{"id":"https://openalex.org/W4394976980","doi":"https://doi.org/10.1016/j.icte.2024.04.005","title":"Context-aware cyber-threat attribution based on hybrid features","display_name":"Context-aware cyber-threat attribution based on hybrid features","publication_year":2024,"publication_date":"2024-04-20","ids":{"openalex":"https://openalex.org/W4394976980","doi":"https://doi.org/10.1016/j.icte.2024.04.005"},"language":"en","primary_location":{"id":"doi:10.1016/j.icte.2024.04.005","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.icte.2024.04.005","pdf_url":null,"source":{"id":"https://openalex.org/S2898368220","display_name":"ICT Express","issn_l":"2405-9595","issn":["2405-9595"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICT Express","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1016/j.icte.2024.04.005","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027975713","display_name":"Ehtsham Irshad","orcid":"https://orcid.org/0000-0001-6707-5339"},"institutions":[{"id":"https://openalex.org/I4210088086","display_name":"Capital University of Science and Technology","ror":"https://ror.org/004776246","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210088086"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Ehtsham Irshad","raw_affiliation_strings":["Department of Computer Science, Capital University of Science and Technology, Islamabad, Pakistan"],"raw_orcid":"https://orcid.org/0000-0001-6707-5339","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Capital University of Science and Technology, Islamabad, Pakistan","institution_ids":["https://openalex.org/I4210088086"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006568573","display_name":"Abdul Basit Siddiqui","orcid":"https://orcid.org/0000-0002-2113-5524"},"institutions":[{"id":"https://openalex.org/I4210088086","display_name":"Capital University of Science and Technology","ror":"https://ror.org/004776246","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210088086"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Abdul Basit Siddiqui","raw_affiliation_strings":["Department of Computer Science, Capital University of Science and Technology, Islamabad, Pakistan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Capital University of Science and Technology, Islamabad, Pakistan","institution_ids":["https://openalex.org/I4210088086"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5027975713"],"corresponding_institution_ids":["https://openalex.org/I4210088086"],"apc_list":{"value":1500,"currency":"USD","value_usd":1500},"apc_paid":{"value":1500,"currency":"USD","value_usd":1500},"fwci":10.3257,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.98072949,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"10","issue":"3","first_page":"553","last_page":"569"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7157943248748779},{"id":"https://openalex.org/keywords/encyclopedia","display_name":"Encyclopedia","score":0.6888836622238159},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6639743447303772},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6512428522109985},{"id":"https://openalex.org/keywords/attribution","display_name":"Attribution","score":0.5698627233505249},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4827496409416199},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.43755170702934265},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4207162857055664},{"id":"https://openalex.org/keywords/empirical-research","display_name":"Empirical research","score":0.41695940494537354},{"id":"https://openalex.org/keywords/behavioral-pattern","display_name":"Behavioral pattern","score":0.4117041230201721},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.349927693605423},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3271116018295288},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.1494881808757782},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.12077450752258301},{"id":"https://openalex.org/keywords/social-psychology","display_name":"Social psychology","score":0.08157429099082947}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7157943248748779},{"id":"https://openalex.org/C148863701","wikidata":"https://www.wikidata.org/wiki/Q5292","display_name":"Encyclopedia","level":2,"score":0.6888836622238159},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6639743447303772},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6512428522109985},{"id":"https://openalex.org/C143299363","wikidata":"https://www.wikidata.org/wiki/Q900584","display_name":"Attribution","level":2,"score":0.5698627233505249},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4827496409416199},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.43755170702934265},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4207162857055664},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.41695940494537354},{"id":"https://openalex.org/C83804111","wikidata":"https://www.wikidata.org/wiki/Q1063558","display_name":"Behavioral pattern","level":2,"score":0.4117041230201721},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.349927693605423},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3271116018295288},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.1494881808757782},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.12077450752258301},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.08157429099082947},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C161191863","wikidata":"https://www.wikidata.org/wiki/Q199655","display_name":"Library science","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1016/j.icte.2024.04.005","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.icte.2024.04.005","pdf_url":null,"source":{"id":"https://openalex.org/S2898368220","display_name":"ICT Express","issn_l":"2405-9595","issn":["2405-9595"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICT Express","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:920c53708bc144e6a315bf82ca7398de","is_oa":true,"landing_page_url":"https://doaj.org/article/920c53708bc144e6a315bf82ca7398de","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ICT Express, Vol 10, Iss 3, Pp 553-569 