","unstructured":"N. Gao, L. Gao, Y.Y. He, A lightweight intrusion detection model based on autoencoder network with feature reduction[J]. Acta Electron. Sinica 45(3), 730\u2013739 (2017)","journal-title":"Acta Electron. Sinica"},{"issue":"1","key":"1506_CR167","first-page":"45","volume":"7","author":"SA Hofmeyr","year":"2000","unstructured":"S.A. Hofmeyr, S. Forrest, Architecture for an artificial immune system. Evolutionary Computation 7(1), 45\u201368 (2000)","journal-title":"Evolutionary Computation"},{"key":"1506_CR168","first-page":"1015","volume-title":"Proceedings of the World Congress on Computational Intelligence[C]","author":"J Kim","year":"2002","unstructured":"J. Kim, J.B. Peter, in Proceedings of the World Congress on Computational Intelligence[C]. Towards network intrusion detection: artificial immune system for investigation of dynamic clone selection[A] (IEEE Press, Piscataway, 2002), pp. 1015\u20131020"},{"issue":"8","key":"1506_CR169","first-page":"798","volume":"35","author":"L Tao","year":"2005","unstructured":"L. Tao, Network security risk detection based on immune[J]. Sci. Chin. Ser. E. Inform. Sci. 35(8), 798\u2013816 (2005)","journal-title":"Sci. Chin. Ser. E. Inform. Sci."},{"issue":"9","key":"1506_CR170","first-page":"1515","volume":"29","author":"L Tao","year":"2006","unstructured":"L. Tao, An immune based model for network monitoring [J]. Chin J Comp 29(9), 1515\u20131522 (2006)","journal-title":"Chin J Comp"},{"key":"1506_CR171","first-page":"8814","volume-title":"Proc of 2015 IEEE International Conference on Communications[C]","author":"F Dai","year":"2015","unstructured":"F. Dai, K. Zheng, S. Luo, B. Wu, in Proc of 2015 IEEE International Conference on Communications[C]. Towards a multi objective framework for evaluating network security under exploit attacks [A] (IEEE Press, New York, 2015), pp. 8814\u20138819"},{"key":"1506_CR172","doi-asserted-by":"crossref","unstructured":"J. Zhang, F. Liu, W. Han, et al., Research and implement of configurable network security index system[A] (International Conference on Applied Robotics for the Power Industry[C]. IEEE, 2012), pp. 645\u2013648","DOI":"10.1109\/CARPI.2012.6356403"},{"issue":"8","key":"1506_CR173","doi-asserted-by":"publisher","first-page":"1666","DOI":"10.3724\/SP.J.1016.2012.01666","volume":"35","author":"YZ Zhang","year":"2012","unstructured":"Y.Z. Zhang, X.C. Yun, Network operation security index classification model with multidimensional attributes. Chin. J. Comp. 35(8), 1666\u20131674 (2012)","journal-title":"Chin. J. Comp."},{"key":"1506_CR174","first-page":"1","volume-title":"Mastering the information age: solving problems with visual analytics","author":"D Keim","year":"2010","unstructured":"D. Keim, J. Konlhammer, G. Ellis, F. Mansmann, Mastering the information age: solving problems with visual analytics (Eruographics Association, Goslar, 2010), pp. 1\u2013168"},{"key":"1506_CR175","doi-asserted-by":"crossref","unstructured":"D. Phan, J. Gerth, M. Lee, A. Paepcke, T. Winograd, in Viz SEC 2007[C]. Visual analysis of network flow data with timelines and event plots[A] (Springer, 2008), pp. 85\u201399","DOI":"10.1007\/978-3-540-78243-8_6"},{"issue":"5","key":"1506_CR176","first-page":"112","volume":"32","author":"Y Ye","year":"2011","unstructured":"Y. Ye, X.-S. Xu, Y. Jia, Z.-C. Qi, W.-C. Cheng, Research on the risk adjacency matrix based on attack graphs[J]. J. Comm. 32(5), 112\u2013120 (2011)","journal-title":"J. Comm."},{"issue":"18","key":"1506_CR177","doi-asserted-by":"publisher","first-page":"3812","DOI":"10.1016\/j.comcom.2006.06.018","volume":"29","author":"L Wang","year":"2006","unstructured":"L. Wang, S. Noel, S. Jajodia, Minimum cost network hardening using attack graphs [J]. Computer Communications 29(18), 3812\u20133824 (2006)","journal-title":"Computer Communications"},{"key":"1506_CR178","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1016\/j.cose.2012.09.013","volume":"32","author":"S Wang","year":"2013","unstructured":"S. Wang, Z. Zhang, Y. Kadobayashi, Exploring attack graph for cost-benefit security hardening [J]. Comp. Security 32, 158\u2013169 (2013)","journal-title":"Comp. Security"},{"key":"1506_CR179","first-page":"86","volume-title":"Efficient minimum-cost network hardening via exploit dependency graphs [A].