朱添田

个人基本情况

朱添田，获浙江大学工学博士学位，现任浙江工业大学副教授，博士生导师。致力于大数据分析、人工智能、数据驱动安全、隐私保护、系统安全、移动安全、网络攻防等领域的研究。现已主持/参与国家级基金项目8项、省部级基金项目4项。在国内外权威期刊上发表论文30余篇，论文单篇最高引用量达280余次。

招生（长期有效）

欢迎各位对探索新事物有浓厚兴趣、善于主动思考总结、愿意倾听并交流的优秀同学加入课题组。

主要研究方向

1.复杂网络攻击检测与溯源

2.全量内核日志管理与分析

3.攻防知识图谱构建与应用

4.自动化攻防对抗

5.生成式人工智能安全

6.移动用户隐式认证

主要论文论著

1. Hongmei Li, Tiantian Zhu*, Jie Ying, Tieming Chen, Mingqi Lv, Jian-ping Mei, Zhengqiu Weng, Lili Shi.MIRDETECTOR: Applying Malicious Intent Representation for Enhanced APT Anomaly Detection[J]. Computers & Security, 2025,157: 104588.  (CCF B类)

2. Wenrui Cheng, Tiantian Zhu*, Tieming Chen, Qixuan Yuan, Jie Ying, Hongmei Li, Chunlin Xiong, Mingda Li, Mingqi Lv, Yan Chen. CRUcialG: Reconstruct Integrated Attack Scenario Graphs by Cyber Threat Intelligence Reports[J]. IEEE Transactions on Dependable and Secure Computing, 2025. (CCF A类)

3. Wenrui Cheng, Qixuan Yuan, Tiantian Zhu*, Tieming Chen, Jie Ying, Aohan Zheng, Mingjun Ma, Chunlin Xiong, Mingqi Lv, Yan Chen. TAGAPT: Towards Automatic Generation of APT Samples with Provenance-level Granularity[J]. IEEE Transactions on Information Forensics & Security, 2025, 20:4137-4151. (CCF A类)

4. Tiantian Zhu, Wenya He, Tieming Chen, Jiabo Zhang, Mingqi Lv, Hongmei Li, Aohan Zheng, Jie Zheng, Mingjun Ma, Xiangyang Zheng, Zhengqiu Weng, Shuying Wu. LinTracer: An efficient tracking system for cyberattack chains fusing entity and event semantics[J]. Computers & Security, 2025, 154: 104413. (CCF B类)

5. Jiaobo Jin, Tiantian Zhu*, Qixuan Yuan , Tieming Chen, Mingqi Lv, Chenbin Zheng, Jian-Ping Mei, Xiang Pan. PDCleaner: A Multi-view Collaborative Data Compression Method for Provenance Graph-based APT Detection Systems[J]. Computers & Security, 2025, 152: 104359. (CCF B类)

6. Mingda Li, Tiantian Zhu*, Haoqi Yan, Tieming Chen, Mingqi Lv. HER-PT: An Intelligent Penetration Testing Framework with Hindsight Experience Replay[J]. Computers & Security, 2025, 152: 104357. (CCF B类)

7. Jie Ying, Tiantian Zhu*, Qiang Liu, Chunlin Xiong, Zhengqiu Weng, Tieming Chen, Lei Fu, Mingqi Lv, Han Wu, Ting Wang, Yan Chen. TRAPCOG: An Anti-noise, Transferable, and Privacy-preserving Real-time Mobile User Authentication System with High Accuracy[J]. IEEE Transactions on Mobile Computing, 2023, 23(4): 2832-2848. (CCF A类)

8. Tiantian Zhu, Jie Ying, Tieming Chen, Chunlin Xiong, Wenrui Cheng, Qixuan Yuan, Aohan Zheng, Mingqi Lv, Yan Chen. Nip in the Bud: Forecasting and Interpreting Post-exploitation Attacks in Real-time through Cyber Threat Intelligence Reports[J]. IEEE Transactions on Dependable and Secure Computing, 2024, 22(2): 1431-1447. (CCF A类)

