{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:53:57Z","timestamp":1775746437453,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":26,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819584079","type":"print"},{"value":"9789819584086","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-8408-6_18","type":"book-chapter","created":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:10:27Z","timestamp":1775743827000},"page":"337-355","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["LIME-Enhanced Insider Threat Detection for\u00a0Distributed Security Systems"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9976-8911","authenticated-orcid":false,"given":"Raddad","family":"Faqihi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5748-155X","authenticated-orcid":false,"given":"Priyadarsi","family":"Nanda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0258-4586","authenticated-orcid":false,"given":"Manoranjan","family":"Mohanty","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9051-319X","authenticated-orcid":false,"given":"Saleh","family":"Alqahtani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7393-5355","authenticated-orcid":false,"given":"Bashair","family":"Alrashed","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2026,4,10]]},"reference":[{"key":"18_CR1","doi-asserted-by":"publisher","unstructured":"Al-Shehari, T., Al-Razgan, M., Alfakih, T., Alsowail, R.A., Pandiaraj, S.: Insider threat detection model using anomaly-based isolation forest algorithm. IEEE Access 11, 118170\u2013118185 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3326750, place: Piscataway Publisher: IEEE","DOI":"10.1109\/ACCESS.2023.3326750"},{"key":"18_CR2","doi-asserted-by":"publisher","unstructured":"Al-Shehari, T., Alsowail, R.A.: An insider data leakage detection using one-hot encoding, synthetic minority oversampling and machine learning techniques. Entropy (Basel, Switzerland) 23(10), 1258\u2013 (2021). https:\/\/doi.org\/10.3390\/e23101258, place: Switzerland Publisher: MDPI AG","DOI":"10.3390\/e23101258"},{"key":"18_CR3","doi-asserted-by":"publisher","unstructured":"Alzaabi, F.R., Mehmood, A.: A review of recent advances, challenges, and opportunities in malicious insider threat detection using machine learning methods. IEEE Access 12, 30907\u201330927 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3369906, place: Piscataway Publisher: IEEE","DOI":"10.1109\/ACCESS.2024.3369906"},{"key":"18_CR4","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2023.100965","volume":"24","author":"M Amiri-Zarandi","year":"2023","unstructured":"Amiri-Zarandi, M., Karimipour, H., Dara, R.A.: A federated and explainable approach for insider threat detection in Iot. Internet Things 24, 100965 (2023)","journal-title":"Internet Things"},{"key":"18_CR5","doi-asserted-by":"publisher","unstructured":"Anderson, H.S., Roth, P.: EMBER: an open dataset for training static PE malware machine learning models (Apr 2018).https:\/\/doi.org\/10.48550\/arXiv.1804.04637, http:\/\/arxiv.org\/abs\/1804.04637, arXiv:1804.04637 [cs]","DOI":"10.48550\/arXiv.1804.04637"},{"key":"18_CR6","doi-asserted-by":"crossref","unstructured":"Cetin, V., Y\u0131ld\u0131z, O.: A comprehensive review on data preprocessing techniques in data analysis. Pamukkale \u00dcniversitesi M\u00fchendislik Bilimleri Dergisi 28(2), 299\u2013312 (2022), publisher: Pamukkale \u00dcniversitesi","DOI":"10.5505\/pajes.2021.62687"},{"key":"18_CR7","unstructured":"Eftsure: Insider threat statistics: Malicious intent or ignorance? (2023). https:\/\/www.eftsure.com\/en-au\/statistics\/insider-threat-statistics\/ Accessed 2025"},{"key":"18_CR8","doi-asserted-by":"crossref","unstructured":"Faqihi, R., Nanda, P., Mohanty, M., Alqahtani, S., Alrashed, B.: A scalable framework for insider threat detection: Session modelling and class balancing with XGBoost. In: 2025 IEEE\/ACS 22nd International Conference on Computer Systems and Applications (AICCSA), Doha, Qatar, pp. 1\u20138. IEEE (2025). https:\/\/doi.org\/10.1109\/AICCSA66935.2025.11315452","DOI":"10.1109\/AICCSA66935.2025.11315452"},{"key":"18_CR9","doi-asserted-by":"publisher","unstructured":"Glasser, J., Lindauer, B.: Bridging