{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T04:11:48Z","timestamp":1751602308459,"version":"3.41.0"},"publisher-location":"Cham","reference-count":13,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031877711"},{"type":"electronic","value":"9783031877728"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-87772-8_37","type":"book-chapter","created":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T07:35:57Z","timestamp":1745307357000},"page":"432-443","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Leveraging Large Language Models for\u00a0Reducing False Positives and\u00a0Prioritizing Alerts in\u00a0Intrusion Detection Systems"],"prefix":"10.1007","author":[{"given":"Ali","family":"Mustafa","sequence":"first","affiliation":[]},{"given":"Fouad","family":"Trad","sequence":"additional","affiliation":[]},{"given":"Ali","family":"Chehab","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,4,23]]},"reference":[{"key":"37_CR1","doi-asserted-by":"crossref","unstructured":"Jose, S., Malathi, D., Reddy, B., Jayaseeli, D.: A survey on anomaly based host intrusion detection system. J. Phys. Conf. Ser. 1000, 012049 (2018). IOP Publishing","DOI":"10.1088\/1742-6596\/1000\/1\/012049"},{"issue":"4","key":"37_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3461462","volume":"2","author":"JH Ring IV","year":"2021","unstructured":"Ring, J.H., IV., Van Oort, C.M., Durst, S., White, V., Near, J.P., Skalka, C.: Methods for host-based intrusion detection with deep learning. Digit. Threats Res. Pract. (DTRAP) 2(4), 1\u201329 (2021)","journal-title":"Digit. Threats Res. Pract. (DTRAP)"},{"key":"37_CR3","doi-asserted-by":"publisher","first-page":"227756","DOI":"10.1109\/ACCESS.2020.3045514","volume":"8","author":"M Vielberth","year":"2020","unstructured":"Vielberth, M., B\u00f6hm, F., Fichtinger, I., Pernul, G.: Security operations center: a systematic study and open challenges. IEEE Access 8, 227756\u2013227779 (2020)","journal-title":"IEEE Access"},{"key":"37_CR4","unstructured":"Alahmadi, B.A., Axon, L., Martinovic, I.: 99% false positives: a qualitative study of $$\\{$$SOC$$\\}$$ analysts\u2019 perspectives on security alarms. In: 31st USENIX Security Symposium (USENIX Security 22), pp.\u00a02783\u20132800 (2022)"},{"key":"37_CR5","doi-asserted-by":"crossref","unstructured":"Khoury, J., Klisura, D., Zanddizari, H., Parra, G., Najafirad, P., Bou-Harb, E.: Jbeil: temporal graph-based inductive learning to infer lateral movement in evolving enterprise networks. In: 2024 IEEE Symposium on Security and Privacy (SP), p.\u00a09. IEEE Computer Society (2024)","DOI":"10.1109\/SP54263.2024.00009"},{"key":"37_CR6","unstructured":"Alsaheel, A., et al.: ATLAS$$\\}$$: a sequence-based learning approach for attack investigation. In: 30th USENIX Security Symposium (USENIX Security 21), pp.\u00a03005\u20133022 (2021)"},{"key":"37_CR7","doi-asserted-by":"crossref","unstructured":"Du, M., Li, F., Zheng, G., Srikumar, V.: Deeplog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp.\u00a01285\u20131298 (2017)","DOI":"10.1145\/3133956.3134015"},{"key":"37_CR8","unstructured":"Yang, F., Xu, J., Xiong, C., Li, Z., Zhang, K.: PROGRAPHER: an anomaly detection system based on provenance graph embedding. In: 32nd USENIX Security Symposium (USENIX Security 23), pp.\u00a04355\u20134372 (2023)"},{"key":"37_CR9","doi-asserted-by":"publisher","first-page":"3972","DOI":"10.1109\/TIFS.2022.3208815","volume":"17","author":"S Wang","year":"2022","unstructured":"Wang, S., et al.: Threatrace: detecting and tracing host-based threats in node level through provenance graph learning. IEEE Trans. Inf. Forensics Secur. 17, 3972\u20133987 (2022)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"37_CR10","doi-asserted-by":"crossref","unstructured":"Han, X., Pasquier, T., Bates, A., Mickens, J., Seltzer, M.: Unicorn: runtime provenance-based detector for advanced persistent threats. arXiv preprint arXiv:2001.01525 (2020)","DOI":"10.14722\/ndss.2020.24046"},{"key":"37_CR11","unstructured":"Wolf, T., et\u00a0al.: Huggingface\u2019s transformers: state-of-the-art natural language processing. arXiv preprint arXiv:1910.03771 (2019)"},{"issue":"1","key":"37_CR12","doi-asserted-by":"publisher","first-page":"367","DOI":"10.3390\/make6010018","volume":"6","author":"F Trad","year":"2024","unstructured":"Trad, F., Chehab, A.: Prompt engineering or fine-tuning? A case study on phishing detection with large language models. Mach. Learn. Knowl. Extract. 6(1), 367\u2013384 (2024)","journal-title":"Mach. Learn. Knowl. Extract."},{"key":"37_CR13","doi-asserted-by":"crossref","unstructured":"Trad, F., Chehab, A.: Evaluating the efficacy of prompt-engineered large multimodal models versus fine-tuned vision transformers in image-based security applications. arXiv preprint arXiv:2403.17787 (2024)","DOI":"10.1145\/3735648"}],"container-title":["Lecture Notes on Data Engineering and Communications Technologies","Advanced Information Networking and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-87772-8_37","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T18:38:13Z","timestamp":1751567893000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-87772-8_37"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031877711","9783031877728"],"references-count":13,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-87772-8_37","relation":{},"ISSN":["2367-4512","2367-4520"],"issn-type":[{"type":"print","value":"2367-4512"},{"type":"electronic","value":"2367-4520"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"23 April 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AINA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advanced Information Networking and Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barcelona","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 April 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 April 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"39","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aina0","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/voyager.ce.fit.ac.jp\/conf\/aina\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}