{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T20:30:11Z","timestamp":1742934611131,"version":"3.40.3"},"publisher-location":"Cham","reference-count":14,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031842597"},{"type":"electronic","value":"9783031842603"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-84260-3_18","type":"book-chapter","created":{"date-parts":[[2025,3,3]],"date-time":"2025-03-03T14:46:12Z","timestamp":1741013172000},"page":"306-325","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Cost-Sensitive Approach for\u00a0Managing Intrusion Alerts in\u00a0OT Environments"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-4673-0905","authenticated-orcid":false,"given":"Alex","family":"Howe","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2806-587X","authenticated-orcid":false,"given":"Andrew","family":"Morin","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5628-0548","authenticated-orcid":false,"given":"Mauricio","family":"Papa","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8771-8191","authenticated-orcid":false,"given":"Tyler","family":"Moore","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,3,4]]},"reference":[{"key":"18_CR1","doi-asserted-by":"crossref","unstructured":"Ahmed, C.M., Palleti, V.R., Mathur, A.P.: WADI: a water distribution testbed for research in the design of secure cyber physical systems. In: Proceedings of the 3rd International Workshop On Cyber-Physical Systems For Smart Water Networks, pp. 25\u201328 (2017)","DOI":"10.1145\/3055366.3055375"},{"issue":"5799","key":"18_CR2","doi-asserted-by":"publisher","first-page":"610","DOI":"10.1126\/science.1130992","volume":"314","author":"R Anderson","year":"2006","unstructured":"Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610\u2013613 (2006). https:\/\/doi.org\/10.1126\/science.1130992","journal-title":"Science"},{"key":"18_CR3","unstructured":"B\u00f6hme, R., Moore, T.: Modeling optimal filter configuration (2012). https:\/\/tylermoore.utulsa.edu\/courses\/econsec\/f12\/reading\/lnse-fpfn.pdf"},{"issue":"1","key":"18_CR4","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1006\/jcss.1997.1504","volume":"55","author":"Y Freund","year":"1997","unstructured":"Freund, Y., Schapire, R.E.: A decision-theoretic generalization of on-line learning and an application to boosting. J. Comput. Syst. Sci. 55(1), 119\u2013139 (1997)","journal-title":"J. Comput. Syst. Sci."},{"key":"18_CR5","doi-asserted-by":"publisher","first-page":"102499","DOI":"10.1016\/j.cose.2021.102499","volume":"112","author":"N Gupta","year":"2022","unstructured":"Gupta, N., Jindal, V., Bedi, P.: CSE-IDS: using cost-sensitive deep learning and ensemble algorithms to handle class imbalance in network-based intrusion detection systems. Comput. Secur. 112, 102499 (2022)","journal-title":"Comput. Secur."},{"key":"18_CR6","doi-asserted-by":"publisher","first-page":"93089","DOI":"10.1109\/ACCESS.2021.3093094","volume":"9","author":"S He","year":"2021","unstructured":"He, S., Li, B., Peng, H., Xin, J., Zhang, E.: An effective cost-sensitive XGBoost method for malicious URLs detection in imbalanced dataset. IEEE Access 9, 93089\u201393096 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3093094","journal-title":"IEEE Access"},{"issue":"1\u20132","key":"18_CR7","doi-asserted-by":"publisher","first-page":"5","DOI":"10.3233\/JCS-2002-101-202","volume":"10","author":"W Lee","year":"2002","unstructured":"Lee, W., Fan, W., Miller, M., Stolfo, S.J., Zadok, E.: Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Secur. 10(1\u20132), 5\u201322 (2002)","journal-title":"J. Comput. Secur."},{"key":"18_CR8","unstructured":"Lemay, A., Fernandez, J.M.: Providing SCADA network data sets for intrusion detection research. In: CSET@ USENIX Security Symposium (2016)"},{"key":"18_CR9","unstructured":"Leverett, E.P.: Quantitatively assessing and visualising industrial system attack surfaces (2011)"},{"key":"18_CR10","doi-asserted-by":"crossref","unstructured":"Morin, A., Moore, T.: Towards cost-balanced intrusion detection in OT environments. In: 2022 IEEE Conference on Communications and Network Security (CNS), pp.\u00a01\u20136. IEEE (2022)","DOI":"10.1109\/CNS56114.2022.10091442"},{"key":"18_CR11","doi-asserted-by":"crossref","unstructured":"Papa, S., Casper, W., Moore, T.: Securing wastewater facilities from accidental and intentional harm: a cost-benefit analysis. Int. J. Crit. Infr. Prot. 6(2), 96\u2013106 (2013). https:\/\/tylermoore.utulsa.edu\/ijcip13.pdf","DOI":"10.1016\/j.ijcip.2013.05.002"},{"key":"18_CR12","unstructured":"Shao, E.: Encoding IP address as a feature for network intrusion detection. Ph.D. thesis, Purdue University Graduate School (2019)"},{"key":"18_CR13","doi-asserted-by":"publisher","unstructured":"Sullivan, M., Schellenberg, J., Blundell, M.: Updated value of service reliability estimates for electric utility customers in the United States. Technical Report LBNL\u20136941E, 1172643 (2015).https:\/\/doi.org\/10.2172\/1172643","DOI":"10.2172\/1172643"},{"key":"18_CR14","doi-asserted-by":"crossref","unstructured":"Thakkar, A., Lohiya, R.: Attack classification of imbalanced intrusion data for IoT network using ensemble learning-based deep neural network. IEEE Internet Things J. (2023)","DOI":"10.1109\/JIOT.2023.3244810"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-84260-3_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,3]],"date-time":"2025-03-03T14:46:16Z","timestamp":1741013176000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-84260-3_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031842597","9783031842603"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-84260-3_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"4 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRITIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Critical Information Infrastructures Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rome","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"critis2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}