朱添田

个人基本情况

朱添田，获浙江大学工学博士学位，现任浙江工业大学副教授，博士生导师。致力于大数据分析、人工智能、数据驱动安全、隐私保护、系统安全、移动安全、网络攻防等领域的研究。现已主持/参与国家级基金项目8项、省部级基金项目4项。在国内外权威期刊上发表论文30余篇，论文单篇最高引用量达280余次。

招生（长期有效）

欢迎各位对探索新事物有浓厚兴趣、善于主动思考总结、愿意倾听并交流的优秀同学加入课题组。

主要研究方向

1.复杂网络攻击检测与溯源

2.全量内核日志管理与分析

3.攻防知识图谱构建与应用

4.自动化攻防对抗

5.生成式人工智能安全

6.移动用户隐式认证

主要论文论著

1. Jie Ying, Tiantian Zhu*, Tieming Chen, Mingqi Lv. DEHYDRATOR: Enhancing Provenance Graph Storage via Hierarchical Encoding and Sequence Generation[J]. IEEE Transactions on Information Forensics & Security, 2025, 20:7853-7866. (CCF A类)

2. Wenrui Cheng, Tiantian Zhu*, Tieming Chen, Qixuan Yuan, Jie Ying, Hongmei Li, Chunlin Xiong, Mingda Li, Mingqi Lv, Yan Chen. CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence Reports[J]. IEEE Transactions on Dependable and Secure Computing, 2025. (CCF A类)

3. Jie Ying, Tiantian Zhu*, Wenrui Cheng, Qixuan Yuan, Mingjun Ma, Chunlin Xiong, Tieming Chen, Mingqi Lv, Yan Chen. SPARSE: Semantic Tracking and Path Analysis for Attack Investigation in Real-time[J]. IEEE Transactions on Dependable and Secure Computing, 2025. (CCF A类)

4. Wenrui Cheng, Qixuan Yuan, Tiantian Zhu*, Tieming Chen, Jie Ying, Aohan Zheng, Mingjun Ma, Chunlin Xiong, Mingqi Lv, Yan Chen. TAGAPT: Towards Automatic Generation of APT Samples with Provenance-level Granularity[J]. IEEE Transactions on Information Forensics & Security, 2025, 20:4137-4151. (CCF A类)

5. Tiantian Zhu, Wenya He, Tieming Chen, Jiabo Zhang, Mingqi Lv, Hongmei Li, Aohan Zheng, Jie Zheng, Mingjun Ma, Xiangyang Zheng, Zhengqiu Weng, Shuying Wu. LinTracer: An efficient tracking system for cyberattack chains fusing entity and event semantics[J]. Computers & Security, 2025, 154: 104413. (CCF B类)

6. Hongmei Li, Tiantian Zhu*, Jie Ying, Tieming Chen, Mingqi Lv, Jian-ping Mei, Zhengqiu Weng, Lili Shi. MIRDETECTOR: Applying Malicious Intent Representation for Enhanced APT Anomaly Detection[J]. Computers & Security, 2025,157: 104588.  (CCF B类)

7. Jiaobo Jin, Tiantian Zhu*, Qixuan Yuan , Tieming Chen, Mingqi Lv, Chenbin Zheng, Jian-Ping Mei, Xiang Pan. PDCleaner: A Multi-view Collaborative Data Compression Method for Provenance Graph-based APT Detection Systems[J]. Computers & Security, 2025, 152: 104359. (CCF B类)

8. Mingda Li, Tiantian Zhu*, Haoqi Yan, Tieming Chen, Mingqi Lv. HER-PT: An Intelligent Penetration Testing Framework with Hindsight Experience Replay[J]. Computers & Security, 2025, 152: 104357. (CCF B类)

9. Tieming Chen, Qijie Song, Tiantian Zhu*, Xuebo Qiu, Zhiling Zhu, Mingqi Lv. Kellect: A Kernel-based efficient and lossless event log collector for windows security[J]. Computers & Security, 2025, 150: 104203. (CCF B类)

10. Tiantian Zhu, Jiayuan Chen, Mingjun Ma, Tieming Chen, Mingqi Lv, Zhengqiu Weng, Suyu Zhang. GANDACOG: Implicit Mobile User Authentication in Multi Environments with Scarce Data[J], IEEE Internet of Things Journal, 2025, 12(14): 28074-28091. (CCF C类)

