{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T11:40:04Z","timestamp":1745322004687,"version":"3.40.4"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031710247"},{"type":"electronic","value":"9783031710254"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-71025-4_15","type":"book-chapter","created":{"date-parts":[[2025,1,6]],"date-time":"2025-01-06T07:45:37Z","timestamp":1736149537000},"page":"291-308","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Modeling Analyst Intentions Using a Markov Chain for Investigative Action Recommendations"],"prefix":"10.1007","author":[{"given":"Romain","family":"Brisse","sequence":"first","affiliation":[]},{"given":"Simon","family":"Boche","sequence":"additional","affiliation":[]},{"given":"Frederic","family":"Majorczyk","sequence":"additional","affiliation":[]},{"given":"Jean-Francois","family":"Lalande","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,1,7]]},"reference":[{"unstructured":"J. Bennett and S. Lanning, The Netflix Prize, Proceedings of the KDD Cup and Workshop, pp. 3\u20136, 2007.","key":"15_CR1"},{"doi-asserted-by":"crossref","unstructured":"R. Brisse, S. Boche, F. Majorczyk and J. Lalande, Kraken: A knowledge-based recommender system for analysts to kick exploration up a notch, Proceedings of the Fourteenth International Conference on Innovative Security Solutions for Information Technology and Communications Security, pp. 1\u201317, 2021.","key":"15_CR2","DOI":"10.1007\/978-3-031-17510-7_1"},{"unstructured":"R. Burke, Knowledge-based recommender systems, Encyclopedia of Library and Information Systems, vol. 69(32), pp. 175\u2013186, 2000.","key":"15_CR3"},{"doi-asserted-by":"crossref","unstructured":"R. Burke, Hybrid recommender systems: Survey and experiments, User Modeling and User-Adapted Interaction, vol. 12(4), pp. 331\u2013370, 2002.","key":"15_CR4","DOI":"10.1023\/A:1021240730564"},{"unstructured":"A. de Moura Del Esposte, R. Campiolo, F. Kon and D. Batista, A collaboration model to recommend network security alerts based on the mixed hybrid approach, presented at the Brazilian Symposium on Computer Networks and Distributed Systems, 2016.","key":"15_CR5"},{"unstructured":"European Network and Information Security Agency, Good Practice Guide for Incident Management, Heraklion, Greece, 2010.","key":"15_CR6"},{"doi-asserted-by":"crossref","unstructured":"L. Ferreira, D. Castro Silva and M. Uriarte, Recommender systems in cybersecurity, Knowledge and Information Systems, vol. 65(12), pp. 5523\u20135559, 2023.","key":"15_CR7","DOI":"10.1007\/s10115-023-01906-6"},{"doi-asserted-by":"crossref","unstructured":"M. Franco, B. Rodrigues and B. Stiller, MENTOR: The design and evaluation of a protection services recommender system, Proceedings of the Fifteenth International Conference on Network and Service Management, 2019.","key":"15_CR8","DOI":"10.23919\/CNSM46954.2019.9012686"},{"doi-asserted-by":"crossref","unstructured":"G. Grillenmeier, Protecting Active Directory against modern threats, Network Security, vol. 2021(11), pp. 15\u201317, 2021.","key":"15_CR9","DOI":"10.1016\/S1353-4858(21)00132-X"},{"doi-asserted-by":"crossref","unstructured":"M. Husak and M. Cermak, SoK: Applications and challenges of using recommender systems in cybersecurity incident handling and response, Proceedings of the Seventeenth International Conference on Availability, Reliability and Security, article no. 25, 2022.","key":"15_CR10","DOI":"10.1145\/3538969.3538981"},{"doi-asserted-by":"crossref","unstructured":"D. Jannach, M. Zanker, A. Felfernig and G. Friedrich, Recommender Systems: An Introduction, Cambridge University Press, Cambridge, United Kingdom, 2010.","key":"15_CR11","DOI":"10.1017\/CBO9780511763113"},{"doi-asserted-by":"crossref","unstructured":"S. Moskal and S. Yang, Translating intrusion alerts to cyberattack stages using pseudo-active transfer learning (PATRL), Proceedings of the IEEE Conference on Communications and Network Security, pp. 110\u2013118, 2021.","key":"15_CR12","DOI":"10.1109\/CNS53000.2021.9705037"},{"doi-asserted-by":"crossref","unstructured":"A. Pawlicka, M. Choras and M. Pawlicki, The stray sheep of cyberspace a.k.a. the actors who claim they break the law for the greater good, Personal and Ubiquitous Computing, vol. 25(5), pp. 843\u2013852, 2021.","key":"15_CR13","DOI":"10.1007\/s00779-021-01568-7"},{"doi-asserted-by":"crossref","unstructured":"A. Pawlicka, M. Pawlicki, R. Kozik and R. Choras, A systematic review of recommender systems and their applications in cybersecurity, Sensors, vol. 21(15), article no. 5248, 2021.","key":"15_CR14","DOI":"10.3390\/s21155248"},{"doi-asserted-by":"crossref","unstructured":"N. Polatidis, E. Pimenidis, M. Pavlidis, S. Papastergiou and H. Mouratidis, From product recommendation to cyber-attack prediction: Generating attack graphs and predicting future attacks, Evolving Systems, vol. 11(3), pp. 479\u2013490, 2020.","key":"15_CR15","DOI":"10.1007\/s12530-018-9234-z"},{"doi-asserted-by":"crossref","unstructured":"N. Privault, Understanding Markov Chains: Examples and Applications, Springer, Singapore, 2018.","key":"15_CR16","DOI":"10.1007\/978-981-13-0659-4"},{"doi-asserted-by":"crossref","unstructured":"F. Ricci, L. Rokach and B. Shapira, Introduction to Recommender Systems Handbook, in Recommender Systems Handbook, F. Ricci, L. Rokach, B. Shapira and P. Kantor (Eds.), pp. 1\u201335, Springer, Boston, Massachusetts, 2011.","key":"15_CR17","DOI":"10.1007\/978-0-387-85820-3_1"},{"doi-asserted-by":"crossref","unstructured":"F. Soldo, A. Le and A. Markopoulou, Predictive blacklisting as an implicit recommendation system, Proceedings of the Twenty-Ninth IEEE Conference on Information Communications, 2010.","key":"15_CR18","DOI":"10.1109\/INFCOM.2010.5461982"},{"doi-asserted-by":"crossref","unstructured":"Z. Sworna, C. Islam and M. Babar, APIRO, A framework for automated security tool API recommendation, ACM Transactions on Software Engineering and Methodology, vol. 32(1), article no. 24, 2023.","key":"15_CR19","DOI":"10.1145\/3512768"},{"doi-asserted-by":"crossref","unstructured":"C. Zhong, T. Lin, P. Liu, J. Yen and K. Chen, A cyber security data triage operation retrieval system, Computers and Security, vol 76(7), pp. 12\u201331, 2018.","key":"15_CR20","DOI":"10.1016\/j.cose.2018.02.011"},{"unstructured":"C. Zimmerman, Ten Strategies of a World-Class Cybersecurity Operations Center, The MITRE Corporation, Bedford, Massachusetts, 2014.","key":"15_CR21"}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XX"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-71025-4_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T11:14:54Z","timestamp":1745320494000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-71025-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031710247","9783031710254"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-71025-4_15","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"7 January 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Delhi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 January 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 January 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}