9. Tiantian Zhu, Jinkai Yu, Chunlin Xiong, Wenrui Cheng, Qixuan Yuan, Jie Ying, Tieming Chen*, Jiabo Zhang, Mingqi Lv, Yan Chen, Ting Wang, Yuan Fan. APTSHIELD: A Stable, Efficient and Real-time APT Detection System for Linux Hosts[J]. IEEE Transactions on Dependable and Secure Computing, 2023, 20(6): 5247-5264.  (CCF A类)

10. Tiantian Zhu, Jiayu Wang, Linqi Ruan, Chunlin Xiong, Jinkai Yu, Yaosheng Li, Yan Chen, Mingqi Lv, Tieming Chen*, General, Efficient, and Real-time Data Compaction Strategy for APT Forensic Analysis[J]. IEEE Transactions on Information Forensics & Security, 16, 3312-3325, 2021. (CCF A类)

11. Tiantian Zhu, Lei Fu*, Qiang Liu, Zi Lin, Yan Chen*, Tieming Chen. One Cycle Attack: Fool Sensor-based Personal Gait Authentication with Clustering[J], IEEE Transactions on Information Forensics & Security, 16, 553-568, 2020. (CCF A类)

12. Tiantian Zhu, Zhengqiu Weng, Qijie Song, Yuan Chen, Qiang Liu, Yan Chen, Tieming Chen*, ESPIALCOG: General, Efficient and Robust Mobile User Implicit Authentication in Noisy Environment[J], IEEE Transactions on Mobile Computing, 21(2), 555-572, 2022. (CCF A类)

13. Tiantian Zhu*, Zhengyang Qu, Haitao Xu, Jingsi Zhang, Zhengyue Shao, Yan Chen, Sandeep Prabhakar, Jianfeng Yang, RiskCog: Unobtrusive Real-time User Authentication on Mobile Devices in the Wild[J], IEEE Transactions on Mobile Computing, 19(2), 466-483, 2019. (CCF A类)

14. Tiantian Zhu, Hongyu Gao, Yi Yang, Kai Bu*, Yan Chen, Doug Downey, Kathy Lee, Alok N. Choudhary, Beating the Artificial Chaos: Fighting OSN Spam using Its Own Templates[J], IEEE/ACM Transactions on Networking, 24(4), 3856-3869, 2016. (CCF A类)

15. Tiantian Zhu, Jiayuan Chen, Mingjun Ma, Tieming Chen, Mingqi Lv, Zhengqiu Weng, Suyu Zhang. GANDACOG: Implicit Mobile User Authentication in Multi Environments with Scarce Data[J], IEEE Internet of Things Journal, 2025, 12(14): 28074-28091.

16. Mingjun Ma, Tiantian Zhu, Jie Ying, Yu Cheng, Jiayuan Chen, Jian-Ping Mei, Xue Leng, Zhengqiu Weng, Xiangyang Zheng. ThreatCog: An Adaptive and Lightweight Mobile User Authentication System with Enhanced Motion Sensory Signals[J], Journal of Information Security and Applications, 2025, 93: 104142. 

17. Mingqi Lv, HongZhe Gao, Xuebo Qiu, Tieming Chen, Tiantian Zhu. TREC: APT Tactic / Technique Recognition via Few-Shot Provenance Subgraph Learning[C]. ACM Conference on Computer and Communications Security, 2024.  (CCF A类)

18. Tieming Chen, Chengyu Dong, Mingqi Lv*, Qijie Song, Haiwen Liu, Tiantian Zhu, Kang Xu, Ling Chen, Shouling Ji. APT-KGL: An Intelligent APT Detection System Based on Threat Knowledge and Heterogeneous Provenance Graph Learning[J]. IEEE Transactions on Dependable and Secure Computing, 2022. (CCF A类)

19. Chunlin Xiong, Tiantian Zhu, Weihao Dong, Linqi Ruan, Runqing Yang, Yan Chen, Yueqiang Cheng*, Shuai Chen, Xutong Chen. CONAN: A Practical Real-time APT Detection System with High Accuracy and Efficiency[J]. IEEE Transactions on Dependable and Secure Computing, 2020. (CCF A类)