\/\/ Proc of the 2003 Annual Computer Security Applications Conference [C]","author":"S Noel","year":"2003","unstructured":"S. Noel, S. Jajodia, B. O'Berry, et al., Efficient minimum-cost network hardening via exploit dependency graphs [A].\/\/ Proc of the 2003 Annual Computer Security Applications Conference [C] (IEEE Press, New Jersey, 2003), pp. 86\u201395"},{"key":"1506_CR180","doi-asserted-by":"crossref","unstructured":"S. Jajodia, S. Noel, Topological vulnerability analysis: a powerful new approach for network attack prevention, detection, and response [J] (Algorithms, architectures and information systems security, Indian institute platium jubilee series, 2009), pp. 285\u2013305","DOI":"10.1142\/9789812836243_0013"},{"key":"1506_CR181","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1109\/ACSAC.2009.21","volume-title":"Proc of the 2009 Annual Computer Security Applications Conference [C]","author":"K Ingols","year":"2009","unstructured":"K. Ingols, M. Chu, R. Lippmann, et al., in Proc of the 2009 Annual Computer Security Applications Conference [C]. Modeling modern network attacks and countermeasures using attack graphs [A] (IEEE Press, New Jersey, 2009), pp. 117\u2013126"},{"issue":"3","key":"1506_CR182","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1007\/s10207-012-0160-y","volume":"11","author":"R Dewri","year":"2012","unstructured":"R. Dewri, I. Ray, N. Poolsappasit, et al., Optimal security hardening on attack tree models of networks: a cost-benefit analysis. Int. J. Info. Security 11(3), 167\u2013188 (2012)","journal-title":"Int. J. Info. Security"},{"key":"1506_CR183","volume-title":"Information security is becoming a big data analytics problem[EB\/OL]","author":"Gartner","year":"2012","unstructured":"Gartner. Information security is becoming a big data analytics problem[EB\/OL].[2012]. https:\/\/www.gartner.com\/doc\/1960615\/information-security-big-data-analytics ."},{"key":"1506_CR184","volume-title":"Big data: a revolution that will transform how we live, work, and think","author":"V Mayer-Schnberger","year":"2013","unstructured":"V. Mayer-Schnberger, K. Cukier, Big data: a revolution that will transform how we live, work, and think (John Munay Publishers, USA, 2013)"},{"key":"1506_CR185","volume-title":"Beijing: China information and Communication Research Institute (Institute of telecommunications, Ministry of industry and information technology), 2016","author":"Big data white paper","year":"2016","unstructured":"Big data white paper (2016). Beijing: China information and Communication Research Institute (Institute of telecommunications, Ministry of industry and information technology), 2016."},{"key":"1506_CR186","first-page":"427","volume-title":"Enabling convergence of physical and logical security through intelligent event correlation[M]\/\/Intelligent Distributed Computing IX","author":"G Cerullo","year":"2016","unstructured":"G. Cerullo, L. Coppolino, S. D\u2019Antonio, et al., Enabling convergence of physical and logical security through intelligent event correlation[M]\/\/Intelligent Distributed Computing IX (Springer, Berlin, 2016), pp. 427\u2013437"},{"issue":"1","key":"1506_CR187","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1109\/SURV.2013.052213.00046","volume":"16","author":"MH Bhuyan","year":"2014","unstructured":"M.H. Bhuyan, D.K. Bhattacharyya, J.K. Kalita, Network anomaly detection: methods, systems and tools. IEEE Commun. Surveys Tutorials 16(1), 303\u2013336 (2014)","journal-title":"IEEE Commun. Surveys Tutorials"},{"key":"1506_CR188","unstructured":"Cisco. OpenSOC: Big data security analytics framework [EB\/OL]. http:\/\/opensoc.github.io\/ , 2017."