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1016/j.icte.2024.04.005","is_oa":true,"landing_page_url":"https://doi.org/10.1016/j.icte.2024.04.005","pdf_url":null,"source":{"id":"https://openalex.org/S2898368220","display_name":"ICT Express","issn_l":"2405-9595","issn":["2405-9595"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICT Express","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Climate action","score":0.5099999904632568,"id":"https://metadata.un.org/sdg/13"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":86,"referenced_works":["https://openalex.org/W1532819377","https://openalex.org/W1976780968","https://openalex.org/W2072717850","https://openalex.org/W2132929535","https://openalex.org/W2533908554","https://openalex.org/W2547850071","https://openalex.org/W2571173479","https://openalex.org/W2594899909","https://openalex.org/W2760313715","https://openalex.org/W2766677542","https://openalex.org/W2771963642","https://openalex.org/W2796347652","https://openalex.org/W2806206692","https://openalex.org/W2870670057","https://openalex.org/W2914662937","https://openalex.org/W2964522977","https://openalex.org/W2966878955","https://openalex.org/W2975078241","https://openalex.org/W2977489474","https://openalex.org/W3002252600","https://openalex.org/W3012866219","https://openalex.org/W3023308726","https://openalex.org/W3023882301","https://openalex.org/W3098102491","https://openalex.org/W3122563073","https://openalex.org/W3122863827","https://openalex.org/W3134621558","https://openalex.org/W3138686850","https://openalex.org/W3164128970","https://openalex.org/W3166494441","https://openalex.org/W3183268685","https://openalex.org/W3198465620","https://openalex.org/W4210355130","https://openalex.org/W4212819166","https://openalex.org/W4213273466","https://openalex.org/W4213287278","https://openalex.org/W4235739515","https://openalex.org/W4241209922","https://openalex.org/W4241511027","https://openalex.org/W4241735343","https://openalex.org/W4244503536","https://openalex.org/W4249876446","https://openalex.org/W4283364690","https://openalex.org/W4297539704","https://openalex.org/W4310931642","https://openalex.org/W4313306227","https://openalex.org/W4313448871","https://openalex.org/W4362512907","https://openalex.org/W4375787811","https://openalex.org/W4378530982","https://openalex.org/W4381137026","https://openalex.org/W4382405221","https://openalex.org/W4383820865","https://openalex.org/W4385016187","https://openalex.org/W4385576176","https://openalex.org/W4386028955","https://openalex.org/W4387011179","https://openalex.org/W6723542952","https://openalex.org/W6730971094","https://openalex.org/W6745586164","https://openalex.org/W6747803002","https://openalex.org/W6754668239","https://openalex.org/W6757380543","https://openalex.org/W6758315132","https://openalex.org/W6760468014","https://openalex.org/W6766102087","https://openalex.org/W6767774477","https://openalex.org/W6769035812","https://openalex.org/W6769197624","https://openalex.org/W6772064552","https://openalex.org/W6773513306","https://openalex.org/W6773586270","https://openalex.org/W6774465298","https://openalex.org/W6777065805","https://openalex.org/W6777124144","https://openalex.org/W6785444229","https://openalex.org/W6791295991","https://openalex.org/W6791811992","https://openalex.org/W6796568693","https://openalex.org/W6799734439","https://openalex.org/W6801061648","https://openalex.org/W6804218791","https://openalex.org/W6807591097","https://openalex.org/W6811506201","https://openalex.org/W6839080275","https://openalex.org/W6847956375"],"related_works":["https://openalex.org/W2348562996","https://openalex.org/W4387776128","https://openalex.org/W3010321750","https://openalex.org/W4394774294","https://openalex.org/W3159833212","https://openalex.org/W4244686159","https://openalex.org/W3011873497","https://openalex.org/W3007654203","https://openalex.org/W2186132238","https://openalex.org/W2201477785"],"abstract_inverted_index":{"With":[0,152],"the":[1,6,19,64,74,86,109,121,136],"rapid":[2],"technological":[3],"development,":[4],"identifying":[5],"attackers":[7],"behind":[8],"cyber-attacks":[9],"is":[10,59],"getting":[11],"more":[12,50],"sophisticated.":[13],"To":[14],"cope":[15],"with":[16,80],"this":[17,57,119,153],"phenomenon,":[18],"current":[20],"process":[21,58],"of":[22,76,111,149,159,167],"cyber-threat":[23],"attribution":[24],"includes":[25],"features":[26,55,79,83,91,113,123],"like":[27],"tactics":[28],"techniques":[29],"and":[30,37,45,68,116,163,171],"procedures":[31],"(TTP),":[32],"tools,":[33],"target":[34],"country/":[35],"company":[36],"application.":[38],"They":[39],"do":[40],"not":[41],"include":[42],"attacker":[43],"context":[44],"motives;":[46],"thus,":[47],"they":[48],"demand":[49],"refined":[51],"traits.":[52],"Adding":[53],"behavioral":[54,78,90,150],"to":[56,61],"essential":[60],"better":[62],"understand":[63],"attacker\u2019s":[65],"context,":[66],"motivations":[67],"goals.":[69],"This":[70,104],"research":[71,105],"study":[72],"accentuates":[73],"impact":[75,110],"adding":[77],"existing":[81],"technical":[82],"in":[84,165],"determining":[85],"actual":[87],"actor.":[88],"The":[89],"are":[92,124],"extracted":[93],"from":[94],"Threat":[95],"actor":[96,138],"encyclopedia,":[97,139],"a":[98,140],"dataset":[99],"published":[100,143],"by":[101,126,144],"Thai":[102,145],"CERT.":[103],"investigation":[106],"also":[107],"analyzes":[108],"hybrid":[112],"(technical":[114],"&":[115],"behavioral).":[117],"For":[118,131],"procedure,":[120],"best":[122],"chosen":[125],"implementing":[127],"feature":[128],"selection":[129],"techniques.":[130],"empirical":[132],"results,":[133],"we":[134,155],"use":[135],"threat":[137],"data":[141],"set":[142],"Cert,":[146],"for":[147],"extraction":[148],"attributes.":[151],"augmentation,":[154],"achieve":[156],"elevated":[157],"results":[158],"97%,":[160,162],"98.8%,":[161],"97.2%":[164],"terms":[166],"accuracy,":[168],"precision,":[169],"recall":[170],"F1-measure":[172],"using":[173],"machine/deep":[174],"learning":[175],"algorithms.":[176]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":10}],"updated_date":"2026-06-12T08:23:45.883708","created_date":"2025-10-10T00:00:00"}