11. Yanshang Yin, Tiantian Zhu*, Tieming Chen, Mingqi Lv. MADGuard: A high-performance microservice anomaly detection system with multidimensional data fusion and temporal causal analysis[J]. IEEE Transactions on Network and Service Management, 2025.   (CCF C类)

12. Mingjun Ma, Tiantian Zhu, Shuang Li, Tieming Chen, Mingqi Lv, Zhengqiu Weng, Guolang Chen. Actminer: Applying causality tracking and increment aligning for graph-based threat hunting[J]. Knowledge-Based Systems, 2025, 327: 114169. (CCF C类)

13. Mingjun Ma, Tiantian Zhu, Jie Ying, Yu Cheng, Jiayuan Chen, Jian-Ping Mei, Xue Leng, Zhengqiu Weng, Xiangyang Zheng. ThreatCog: An Adaptive and Lightweight Mobile User Authentication System with Enhanced Motion Sensory Signals[J], Journal of Information Security and Applications, 2025, 93: 104142. (CCF C类)

14. Zhengqiu Weng, Weinuo Zhang, Tiantian Zhu, Zhenhao Dou, Haofei Sun, Zhanxiang Ye, Ye Tian. RT-APT: A Real-time APT Anomaly Detection Method for Large-scale Provenance Graph[J]. Journal of Network and Computer Applications, 2025, 233, 104036. (CCF C类)

15. Tiantian Zhu, Jie Ying, Tieming Chen, Chunlin Xiong, Wenrui Cheng, Qixuan Yuan, Aohan Zheng, Mingqi Lv, Yan Chen. Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence Reports[J]. IEEE Transactions on Dependable and Secure Computing, 2024, 22(2): 1431-1447. (CCF A类)

16. Jie Ying, Tiantian Zhu*, Qiang Liu, Chunlin Xiong, Zhengqiu Weng, Tieming Chen, Lei Fu, Mingqi Lv, Han Wu, Ting Wang, Yan Chen. TRAPCOG: An Anti-noise, Transferable, and Privacy-preserving Real-time Mobile User Authentication System with High Accuracy[J]. IEEE Transactions on Mobile Computing, 2023, 23(4): 2832-2848. (CCF A类)

17. Tiantian Zhu, Jinkai Yu, Chunlin Xiong, Wenrui Cheng, Qixuan Yuan, Jie Ying, Tieming Chen*, Jiabo Zhang, Mingqi Lv, Yan Chen, Ting Wang, Yuan Fan. APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts[J]. IEEE Transactions on Dependable and Secure Computing, 2023, 20(6): 5247-5264.  (CCF A类)

18. Tiantian Zhu, Jiayu Wang, Linqi Ruan, Chunlin Xiong, Jinkai Yu, Yaosheng Li, Yan Chen, Mingqi Lv, Tieming Chen*, General, Efficient, and Real-time Data Compaction Strategy for APT Forensic Analysis[J]. IEEE Transactions on Information Forensics & Security, 16, 3312-3325, 2021. (CCF A类)

19. Tiantian Zhu, Lei Fu*, Qiang Liu, Zi Lin, Yan Chen*, Tieming Chen. One Cycle Attack: Fool Sensor-based Personal Gait Authentication with Clustering[J], IEEE Transactions on Information Forensics & Security, 16, 553-568, 2020. (CCF A类)

20. Tiantian Zhu, Zhengqiu Weng, Qijie Song, Yuan Chen, Qiang Liu, Yan Chen, Tieming Chen*, ESPIALCOG: General, Efficient and Robust Mobile User Implicit Authentication in Noisy Environment[J], IEEE Transactions on Mobile Computing, 21(2), 555-572, 2022. (CCF A类)

21. Tiantian Zhu*, Zhengyang Qu, Haitao Xu, Jingsi Zhang, Zhengyue Shao, Yan Chen, Sandeep Prabhakar, Jianfeng Yang, RiskCog: Unobtrusive Real-time User Authentication on Mobile Devices in the Wild[J], IEEE Transactions on Mobile Computing, 19(2), 466-483, 2019. (CCF A类)