20. Zhenyuan Li, Qi Alfred Chen, Chunlin Xiong, Yan Chen*, Tiantian Zhu, Hai Yang. Effective and Light-Weight Deobfuscation and Semantic-Aware Attack Detection for PowerShell Scripts[C], ACM Conference on Computer and Communications Security, 2019. (CCF A类)

21. Zhengyang Qu, Vaibhav Rastogi, Xinyi Zhang, Yan Chen*, Tiantian Zhu, Zhong Chen. AutoCog: Measuring the Description-to-permission Fidelity in Android Applications[C], ACM Conference on Computer and Communications Security, 2014. (CCF A类)

22. Tieming Chen, Qijie Song, Tiantian Zhu*, Xuebo Qiu, Zhiling Zhu, Mingqi Lv. Kellect: A Kernel-based efficient and lossless event log collector for windows security[J]. Computers & Security, 2025. (CCF B类)

23. Tieming Chen, Chenbin Zheng, Tiantian Zhu*, Chunlin Xiong, Jie Ying, Qixuan Yuan, Wenrui Cheng, Mingqi Lv. System-Level Data Management for Endpoint Advanced Persistent Threat Detection: Issues, Challenges and Trends[J]. Computers & Security, 2023. (CCF B类)

24. Tieming Chen, Huan Zeng, Mingqi Lv*, Tiantian Zhu. CTIMD: Cyber Threat Intelligence Enhanced Malware Detection Using API Call Sequences with Parameters[J]. Computers & Security, 2023. (CCF B类)

25. Mingqi Lv, Zhaoxiong Hong, Ling Chen, Tieming Chen*, Tiantian Zhu, Shouling Ji. Temporal multi-graph convolutional network for traffic flow prediction[J]. IEEE Transactions on Intelligent Transportation Systems, 2021. (CCF B类)

26. Zhengqiu Weng, Weinuo Zhang, Tiantian Zhu, Zhenhao Dou, Haofei Sun, Zhanxiang Ye*, Ye Tian. RT-APT: A Real-time APT Anomaly Detection Method for Large-scale Provenance Graph[J]. Journal of Network and Computer Applications, 2025, 233, 104036. (CCF C类)

27. Lei Fu, Ke Yan, Tiantian Zhu*. PowerCog: A Practical Method for Recognizing Power Quality Disturbances Accurately in a Noisy Environment[J]. IEEE Transactions on Industrial Informatics, 2021.

28. Lei Fu, Ke Yan, Yikun Zhang, Ruien Chen, Zepeng Ma, Fang Xu, Tiantian Zhu*. EdgeCog: A Real-Time Bearing Fault Diagnosis System Based on Lightweight Edge Computing[J]. IEEE Transactions on Instrumentation and Measurement, 2023.

