{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,11]],"date-time":"2026-05-11T11:01:18Z","timestamp":1778497278720,"version":"3.51.4"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031893629","type":"print"},{"value":"9783031893636","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-89363-6_9","type":"book-chapter","created":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T07:54:13Z","timestamp":1748073253000},"page":"153-167","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Reducing False Positives in Intrusion Detection System Alerts: A Novel Aggregation and Correlation Model"],"prefix":"10.1007","author":[{"given":"Hassan Jalil","family":"Hadi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yue","family":"Cao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Faisal Bashir","family":"Hussain","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Naveed","family":"Ahamad","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammed Ali","family":"Alshara","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Insaf","family":"Ullah","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yasir","family":"Javed","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yinglong","family":"He","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abdul Majid","family":"Jamil","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,5,25]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Sengupta, S., Chowdhary, A., Sabur, A., Alshamrani, A., Huang, D., Kambhampati, S.: A survey of moving target defences for network security. IEEE Commun. Surv. Tutorials 22(3), 1909\u20131941 (2020)","DOI":"10.1109\/COMST.2020.2982955"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Yan, S., Ren, J., Wang, W., Sun, L., Zhang, W., Yu, Q.: A survey of adversarial attack and Defense methods for malware classification in cyber security. IEEE Commun. Surv. Tutorials (2022)","DOI":"10.1109\/COMST.2022.3225137"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Bai, Y., Kobayashi, H.: Intrusion detection systems: technology and development. In: 17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003, pp. 710\u2013715. IEEE (2003)","DOI":"10.1109\/AINA.2003.1192972"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"He, K., Kim, D.D., Asghar, M.R.: Adversarial machine learning for network intrusion detection systems: a comprehensive survey. IEEE Commun. Surv. Tutorials (2023)","DOI":"10.1109\/COMST.2022.3233793"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Riyad, A.M., Irfan Ahmed, M.S., Almistarihi, H.H.: A quality framework to improve IDS performance through alert post-processing. Int. J. Intell. Eng. Syst. 12(5) (2019)","DOI":"10.22266\/ijies2019.1031.15"},{"key":"9_CR6","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1016\/j.comnet.2017.08.013","volume":"127","author":"EK Viegas","year":"2017","unstructured":"Viegas, E.K., Santin, A.O., Oliveira, L.S.: Toward a reliable anomaly-based intrusion detection in real-world environments. Comput. Netw. 127, 200\u2013216 (2017)","journal-title":"Comput. Netw."},{"key":"9_CR7","doi-asserted-by":"crossref","unstructured":"Hostiadi, D.P., Susila, M.D., Huizen, R.R.: A new alert correlation model based on similarity approach. In: 2019 1st International Conference on Cybernetics and Intelligent System (ICORIS), vol. 1, pp. 133\u2013137. IEEE (2019)","DOI":"10.1109\/ICORIS.2019.8874899"},{"key":"9_CR8","doi-asserted-by":"publisher","first-page":"150540","DOI":"10.1109\/ACCESS.2019.2946261","volume":"7","author":"K Zhang","year":"2019","unstructured":"Zhang, K., Zhao, F., Luo, S., Xin, Y., Zhu, H.: An intrusion action-based IDS alert correlation analysis and prediction framework. IEEE Access 7, 150540\u2013150551 (2019)","journal-title":"IEEE Access"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Levshun, D., Kotenko, I.: A survey on artificial intelligence techniques for security event correlation: models, challenges, and opportunities. Artif. Intell. Rev., 1\u201344 (2023)","DOI":"10.21203\/rs.3.rs-1975426\/v1"},{"issue":"6","key":"9_CR10","doi-asserted-by":"publisher","first-page":"745","DOI":"10.1109\/TLA.2023.10172140","volume":"21","author":"R Da Silveira Lopes","year":"2023","unstructured":"Da Silveira Lopes, R., Duarte, J.C., Goldschmidt, R.R.: False positive identification in intrusion detection using XAI. IEEE Lat. Am. Trans. 