22. Tiantian Zhu, Hongyu Gao, Yi Yang, Kai Bu*, Yan Chen, Doug Downey, Kathy Lee, Alok N. Choudhary, Beating the Artificial Chaos: Fighting OSN Spam using Its Own Templates[J], IEEE/ACM Transactions on Networking, 24(4), 3856-3869, 2016. (CCF A类)

23. Mingqi Lv, HongZhe Gao, Xuebo Qiu, Tieming Chen, Tiantian Zhu. TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning[C]. ACM Conference on Computer and Communications Security, 2024.  (CCF A类)

24. Tieming Chen, Chengyu Dong, Mingqi Lv*, Qijie Song, Haiwen Liu, Tiantian Zhu, Kang Xu, Ling Chen, Shouling Ji. APT-KGL: An Intelligent APT Detection System Based on Threat Knowledge and Heterogeneous Provenance Graph Learning[J]. IEEE Transactions on Dependable and Secure Computing, 2022. (CCF A类)

25. Chunlin Xiong, Tiantian Zhu, Weihao Dong, Linqi Ruan, Runqing Yang, Yan Chen, Yueqiang Cheng*, Shuai Chen, Xutong Chen. CONAN: A Practical Real-time APT Detection System with High Accuracy and Efficiency[J]. IEEE Transactions on Dependable and Secure Computing, 2020. (CCF A类)

26. Zhenyuan Li, Qi Alfred Chen, Chunlin Xiong, Yan Chen*, Tiantian Zhu, Hai Yang. Effective and Light-Weight Deobfuscation and Semantic-Aware Attack Detection for PowerShell Scripts[C], ACM Conference on Computer and Communications Security, 2019. (CCF A类)

27. Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen*, Tiantian Zhu, Zhong Chen. AutoCog: Measuring the Description-to-permission Fidelity in Android Applications[C], ACM Conference on Computer and Communications Security, 2014. (CCF A类)

28. Tieming Chen, Chenbin Zheng, Tiantian Zhu*, Chunlin Xiong, Jie Ying, Qixuan Yuan, Wenrui Cheng, Mingqi Lv. System-Level Data Management for Endpoint Advanced Persistent Threat Detection: Issues, Challenges and Trends[J]. Computers & Security, 2023. (CCF B类)

29. Tieming Chen, Huan Zeng, Mingqi Lv*, Tiantian Zhu. CTIMD: Cyber Threat Intelligence Enhanced Malware Detection Using API Call Sequences with Parameters[J]. Computers & Security, 2023. (CCF B类)

30. Mingqi Lv, Zhaoxiong Hong, Ling Chen, Tieming Chen*, Tiantian Zhu, Shouling Ji. Temporal multi-graph convolutional network for traffic flow prediction[J]. IEEE Transactions on Intelligent Transportation Systems, 2021. (CCF B类)

31. Lei Fu, Ke Yan, Tiantian Zhu*. PowerCog: A Practical Method for Recognizing Power Quality Disturbances Accurately in a Noisy Environment[J]. IEEE Transactions on Industrial Informatics, 2021.

32. Lei Fu, Ke Yan, Yikun Zhang, Ruien Chen, Zepeng Ma, Fang Xu, Tiantian Zhu*. EdgeCog: A Real-Time Bearing Fault Diagnosis System Based on Lightweight Edge Computing[J]. IEEE Transactions on Instrumentation and Measurement, 2023.