授权发明专利

1. 朱添田，王佳宇。一种跨平台多主机联合日志压缩方法。ZL202010903265.8，授权

2. 朱添田，刘雨豪。一种基于Snort和OpenFlow启发式诱导APT攻击引入蜜罐的方法。ZL202110577612.7，授权

3. 朱添田，李曜晟，江颉。一种基于系统审计日志与打分机制的webshell实时检测方法。ZL202011454037.3，授权

4. 朱添田，李曜晟。一种基于元学习的远程访问木马智能分析方法。ZL202110379282.0，授权

5. 朱添田，张加波。一种基于因果分析的APT溯源研判方法。ZL202211068267.5，授权

6. 朱添田，李耀晟。一种基于生成对抗网络的恶意文件智能分析方法。ZL202110339736.1，授权

7. 朱添田，李爽。一种基于图匹配的威胁狩猎方法。ZL202211536047.0，授权

8. 朱添田，应杰，王佳宇。一种基于元行为的APT攻击样本增强及检测方法。ZL202210849732.2，授权

9. 朱添田，余金开。一种基于上下文行为分析的APT检测方法。ZL202110909243.7，授权

10. 朱添田，余金开。一种异构终端日志融合的APT检测方法。ZL202210540642.5，授权

11. 朱添田，应杰。一种基于孪生网络的用户认证方法。ZL202110948622.7，授权

12. 朱添田，陈启鹏。一种分布式系统的APT检测方法。ZL202210391517.2，授权

13. 朱添田，翁正秋，宋琪杰。基于进化博弈的启发式数据采集方法、装置、计算机设备以及其应用。ZL202010727542.4，授权

14. 朱添田，王佳宇。一种基于存储结构的日志数据压缩方法。ZL202210507055.6，授权

15. 朱添田，吴憾。一种融合序列学习和因果分析的APT攻击溯源方法。ZL202411390353.7，授权

16. 朱添田，李爽。一种融合云网端日志与威胁知识的APT检测方法。ZL202210869355.9，授权

17. 朱添田，袁淇萱，程雯睿，应杰。一种基于威胁情报报告的APT攻击聚类方法，ZL202310262800.X，授权

18. 朱添田，景舒楠，程雯睿。一种基于多源知识融合的APT攻击检测方法及系统。ZL202510012847.X，授权

19. 朱添田，袁淇萱。一种溯源图级别的高级持续威胁样本自动化生成方法。ZL202510147735.5，授权

20. 朱添田，章力文，江颉。基于基因图谱和机器学习的APT网络攻击检测方法及装置。ZL202510174596.5，授权

21. 朱添田，郑奥涵。一种基于终身学习和可疑语义传递的APT异常检测方法。ZL202411570955.0，授权

22. 朱添田，田野。一种基于异构图的APT实时检测分析方法。ZL202210593319.4，授权

23. 朱添田，范智超。基于多维度特征学习与特征聚焦的恶意命令行检测方法。ZL202510346012.8，授权

获奖成果

1. 浙江省技术发明二等奖（项目名称：高级持续性攻击检测与溯源关键技术及应用），2023

2. 中国电子学会科技进步二等奖（项目名称：面向关键信息基础设施的网络攻击智能检测关键技术及应用），2024

主要研究项目

1. 基于多粒度弱监督学习的APT攻击智能检测方法，国家自然科学基金面上项目，2024.01-2027.12，参与

2. 基于多信息源融合的复杂网络攻击检测、分析和追踪方法及关键技术，国家自然科学基金联合重点项目，2023.01-2026.12，参与

3. 面向APT智能检测的攻击链数据建模与分析关键技术研究，国家自然科学基金青年项目，2021.01-2023.12，主持

4. 面向高级网络攻击的样本增强及智能分析方法研究，浙江省自然科学基金探索项目，2021.01-2023.12，主持

5. 安全生产区块链关键技术研究及应用-能源安全生产区块链关键技术研究及应用平台研制，浙江省科技计划重点研发项目，2021.01-2023.12，参与

6. 面向APT网络攻击链的智能检测与溯源方法及关键技术研究，国家自然科学基金联合重点项目，2020.01-2023.12，参与

7. 工业互联网网络安全公共服务，工信部科技项目，2019.01-2020.12，参与

讲授课程

1.《国家安全教育》，本科生

2.《信息安全基础》，本科生

3.《网络攻防技术》，本科生

4.《网络攻防》，研究生

出版教材

1.《Web应用安全与防护》，电子工业出版社，ISBN：9787121432316，第一主编

2.《数据安全》，电子工业出版社，ISBN：9787121409776，第一副主编  

指导竞赛获奖

1. 第十五届全国大学生信息安全竞赛优胜奖，2022

2. 第十六届全国大学生信息安全竞赛三等奖，2023

3. “华为杯”第二届中国研究生网络安全创新大赛二等奖，2023

4.“西湖科创杯”第八届中国研究生智慧城市技术与创意设计大赛二等奖，2023

5. 第十七届全国大学生信息安全竞赛三等奖，2024

6. “华为杯”第三届中国研究生网络安全创新大赛三等奖，2024

指导研究生荣誉称号

2022级：孙浩飞（省优秀毕业生，国家奖学金）；孙嘉辰（省优秀毕业生，国家奖学金）。

社会兼职

1. 浙江省计算机学会信息安全专委会秘书长

2. 浙江省数字经济学会网络安全委员会秘书长

3. 宁波市计算机学会专家工作委员会委员