21(6), 745\u2013751 (2023)","journal-title":"IEEE Lat. Am. Trans."},{"issue":"1","key":"9_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-020-00346-1","volume":"7","author":"K Al Jallad","year":"2020","unstructured":"Al Jallad, K., Aljnidi, M., Desouki, M.S.: Anomaly detection optimization using big data and deep learning to reduce false-positive. J. Big Data 7(1), 1\u201312 (2020)","journal-title":"J. Big Data"},{"key":"9_CR12","doi-asserted-by":"publisher","unstructured":"Hadi,H.J., Cao, Y., Li, S., Hu, Y., Wang, J., Wang, S.: Real-time collaborative intrusion detection system in UAV networks using deep learning. IEEE Internet Things J. https:\/\/doi.org\/10.1109\/JIOT.2024.3426511","DOI":"10.1109\/JIOT.2024.3426511"},{"issue":"15","key":"9_CR13","doi-asserted-by":"publisher","first-page":"2368","DOI":"10.3390\/electronics11152368","volume":"11","author":"I Kotenko","year":"2022","unstructured":"Kotenko, I., Doynikova, E., Fedorchenko, A., Desnitsky, V.: Automation of asset inventory for cyber security: investigation of event correlation-based technique. Electronics 11(15), 2368 (2022)","journal-title":"Electronics"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Pavlov, A., Voloshina, N.: Analysis of IDS alert correlation techniques for attacker group recognition in distributed systems. In: Internet of Things, Smart Spaces, and Next Generation Networks and Systems: 20th International Conference, NEW2AN 2020, and 13th Conference, ruSMART 2020, St. Petersburg, Russia, August 26\u201328, 2020, Proceedings, Part I 20, pp. 32\u201342. Springer International Publishing (2020)","DOI":"10.1007\/978-3-030-65726-0_4"},{"key":"9_CR15","doi-asserted-by":"publisher","first-page":"124215","DOI":"10.1016\/j.eswa.2024.124215","volume":"252","author":"HJ Hadi","year":"2024","unstructured":"Hadi, H.J., Cao, Y., Li, S., Xu, L., Hu, Y., Li, M.: Real-time fusion multi-tier DNN-based collaborative IDPS with complementary features for secure UAV-enabled 6G networks. Expert Syst. Appl. 252, 124215 (2024)","journal-title":"Expert Syst. Appl."},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Hadi, H.J., Hayat, U., Mushtaq, N., Hussain, F.B., Cao, Y.: Developing realistic distributed denial of service (DDoS) dataset for machine learning-based intrusion detection system. In: 2022 9th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), pp. 1\u20136. IEEE (2022)","DOI":"10.1109\/IOTSMS58070.2022.10062034"},{"issue":"2","key":"9_CR17","doi-asserted-by":"publisher","first-page":"e4014","DOI":"10.1002\/ett.4014","volume":"32","author":"IT Sumaiya","year":"2021","unstructured":"Sumaiya, I.T., Saira, J.B., Lavanya, K., Rukunuddin, M.G., Abhishek, K.: An integrated intrusion detection system using correlation-based attribute selection and artificial neural network. Trans. Emerg. Telecommun. Technol. 32(2), e4014 (2021)","journal-title":"Trans. Emerg. Telecommun. Technol."},{"issue":"1","key":"9_CR18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3567675","volume":"4","author":"M Landauer","year":"2023","unstructured":"Landauer, M., Wurzenberger, M., Skopik, F., Hotwagner, W., H\u00a8old, G.: AMiner: a modular log data analysis pipeline for anomaly-based intrusion detection. Digit. Threats: Res. Pract. 4(1), 1\u201316 (2023)","journal-title":"Digit. Threats: Res. Pract."