{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:37:03Z","timestamp":1759091823607},"publisher-location":"Cham","reference-count":11,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030367077"},{"type":"electronic","value":"9783030367084"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-36708-4_62","type":"book-chapter","created":{"date-parts":[[2019,12,12]],"date-time":"2019-12-12T15:24:22Z","timestamp":1576164262000},"page":"756-765","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Combating Threat-Alert Fatigue with Online Anomaly Detection Using Isolation Forest"],"prefix":"10.1007","author":[{"given":"Muhamad Erza","family":"Aminanto","sequence":"first","affiliation":[]},{"given":"Lei","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Tao","family":"Ban","sequence":"additional","affiliation":[]},{"given":"Ryoichi","family":"Isawa","sequence":"additional","affiliation":[]},{"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[]},{"given":"Daisuke","family":"Inoue","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,9]]},"reference":[{"issue":"20","key":"62_CR1","doi-asserted-by":"publisher","first-page":"12","DOI":"10.3182\/20130902-3-CN-3020.00044","volume":"46","author":"Z Ding","year":"2013","unstructured":"Ding, Z., Fei, M.: An anomaly detection approach based on isolation forest algorithm for streaming data using sliding window. IFAC Proc. Vol. 46(20), 12\u201317 (2013)","journal-title":"IFAC Proc. Vol."},{"key":"62_CR2","doi-asserted-by":"crossref","unstructured":"Hassan, W.U., Guo, S., Li, D., Chen, Z., Jee, K., Li, Z., Bates, A.: NoDoze: combatting threat alert fatigue with automated provenance triage. In: Network and Distributed Systems Security (NDSS) Symposium 2019 (2019)","DOI":"10.14722\/ndss.2019.23349"},{"key":"62_CR3","unstructured":"ArcSight, Inc.: Common event format (2010). \nhttps:\/\/kc.mcafee.com\/resources\/sites\/MCAFEE\/content\/live\/CORP-KNOWLEDGEBASE\/78000\/KB78712\/\n\n. Accessed 17 Apr 2019"},{"key":"62_CR4","doi-asserted-by":"crossref","unstructured":"Liu, F.T., Ting, K.M., Zhou, Z.H.: Isolation forest. In: 2008 Eighth IEEE International Conference on Data Mining, pp. 413\u2013422. IEEE (2008)","DOI":"10.1109\/ICDM.2008.17"},{"key":"62_CR5","unstructured":"Marwaha, N.: System and method for providing common event format using alert index. US Patent 7,139,938, 21 November 2006"},{"key":"62_CR6","unstructured":"Sun, L., Versteeg, S., Boztas, S., Rao, A.: Detecting anomalous user behavior using an extended isolation forest algorithm: an enterprise case study. arXiv preprint \narXiv:1609.06676\n\n (2016)"},{"key":"62_CR7","doi-asserted-by":"crossref","unstructured":"Susto, G.A., Beghi, A., McLoone, S.: Anomaly detection through on-line isolation forest: an application to plasma etching. In: 2017 28th Annual SEMI Advanced Semiconductor Manufacturing Conference (ASMC), pp. 89\u201394. IEEE (2017)","DOI":"10.1109\/ASMC.2017.7969205"},{"key":"62_CR8","doi-asserted-by":"publisher","unstructured":"Tharwat, A.: Classification assessment methods. Appl. Comput. Inform. (2018). \nhttps:\/\/doi.org\/10.1016\/j.aci.2018.08.003","DOI":"10.1016\/j.aci.2018.08.003"},{"key":"62_CR9","unstructured":"Tuor, A., Kaplan, S., Hutchinson, B., Nichols, N., Robinson, S.: Deep learning for unsupervised insider threat detection in structured cybersecurity data streams. In: Workshops at the Thirty-First AAAI Conference on Artificial Intelligence (2017)"},{"key":"62_CR10","unstructured":"Ulevitch, D.: Cisco 2017 Annual Cybersecurity Report: The Hidden Danger of Uninvestigated Threats (2017). \nhttps:\/\/blogs.cisco.com\/security\/cisco-2017-annual-cybersecurity-report-the-hidden-danger-of-uninvestigated-threats\n\n. Accessed 17 Apr 2019"},{"issue":"3","key":"62_CR11","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1109\/TDSC.2004.21","volume":"1","author":"F Valeur","year":"2004","unstructured":"Valeur, F., Vigna, G., Kruegel, C., Kemmerer, R.A.: Comprehensive approach to intrusion detection alert correlation. IEEE Trans. Dependable Secur. Comput. 1(3), 146\u2013169 (2004)","journal-title":"IEEE Trans. Dependable Secur. Comput."}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-36708-4_62","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,12]],"date-time":"2019-12-12T15:53:22Z","timestamp":1576166002000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-36708-4_62"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030367077","9783030367084"],"references-count":11,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-36708-4_62","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"9 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICONIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Neural Information Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sydney, NSW","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iconip2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ajiips.com.au\/iconip2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}