},{"key":"1506_CR189","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/2671491.2671495","volume-title":"NStreamAware: real-time visual analytics for data streams to enhance situational awareness[C]\/\/ Proceedings of the Eleventh Workshop on Visualization for Cyber Security","author":"F Fischer","year":"2014","unstructured":"F. Fischer, D.A. Keim, NStreamAware: real-time visual analytics for data streams to enhance situational awareness[C]\/\/ Proceedings of the Eleventh Workshop on Visualization for Cyber Security (ACM, New York, 2014), pp. 65\u201372"},{"key":"1506_CR190","doi-asserted-by":"crossref","unstructured":"S. Marchal, X. Jiang, R. State, et al., A big data architecture for large scale security monitoring[C]\/\/Proceedings of the 2014 IEEE International Conference on Big Data. Anchorage: IEEE, 56\u201363 (2014)","DOI":"10.1109\/BigData.Congress.2014.18"},{"key":"1506_CR191","first-page":"89","volume-title":"Toward a standard benchmark for computer security research: the worldwide intelligence network environment (WINE)[C]\/\/Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security","author":"T Dumitras","year":"2011","unstructured":"T. Dumitras, D. Shou, Toward a standard benchmark for computer security research: the worldwide intelligence network environment (WINE)[C]\/\/Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (ACM, New York, 2011), pp. 89\u201396"},{"issue":"3","key":"1506_CR192","first-page":"93","volume":"1","author":"P Giura","year":"2012","unstructured":"P. Giura, W. Wang, Using large scale distributed computing to unveil advanced persistent threats. Science 1(3), 93\u2013105 (2012)","journal-title":"Science"},{"key":"1506_CR193","volume-title":"The applications of deep learning on traffic identication [EB\/OL]","author":"Z Wang","year":"2017","unstructured":"Wang Z. The applications of deep learning on traffic identication [EB\/OL]. [2017]. https:\/\/www.blackhat.com\/docs\/us-15\/materials\/us-15-Wang-The-Applications-Of-Deep-Learning-On-Traffic-Identification-wp.pdf ."},{"key":"1506_CR194","unstructured":"Musthaler L. How to use deep learning AI to detect and prevent malware and APTs in real-time[EB\/OL]. [2017-03-20]. http:\/\/www.networkworld.com\/article\/3043202\/security\/how-to-use-deep-learning-ai-to-detect-and-prevent-malwareand-apts-in-real-time.html ."},{"issue":"3","key":"1506_CR195","first-page":"1","volume":"49","author":"X Chen","year":"2017","unstructured":"X. Chen, Z. Xuemei, W. Wang, et al., Big data analytics for network security and intelligence. Adv. Eng. Sci. 49(3), 1\u201312 (2017)","journal-title":"Adv. Eng. Sci."}],"container-title":["EURASIP Journal on Wireless Communications and Networking"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-019-1506-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13638-019-1506-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-019-1506-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,16]],"date-time":"2021-01-16T16:30:55Z","timestamp":1610814655000},"score":1,"resource":{"primary":{"URL":"https:\/\/jwcn-eurasipjournals.springeropen.com\/articles\/10.1186\/s13638-019-1506-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,13]]},"references-count":195,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["1506"],"URL":"https:\/\/doi.org\/10.1186\/s13638-019-1506-1","relation":{},"ISSN":["1687-1499"],"issn-type":[{"type":"electronic","value":"1687-1499"}],"subject":[],"published":{"date-parts":[[2019,8,13]]},"assertion":[{"value":"10 April 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 July 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 August 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no competing financial interests.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"205"}}