{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T01:46:57Z","timestamp":1743126417504,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031442124"},{"type":"electronic","value":"9783031442131"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-44213-1_2","type":"book-chapter","created":{"date-parts":[[2023,9,21]],"date-time":"2023-09-21T05:01:41Z","timestamp":1695272501000},"page":"13-25","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Anomaly-Based Insider Threat Detection via\u00a0Hierarchical Information Fusion"],"prefix":"10.1007","author":[{"given":"Enzhi","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qicheng","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shiwan","family":"Zhao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xue","family":"Han","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,9,22]]},"reference":[{"key":"2_CR1","doi-asserted-by":"publisher","unstructured":"Aldairi, M., Karimi, L., Joshi, J.: A trust aware unsupervised learning approach for insider threat detection. In: 2019 IEEE 20th International Conference on Information Reuse and Integration for Data Science (IRI), pp. 89\u201398 (2019). https:\/\/doi.org\/10.1109\/IRI.2019.00027","DOI":"10.1109\/IRI.2019.00027"},{"key":"2_CR2","unstructured":"Almardeny, Y., Boujnah, N., Cleary, F.: A novel outlier detection method for multivariate data. IEEE Transactions on Knowledge and Data Engineering (2020)"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Breunig, M.M., Kriegel, H.P., Ng, R.T., Sander, J.: LOF: identifying density-based local outliers. In: Proceedings of the 2000 ACM SIGMOD international conference on Management of data, pp. 93\u2013104 (2000)","DOI":"10.1145\/342009.335388"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Security and Privacy Workshops, pp. 98\u2013104. IEEE (2013)","DOI":"10.1109\/SPW.2013.37"},{"key":"2_CR5","doi-asserted-by":"publisher","unstructured":"Hariri, S., Kind, M.C.: Batch and online anomaly detection for scientific applications in a kubernetes environment. In: Proceedings of the 9th Workshop on Scientific Cloud Computing. ScienceCloud\u201918, Association for Computing Machinery, New York, NY, USA (2018). DOI: https:\/\/doi.org\/10.1145\/3217880.3217883, https:\/\/doi.org\/10.1145\/3217880.3217883D","DOI":"10.1145\/3217880.3217883"},{"key":"2_CR6","doi-asserted-by":"publisher","unstructured":"Le, D.C., Zincir-Heywood, A.N.: Evaluating insider threat detection workflow using supervised and unsupervised learning. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 270\u2013275 (2018). https:\/\/doi.org\/10.1109\/SPW.2018.00043","DOI":"10.1109\/SPW.2018.00043"},{"issue":"2","key":"2_CR7","doi-asserted-by":"publisher","first-page":"1152","DOI":"10.1109\/TNSM.2021.3071928","volume":"18","author":"DC Le","year":"2021","unstructured":"Le, D.C., Zincir-Heywood, N.: Anomaly detection for insider threats using unsupervised ensembles. IEEE Trans. Netw. Serv. Manage. 18(2), 1152\u20131164 (2021). https:\/\/doi.org\/10.1109\/TNSM.2021.3071928","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"1","key":"2_CR8","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/TNSM.2020.2967721","volume":"17","author":"DC Le","year":"2020","unstructured":"Le, D.C., Zincir-Heywood, N., Heywood, M.I.: Analyzing data granularity levels for insider threat detection using machine learning. IEEE Trans. Netw. Serv. Manage. 17(1), 30\u201344 (2020). https:\/\/doi.org\/10.1109\/TNSM.2020.2967721","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"issue":"1","key":"2_CR9","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2133360.2133363","volume":"6","author":"FT Liu","year":"2012","unstructured":"Liu, F.T., Ting, K.M., Zhou, Z.H.: Isolation-based anomaly detection. ACM Trans. Knowl. Disc. from Data (TKDD) 6(1), 1\u201339 (2012)","journal-title":"ACM Trans. Knowl. Disc. from Data (TKDD)"},{"key":"2_CR10","doi-asserted-by":"crossref","unstructured":"Liu, F., Wen, Y., Zhang, D., Jiang, X., Xing, X., Meng, D.: Log2vec: a heterogeneous graph embedding based approach for detecting cyber threats within enterprise. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1777\u20131794 (2019)","DOI":"10.1145\/3319535.3363224"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Liu, L., De Vel, O., Chen, C., Zhang, J., Xiang, Y.: Anomaly-based insider threat detection using deep autoencoders. In: 2018 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 39\u201348. IEEE (2018)","DOI":"10.1109\/ICDMW.2018.00014"},{"key":"2_CR12","doi-asserted-by":"crossref","unstructured":"Lu, J., Wong, R.K.: Insider threat detection with long short-term memory. In: Proceedings of the Australasian Computer Science Week Multiconference, pp. 1\u201310 (2019)","DOI":"10.1145\/3290688.3290692"},{"issue":"2","key":"2_CR13","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/s10994-015-5521-0","volume":"102","author":"T Pevn\u1ef3","year":"2016","unstructured":"Pevn\u1ef3, T.: Loda: Lightweight on-line detector of anomalies. Mach. Learn. 