{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,15]],"date-time":"2025-08-15T01:26:05Z","timestamp":1755221165929,"version":"3.43.0"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032006325","type":"print"},{"value":"9783032006332","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-00633-2_9","type":"book-chapter","created":{"date-parts":[[2025,8,8]],"date-time":"2025-08-08T10:15:28Z","timestamp":1754648128000},"page":"139-155","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Reducing Information Overload: Because Even Security Experts Need to\u00a0Blink"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1739-876X","authenticated-orcid":false,"given":"Philipp","family":"Kuehn","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2040-5609","authenticated-orcid":false,"given":"Markus","family":"Bayer","sequence":"additional","affiliation":[]},{"given":"Tobias","family":"Frey","sequence":"additional","affiliation":[]},{"given":"Moritz","family":"Kerk","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1920-038X","authenticated-orcid":false,"given":"Christian","family":"Reuter","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,8,9]]},"reference":[{"key":"9_CR1","doi-asserted-by":"publisher","unstructured":"Almeida, T., Hidalgo, J.: SMS Spam Collection (2012). https:\/\/doi.org\/10.24432\/C5CC84","DOI":"10.24432\/C5CC84"},{"key":"9_CR2","doi-asserted-by":"publisher","unstructured":"Anastasiadis, M., Aivatoglou, G., Spanos, G., Voulgaridis, A., Votis, K.: Combining text analysis techniques with unsupervised machine learning methodologies for improved software vulnerability management. In: CSR, pp. 273\u2013278 (2022). https:\/\/doi.org\/10.1109\/CSR54599.2022.9850314","DOI":"10.1109\/CSR54599.2022.9850314"},{"key":"9_CR3","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1145\/304181.304187","volume":"28","author":"M Ankerst","year":"1999","unstructured":"Ankerst, M., Breunig, M.M., Kriegel, H.P., Sander, J.: OPTICS: ordering points to identify the clustering structure. ACM SIGMOD Rec. 28, 49\u201360 (1999). https:\/\/doi.org\/10.1145\/304181.304187","journal-title":"ACM SIGMOD Rec."},{"key":"9_CR4","unstructured":"Basyurt, A.S., Fromm, J., Kuehn, P., Kaufhold, M.A., Mirabaie, M.: Help Wanted - Challenges in Data Collection, Analysis and Communication of Cyber Threats in Security Operation Centers. In: WI (2022)"},{"key":"9_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103430","volume":"134","author":"M Bayer","year":"2023","unstructured":"Bayer, M., Frey, T., Reuter, C.: Multi-level fine-tuning, data augmentation, and few-shot learning for specialized cyber threat intelligence. Comput. Secur. 134, 103430 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103430","journal-title":"Comput. Secur."},{"key":"9_CR6","doi-asserted-by":"publisher","DOI":"10.1145\/3652594","author":"M Bayer","year":"2024","unstructured":"Bayer, M., Kuehn, P., Shanehsaz, R., Reuter, C.: CySecBERT: a domain-adapted language model for the cybersecurity domain. ACM Trans. Privacy Secur. (2024). https:\/\/doi.org\/10.1145\/3652594","journal-title":"ACM Trans. Privacy Secur."},{"key":"9_CR7","doi-asserted-by":"publisher","unstructured":"Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. NORD\u201919 1, 4171\u20134186 (2018). https:\/\/doi.org\/10.18653\/v1\/N19-1423","DOI":"10.18653\/v1\/N19-1423"},{"key":"9_CR8","unstructured":"Ester, M., Kriegel, H.P., Sander, J., Xu, X.: A density-based algorithm for discovering clusters in large spatial databases with noise. In: Proceedings of the Second International Conference on Knowledge Discovery and Data Mining, pp. 226\u2013231. AAAI Press (1996)"},{"key":"9_CR9","volume-title":"Proactive Detection of Network Security Incidents","author":"K Gorzelak","year":"2011","unstructured":"Gorzelak, K., Grudziecki, T., Jacewicz, P., Jaroszewski, P., Juszczyk, \u0141, Kijews, P.: Proactive Detection of Network Security Incidents. Tech. rep, European Union Agency for Cybersecurity (2011)"},{"key":"9_CR10","doi-asserted-by":"publisher","first-page":"1182","DOI":"10.1109\/TVCG.2021.3114843","volume":"28","author":"R Gove","year":"2022","unstructured":"Gove, R.: Automatic narrative summarization for visualizing cyber security logs and incident reports. IEEE Trans. Visual Comput. Graphics 28, 1182\u20131190 (2022). https:\/\/doi.org\/10.1109\/TVCG.2021.3114843","journal-title":"IEEE Trans. Visual Comput. Graphics"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/978-3-030-46150-8_16","volume-title":"Machine Learning and Knowledge Discovery in Databases","author":"S Hess","year":"2020","unstructured":"Hess, S., Duivesteijn, W.: k is the magic number\u2014inferring the number of clusters through nonparametric concentration inequalities. In: Brefeld, U., Fromont, E., Hotho, A., Knobbe, A., Maathuis, M., Robardet, C. (eds.) ECML PKDD 2019. LNCS (LNAI), vol. 11906, pp. 257\u2013273. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-46150-8_16"},{"key":"9_CR12","volume-title":"Voice of the SOC Analyst","author":"E Hinchy","year":"2022","unstructured":"Hinchy, E.: Voice of the SOC Analyst. Tech. rep, Tines (2022)"},{"key":"9_CR13","doi-asserted-by":"publisher","unstructured":"Ignaczak, L., Goldschmidt, G., Costa, C.A.D., Righi, R.D.R.: Text mining in cybersecurity: a systematic literature review. ACM Comput. Surv. 54, 140:1\u2013140:36 (2021).https:\/\/doi.org\/10.1145\/3462477","DOI":"10.1145\/3462477"},{"key":"9_CR14","unstructured":"ISACA: Companies\u2019 cybersecurity staffing worldwide in 2023 versus 2024. https:\/\/www.statista.com\/statistics\/1322073\/cybersecurity-staffing-worldwide\/ (2024)"},{"key":"9_CR15","doi-asserted-by":"publisher","unstructured":"Jiang, A.Q., et al.: Mistral 7B (2023). https:\/\/doi.org\/10.48550\/arXiv.2310.06825","DOI":"10.48550\/arXiv.2310.06825"},{"key":"9_CR16","doi-asserted-by":"publisher","unstructured":"Kaufhold, M.A., Riebe, T., Bayer, M., Reuter, C.: \u2018We do not have the capacity to monitor all media\u2019: a design case study on cyber situational awareness in computer emergency response teams. In: CHI\u201924, pp. 1\u201316. Association for Computing Machinery (2024). https:\/\/doi.org\/10.1145\/3613904.3642368","DOI":"10.1145\/3613904.3642368"},{"key":"9_CR17","doi-asserted-by":"publisher","unstructured":"Kuehn, P., Bayer, M., Wendelborn, M., Reuter, C.: OVANA: an approach to analyze and improve the information quality of vulnerability databases. In: ARES\u201921, p.\u00a011. ACM (2021). https:\/\/doi.org\/10.1145\/3465481.3465744","DOI":"10.1145\/3465481.3465744"},{"key":"9_CR18","doi-asserted-by":"publisher","unstructured":"Le\u00a0Sceller, Q., Karbab, E.B., Debbabi, M., Iqbal, F.: SONAR: automatic detection of cyber security events over the Twitter stream. In: ARES\u201917, pp. 1\u201311. ACM (2017). https:\/\/doi.org\/10.1145\/3098954.3098992","DOI":"10.1145\/3098954.3098992"},{"key":"9_CR19","doi-asserted-by":"publisher","unstructured":"Leiber, C., Bauer, L.G.M., Neumayr, M., Plant, C., B\u00f6hm, C.: The DipEncoder: enforcing multimodality in autoencoders. In: Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 846\u2013856. Association for Computing Machinery (2022). https:\/\/doi.org\/10.1145\/3534678.3539407","DOI":"10.1145\/3534678.3539407"},{"key":"9_CR20","doi-asserted-by":"publisher","unstructured":"Leiber, C., Bauer, L.G.M., Schelling, B., B\u00f6hm, C., Plant, C.: Dip-based deep embedded clustering with k-estimation. In: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining, pp. 903\u2013913. Association for Computing Machinery (2021). https:\/\/doi.org\/10.1145\/3447548.3467316","DOI":"10.1145\/3447548.3467316"},{"key":"9_CR21","doi-asserted-by":"publisher","unstructured":"Leiber, C., Miklautz, L., Plant, C., B\u00f6hm, C.: Benchmarking deep clustering algorithms with ClustPy. In: ICDMW, pp. 625\u2013632 (2023). https:\/\/doi.org\/10.1109\/ICDMW60847.2023.00087","DOI":"10.1109\/ICDMW60847.2023.00087"},{"key":"9_CR22","doi-asserted-by":"publisher","unstructured":"Li, Z., Zhang, X., Zhang, Y., Long, D., Xie, P., Zhang, M.: Towards General Text Embeddings with Multi-stage Contrastive Learning (2023). https:\/\/doi.org\/10.48550\/arXiv.2308.03281","DOI":"10.48550\/arXiv.2308.03281"},{"key":"9_CR23","doi-asserted-by":"publisher","unstructured":"Liu, Z., et al.: SpinQuant: LLM quantization with learned rotations (2024). https:\/\/doi.org\/10.48550\/arXiv.2405.16406","DOI":"10.48550\/arXiv.2405.16406"},{"key":"9_CR24","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1109\/TIT.1982.1056489","volume":"28","author":"S Lloyd","year":"1982","unstructured":"Lloyd, S.: Least squares quantization in PCM. IEEE Trans. Inf. Theory 28, 129\u2013137 (1982). https:\/\/doi.org\/10.1109\/TIT.1982.1056489","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9_CR25","doi-asserted-by":"publisher","unstructured":"Maurus, S., Plant, C.: Skinny-dip: clustering in a sea of noise. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1055\u20131064. Association for Computing Machinery (2016). https:\/\/doi.org\/10.1145\/2939672.2939740","DOI":"10.1145\/2939672.2939740"},{"key":"9_CR26","doi-asserted-by":"publisher","unstructured":"Mautz, D., Plant, C., B\u00f6hm, C.: Deep embedded cluster tree. In: ICDM, pp. 1258\u20131263 (2019). https:\/\/doi.org\/10.1109\/ICDM.2019.00157","DOI":"10.1109\/ICDM.2019.00157"},{"key":"9_CR27","doi-asserted-by":"publisher","unstructured":"McConville, R., Santos-Rodr\u00edguez, R., Piechocki, R.J., Craddock, I.: N2D: (Not Too) deep clustering via clustering the local manifold of an autoencoded embedding. In: ICPR, pp. 5145\u20135152 (2021). https:\/\/doi.org\/10.1109\/ICPR48806.2021.9413131","DOI":"10.1109\/ICPR48806.2021.9413131"},{"key":"9_CR28","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1016\/j.compeleceng.2017.02.013","volume":"61","author":"N Milosevic","year":"2017","unstructured":"Milosevic, N., Dehghantanha, A., Choo, K.: Machine learning aided Android malware classification. Comput. Electr. Eng. 61, 266\u2013274 (2017). https:\/\/doi.org\/10.1016\/j.compeleceng.2017.02.013","journal-title":"Comput. Electr. Eng."},{"key":"9_CR29","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1016\/j.patrec.2020.07.028","volume":"138","author":"M Moradi Fard","year":"2020","unstructured":"Moradi Fard, M., Thonet, T., Gaussier, E.: Deep k-means: jointly clustering with k-means and learning representations. Pattern Recogn. Lett. 138, 185\u2013192 (2020). https:\/\/doi.org\/10.1016\/j.patrec.2020.07.028","journal-title":"Pattern Recogn. Lett."},{"key":"9_CR30","doi-asserted-by":"publisher","unstructured":"Moreira, G.d.S.P., Osmulski, R., Xu, M., Ak, R., Schifferer, B., Oldridge, E.: NV-Retriever: Improving text embedding models with effective hard-negative mining (2024). https:\/\/doi.org\/10.48550\/arXiv.2407.15831","DOI":"10.48550\/arXiv.2407.15831"},{"key":"9_CR31","doi-asserted-by":"publisher","unstructured":"Morris, J.X., Rush, A.M.: Contextual Document Embeddings (2024). https:\/\/doi.org\/10.48550\/arXiv.2410.02525","DOI":"10.48550\/arXiv.2410.02525"},{"key":"9_CR32","doi-asserted-by":"publisher","unstructured":"Muennighoff, N., Tazi, N., Magne, L., Reimers, N.: MTEB: Massive Text Embedding Benchmark (2023). https:\/\/doi.org\/10.48550\/arXiv.2210.07316","DOI":"10.48550\/arXiv.2210.07316"},{"key":"9_CR33","doi-asserted-by":"publisher","unstructured":"Nielsen, F.: Hierarchical clustering. In: Nielsen, F. (ed.) Introduction to HPC with MPI for Data Science, pp. 195\u2013211. Springer International Publishing (2016). https:\/\/doi.org\/10.1007\/978-3-319-21903-5_8","DOI":"10.1007\/978-3-319-21903-5_8"},{"key":"9_CR34","doi-asserted-by":"publisher","unstructured":"Preuveneers, D., Joosen, W.: Privacy-preserving polyglot sharing and analysis of confidential cyber threat intelligence. In: ARES\u201922, pp. 1\u201311. Association for Computing Machinery (2022). https:\/\/doi.org\/10.1145\/3538969.3538982","DOI":"10.1145\/3538969.3538982"},{"key":"9_CR35","doi-asserted-by":"publisher","unstructured":"Reimers, N., Gurevych, I.: Sentence-BERT: sentence embeddings using siamese BERT-networks. In: Inui, K., Jiang, J., Ng, V., Wan, X. (eds.) EMNLP-IJCNLP, pp. 3982\u20133992. Association for Computational Linguistics (2019). https:\/\/doi.org\/10.18653\/v1\/D19-1410","DOI":"10.18653\/v1\/D19-1410"},{"key":"9_CR36","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2020.105841","volume":"197","author":"Y Ren","year":"2020","unstructured":"Ren, Y., Wang, N., Li, M., Xu, Z.: Deep density-based image clustering. Knowl.-Based Syst. 197, 105841 (2020). https:\/\/doi.org\/10.1016\/j.knosys.2020.105841","journal-title":"Knowl.-Based Syst."},{"key":"9_CR37","first-page":"27","volume":"5","author":"E Rend\u00f3n","year":"2011","unstructured":"Rend\u00f3n, E., Abundez, I., Arizmendi, A., Quiroz, E.M.: Internal versus external cluster validation indexes. Int. J. Comput. Commun. 