},{"issue":"1","key":"9_CR19","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/s10462-021-10037-9","volume":"55","author":"A Thakkar","year":"2022","unstructured":"Thakkar, A., Lohiya, R.: A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions. Artif. Intell. Rev. 55(1), 453\u2013563 (2022)","journal-title":"Artif. Intell. Rev."},{"issue":"2","key":"9_CR20","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1016\/j.icte.2019.11.002","volume":"6","author":"M Latah","year":"2020","unstructured":"Latah, M., Toker, L.: Minimizing false positive rate for DoS attack detection: a hybrid SDN-based approach. ICT Express 6(2), 125\u2013127 (2020)","journal-title":"ICT Express"},{"key":"9_CR21","doi-asserted-by":"publisher","first-page":"109736","DOI":"10.1016\/j.comnet.2023.109736","volume":"228","author":"PC Lin","year":"2023","unstructured":"Lin, P.C., et al.: Correlation of cyber threat intelligence with sightings for intelligence assessment and augmentation. Comput. Netw. 228, 109736 (2023)","journal-title":"Comput. Netw."},{"key":"9_CR22","doi-asserted-by":"publisher","first-page":"e900","DOI":"10.7717\/peerj-cs.900","volume":"8","author":"E Jaw","year":"2022","unstructured":"Jaw, E., Wang, X.: A novel hybrid-based approach of snort automatic rule generator and security event correlation (SARG-SEC). PeerJ Comput. Sci. 8, e900 (2022)","journal-title":"PeerJ Comput. Sci."},{"key":"9_CR23","doi-asserted-by":"crossref","unstructured":"Cejka, T., Bartos, V., Svepes, M., Rosa, Z., Kubatova, H.: NEMEA: a framework for network traffic analysis. In: 2016 12th International Conference on Network and Service Management (CNSM), pp. 195\u2013201. IEEE (2016)","DOI":"10.1109\/CNSM.2016.7818417"},{"key":"9_CR24","doi-asserted-by":"publisher","first-page":"103784","DOI":"10.1016\/j.jnca.2023.103784","volume":"221","author":"S Latif","year":"2024","unstructured":"Latif, S., Boulila, W., Koubaa, A., Zou, Z., Ahmad, J.: DTL-IDS: an optimized intrusion detection framework using deep transfer learning and genetic algorithm. J. Netw. Comput. Appl. 221, 103784 (2024)","journal-title":"J. Netw. Comput. Appl."},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Ullah, S., Boulila, W., Koubaa, A., Ahmad, J.: MAGRU-IDS: a multihead attention-based gated recurrent unit for intrusion detection in IIoT networks. IEEE Access (2023)","DOI":"10.1109\/ACCESS.2023.3324657"},{"key":"9_CR26","doi-asserted-by":"publisher","first-page":"107810","DOI":"10.1016\/j.compeleceng.2022.107810","volume":"99","author":"T Saba","year":"2022","unstructured":"Saba, T., Rehman, A., Sadad, T., Kolivand, H., Bahaj, S.A.: Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput. Electr. Eng. 99, 107810 (2022)","journal-title":"Comput. Electr. Eng."},{"key":"9_CR27","doi-asserted-by":"publisher","unstructured":"Hadi,H.J., Shahzad, K., Ahmed, N., Cao, Y., Javed, Y.: A scalable pattern matching implementation on hardware using data level parallelism. In: 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Exeter, United Kingdom, pp. 2530\u20132537 (2023). https:\/\/doi.org\/10.1109\/TrustCom60117.2023.00354","DOI":"10.1109\/TrustCom60117.2023.00354"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Digital Forensics and Cyber Crime"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-89363-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T07:54:18Z","timestamp":1748073258000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-89363-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031893629","9783031893636"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-89363-6_9","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"25 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICDF2C","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Digital Forensics and Cyber Crime","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Dubrovnik","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icdf2c2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icdf2c.eai-conferences.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}