102(2), 275\u2013304 (2016)","journal-title":"Mach. Learn."},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Rashid, T., Agrafiotis, I., Nurse, J.R.: A new take on detecting insider threats: exploring the use of hidden markov models. In: Proceedings of the 8th ACM CCS International workshop on managing insider security threats, pp. 47\u201356 (2016)","DOI":"10.1145\/2995959.2995964"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Sanzgiri, A., Dasgupta, D.: Classification of insider threat detection techniques. In: Proceedings of the 11th annual cyber and information security research conference, pp. 1\u20134 (2016)","DOI":"10.1145\/2897795.2897799"},{"key":"2_CR16","doi-asserted-by":"publisher","unstructured":"Sun, X., Wang, Y., Shi, Z.: Insider threat detection using an unsupervised learning method: COPOD. In: 2021 International Conference on Communications, Information System and Computer Engineering (CISCE), pp. 749\u2013754 (2021). https:\/\/doi.org\/10.1109\/CISCE52179.2021.9445898","DOI":"10.1109\/CISCE52179.2021.9445898"},{"key":"2_CR17","doi-asserted-by":"publisher","unstructured":"Susto, G.A., Beghi, A., McLoone, S.: Anomaly detection through on-line isolation forest: an application to plasma etching. In: 2017 28th Annual SEMI Advanced Semiconductor Manufacturing Conference (ASMC), pp. 89\u201394 (2017). https:\/\/doi.org\/10.1109\/ASMC.2017.7969205","DOI":"10.1109\/ASMC.2017.7969205"},{"key":"2_CR18","unstructured":"Tuor, A., Kaplan, S., Hutchinson, B., Nichols, N., Robinson, S.: Deep learning for unsupervised insider threat detection in structured cybersecurity data streams. In: Workshops at the Thirty-First AAAI Conference on Artificial Intelligence (2017)"},{"key":"2_CR19","doi-asserted-by":"crossref","unstructured":"Vinay, M., Yuan, S., Wu, X.: Contrastive learning for insider threat detection. In: International Conference on Database Systems for Advanced Applications. pp. 395\u2013403. Springer (2022)","DOI":"10.1007\/978-3-031-00123-9_32"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Yuan, F., Cao, Y., Shang, Y., Liu, Y., Tan, J., Fang, B.: Insider threat detection with deep neural network. In: International Conference on Computational Science. pp. 43\u201354. Springer (2018)","DOI":"10.1007\/978-3-319-93698-7_4"},{"key":"2_CR21","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102221","volume":"104","author":"S Yuan","year":"2021","unstructured":"Yuan, S., Wu, X.: Deep learning for insider threat detection: Review, challenges and opportunities. Comput. Secur. 104, 102221 (2021)","journal-title":"Comput. Secur."},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Yuan, S., Zheng, P., Wu, X., Li, Q.: Insider threat detection via hierarchical neural temporal point processes. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 1343\u20131350. IEEE (2019)","DOI":"10.1109\/BigData47090.2019.9005589"}],"container-title":["Lecture Notes in Computer Science","Artificial Neural Networks and Machine Learning \u2013 ICANN 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-44213-1_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,21]],"date-time":"2023-09-21T06:17:41Z","timestamp":1695277061000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-44213-1_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031442124","9783031442131"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-44213-1_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"22 September 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICANN","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Artificial Neural Networks","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"32","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icann2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/e-nns.org\/icann2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easyacademia.org","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"947","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"426","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"type of other papers accepted  : 9 Abstract","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}