5, 27\u201334 (2011)","journal-title":"Int. J. Comput. Commun."},{"key":"9_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1007\/978-3-030-86890-1_24","volume-title":"Information and Communications Security","author":"T Riebe","year":"2021","unstructured":"Riebe, T., et al.: CySecAlert: an alert generation system for cyber security events using open source intelligence data. In: Gao, D., Li, Q., Guan, X., Liao, X. (eds.) ICICS 2021. LNCS, vol. 12918, pp. 429\u2013446. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-86890-1_24"},{"key":"9_CR39","unstructured":"Rosenberg, A., Hirschberg, J.: V-measure: a conditional entropy-based external cluster evaluation measure. In: EMNLP-CoNLL, pp. 410\u2013420. Association for Computational Linguistics (2007)"},{"key":"9_CR40","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1016\/0377-0427(87)90125-7","volume":"20","author":"PJ Rousseeuw","year":"1987","unstructured":"Rousseeuw, P.J.: Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J. Comput. Appl. Math. 20, 53\u201365 (1987). https:\/\/doi.org\/10.1016\/0377-0427(87)90125-7","journal-title":"J. Comput. Appl. Math."},{"key":"9_CR41","doi-asserted-by":"publisher","unstructured":"Sauerwein, C., Fischer, D., Rubsamen, M., Rosenberger, G., Stelzer, D., Breu, R.: From threat data to actionable intelligence: an exploratory analysis of the intelligence cycle implementation in cyber threat intelligence sharing platforms. In: ARES\u201921, pp.\u00a01\u20139. Association for Computing Machinery (2021). https:\/\/doi.org\/10.1145\/3465481.3470048","DOI":"10.1145\/3465481.3470048"},{"key":"9_CR42","doi-asserted-by":"publisher","unstructured":"Shu, R., Xia, T., Williams, L., Menzies, T.: Better Security Bug Report Classification via Hyperparameter Optimization (2019). https:\/\/doi.org\/10.48550\/arXiv.1905.06872","DOI":"10.48550\/arXiv.1905.06872"},{"key":"9_CR43","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.cose.2016.04.003","volume":"60","author":"F Skopik","year":"2016","unstructured":"Skopik, F., Settanni, G., Fiedler, R.: A problem shared is a problem halved: a survey on the dimensions of collective cyber defense through security information sharing. C &S 60, 154\u2013176 (2016). https:\/\/doi.org\/10.1016\/j.cose.2016.04.003","journal-title":"C &S"},{"key":"9_CR44","unstructured":"Xie, J., Girshick, R., Farhadi, A.: Unsupervised deep embedding for clustering analysis. In: Proceedings of the 33rd International Conference on International Conference on Machine Learning - Volume 48, pp. 478\u2013487. JMLR.org (2016)"},{"key":"9_CR45","doi-asserted-by":"publisher","unstructured":"Zhang, D., Li, J., Zeng, Z., Wang, F.: Jasper and Stella: distillation of SOTA embedding models (2025). https:\/\/doi.org\/10.48550\/arXiv.2412.19048","DOI":"10.48550\/arXiv.2412.19048"},{"key":"9_CR46","doi-asserted-by":"publisher","unstructured":"Zhang, X., et al.: mGTE: Generalized Long-Context Text Representation and Reranking Models for Multilingual Text Retrieval (2024). https:\/\/doi.org\/10.48550\/arXiv.2407.19669","DOI":"10.48550\/arXiv.2407.19669"},{"key":"9_CR47","doi-asserted-by":"publisher","unstructured":"Zong, C., Xia, R., Zhang, J.: Text Data Mining. Springer (2021). https:\/\/doi.org\/10.1007\/978-981-16-0100-2","DOI":"10.1007\/978-981-16-0100-2"}],"container-title":["Lecture Notes in Computer Science","Availability, Reliability and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-00633-2_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,8]],"date-time":"2025-08-08T10:15:34Z","timestamp":1754648134000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-00633-2_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032006325","9783032006332"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-00633-2_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"9 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ARES","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Availability, Reliability and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ghent","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ares-12025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.ares-conference.eu","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}