授权发明专利

1. 朱添田，王佳宇。一种跨平台多主机联合日志压缩方法。ZL202010903265.8，授权

2. 朱添田，刘雨豪。一种基于Snort和OpenFlow启发式诱导APT攻击引入蜜罐的方法。ZL202110577612.7，授权

3. 朱添田，李曜晟，江颉。一种基于系统审计日志与打分机制的webshell实时检测方法。ZL202011454037.3，授权

4. 朱添田，李曜晟。一种基于元学习的远程访问木马智能分析方法。ZL202110379282.0，授权

5. 朱添田，张加波。一种基于因果分析的APT溯源研判方法。ZL202211068267.5，授权

6. 朱添田，李耀晟。一种基于生成对抗网络的恶意文件智能分析方法。ZL202110339736.1，授权

7. 朱添田，李爽。一种基于图匹配的威胁狩猎方法。ZL202211536047.0，授权

8. 朱添田，应杰，王佳宇。一种基于元行为的APT攻击样本增强及检测方法。ZL202210849732.2，授权

9. 朱添田，余金开。一种基于上下文行为分析的APT检测方法。ZL202110909243.7，授权

10. 朱添田，余金开。一种异构终端日志融合的APT检测方法。ZL202210540642.5，授权

11. 朱添田，应杰。一种基于孪生网络的用户认证方法。ZL202110948622.7，授权

12. 朱添田，陈启鹏。一种分布式系统的APT检测方法。ZL202210391517.2，授权

13. 朱添田，翁正秋，宋琪杰。基于进化博弈的启发式数据采集方法、装置、计算机设备以及其应用。ZL202010727542.4，授权

14. 朱添田，王佳宇。一种基于存储结构的日志数据压缩方法。ZL202210507055.6，授权

15. 朱添田，吴憾。一种融合序列学习和因果分析的APT攻击溯源方法。ZL202411390353.7，授权

16. 朱添田，李爽。一种融合云网端日志与威胁知识的APT检测方法。ZL202210869355.9，授权

17. 朱添田，袁淇萱，程雯睿，应杰。一种基于威胁情报报告的APT攻击聚类方法，ZL202310262800.X，授权

18. 朱添田，景舒楠，程雯睿。一种基于多源知识融合的APT攻击检测方法及系统。ZL202510012847.X，授权

19. 朱添田，袁淇萱。一种溯源图级别的高级持续威胁样本自动化生成方法。ZL202510147735.5，授权

20. 朱添田，章力文，江颉。基于基因图谱和机器学习的APT网络攻击检测方法及装置。ZL202510174596.5，授权

21. 朱添田，郑奥涵。一种基于终身学习和可疑语义传递的APT异常检测方法。ZL202411570955.0，授权

22. 朱添田，田野。一种基于异构图的APT实时检测分析方法。ZL202210593319.4，授权

23. 朱添田，范智超。基于多维度特征学习与特征聚焦的恶意命令行检测方法。ZL202510346012.8，授权

软件著作权

1.朱添田，等。基于溯源图的APT攻击实时检测系统，2023SR1410874

2.朱添田，等。保留高级持续威胁上下文语义的数据压缩平台，2022SR0339271

3.朱添田，等。HTTPS恶意加密流量智能检测平台，2022SR0339270

获奖成果

1. 浙江省技术发明二等奖（项目名称：高级持续性攻击检测与溯源关键技术及应用），2023

2. 中国电子学会科技进步二等奖（项目名称：面向关键信息基础设施的网络攻击智能检测关键技术及应用），2024

主要研究项目

1.面向APT智能检测的攻击链数据建模与分析关键技术研究，国家自然科学基金青年项目

2.面向高级网络攻击的样本增强及智能分析方法研究，浙江省自然科学基金探索项目

3.安全威胁样本生成技术，CCF-深信服伏羲基金

讲授课程

1.《国家安全教育》，本科生

2.《信息安全基础》，本科生

3.《网络攻防技术》，本科生

4.《网络攻防》，研究生

出版教材

1.《Web应用安全与防护》，电子工业出版社，ISBN：9787121432316，第一主编

2.《数据安全》，电子工业出版社，ISBN：9787121409776，第一副主编  

指导竞赛获奖

1. 第十五届全国大学生信息安全竞赛优胜奖，2022

2. 第十六届全国大学生信息安全竞赛三等奖，2023

3. “华为杯”第二届中国研究生网络安全创新大赛二等奖，2023

4.“西湖科创杯”第八届中国研究生智慧城市技术与创意设计大赛二等奖，2023

5. 第十七届全国大学生信息安全竞赛三等奖，2024

6. “华为杯”第三届中国研究生网络安全创新大赛三等奖，2024

7. 第18届全国大学生软件创新大赛软件系统安全赛一等奖，2025

8. 2025年度中国青年科技创新“揭榜挂帅” 擂台赛二等奖，2025

指导研究生荣誉称号

2022级：孙浩飞（省优秀毕业生，国家奖学金）；孙嘉辰（省优秀毕业生，国家奖学金）。

社会兼职

1. 浙江省计算机学会信息安全专委会秘书长

2. 浙江省数字经济学会网络安全委员会秘书长

3. 宁波市计算机学会专家工作委员会委员