the gap: a pragmatic approach to generating insider threat data. In: 2013 IEEE Security and Privacy Workshops, pp. 98\u2013104. IEEE, San Francisco, CA (May 2013).https:\/\/doi.org\/10.1109\/SPW.2013.37, http:\/\/ieeexplore.ieee.org\/document\/6565236\/","DOI":"10.1109\/SPW.2013.37"},{"key":"18_CR10","doi-asserted-by":"publisher","unstructured":"Grzeczkowicz, R., Neal, C., Baghalizadeh-Moghadam, N., Cuppens, N., Cuppens, F.: Classifying insider threat scenarios through explainable articial intelligence. In: Risks and Security of Internet and Systems. CRiSIS 2024. Lecture Notes in Computer Science, vol. 15456. Springer, Cham (2025). https:\/\/doi.org\/10.1007\/978-3-031-89350-6_10","DOI":"10.1007\/978-3-031-89350-6_10"},{"key":"18_CR11","doi-asserted-by":"publisher","unstructured":"Le, T.T.H., Wardhani, R.W., Putranto, D.S.C., Jo, U., Kim, H.: Toward enhanced attack detection and explanation in intrusion detection system-based Iot environment data. IEEE Access 11, 131661\u2013131676 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3336678","DOI":"10.1109\/ACCESS.2023.3336678"},{"key":"18_CR12","doi-asserted-by":"publisher","unstructured":"Mamidanna, S.K., Reddy, C.R.K., Gujju, A.: Detecting an insider threat and analysis of xgboost using hyperparameter tuning, pp. 1\u201310. IEEE (2022). https:\/\/doi.org\/10.1109\/ACCAI53970.2022.9752509, https:\/\/ieeexplore.ieee.org\/document\/9752509, book Title: 2022 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)","DOI":"10.1109\/ACCAI53970.2022.9752509"},{"key":"18_CR13","doi-asserted-by":"publisher","unstructured":"Marino, D.L., Wickramasinghe, C.S., Manic, M.: An adversarial approach for explainable AI in intrusion detection systems. In: IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society, pp. 3237\u20133243 (Oct 2018). https:\/\/doi.org\/10.1109\/IECON.2018.8591457, https:\/\/ieeexplore.ieee.org\/abstract\/document\/8591457, iSSN: 2577-1647","DOI":"10.1109\/IECON.2018.8591457"},{"key":"18_CR14","doi-asserted-by":"publisher","unstructured":"Mittal, A., Garg, U.: Prediction and detection of insider threat detection using emails: A comparision. In: 2023 Second International Conference on Electrical, Electronics, Information and Communication Technologies (ICEEICT), pp. 01\u201306 (2023). https:\/\/doi.org\/10.1109\/ICEEICT56924.2023.10157297","DOI":"10.1109\/ICEEICT56924.2023.10157297"},{"key":"18_CR15","doi-asserted-by":"crossref","unstructured":"Nalinipriya, G., et al.: Leveraging explainable artificial intelligence for early detection and mitigation of cyber threat in large-scale network environments. Sci. Reports (Nature Publisher Group) 15(1), 24662 (2025). http:\/\/ezproxy.lib.uts.edu.au\/login?url=https:\/\/www.proquest.com\/scholarly-journals\/leveraging-explainable-artificial-intelligence\/docview\/3228610969\/se-2","DOI":"10.1038\/s41598-025-08597-9"},{"key":"18_CR16","doi-asserted-by":"publisher","unstructured":"Nikiforova, O., Romanovs, A., Zabiniako, V., Kornienko, J.: Detecting and identifying insider threats based on advanced clustering methods. IEEE Access 12, 30242\u201330253 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3365424","DOI":"10.1109\/ACCESS.2024.3365424"},{"key":"18_CR17","doi-asserted-by":"publisher","unstructured":"Reddy, K.A., Jyothi, V.E., Sai, D.S.S., Vardhan, G.C.P., Priyanka, D., Reddy, K.R.K.: Interpretable ai for cyber security: enhancing DDOs detection with lime and population-based training models. In: 2025 3rd International Conference on Communication, Security, and Artificial Intelligence (ICCSAI), vol.\u00a03, pp. 1766\u20131772 (2025). https:\/\/doi.org\/10.1109\/ICCSAI64074.2025.11064595","DOI":"10.1109\/ICCSAI64074.2025.11064595"},{"key":"18_CR18","doi-asserted-by":"publisher","unstructured":"Ribeiro, M.T., Singh, S., Guestrin, C.: \"Why should i trust you?\": explaining the predictions of any classifier. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1135\u20131144. ACM, San Francisco California USA (Aug 2016). https:\/\/doi.org\/10.1145\/2939672.2939778, https:\/\/dl.acm.org\/doi\/10.1145\/2939672.2939778","DOI":"10.1145\/2939672.2939778"},{"key":"18_CR19","doi-asserted-by":"publisher","first-page":"121772","DOI":"10.1109\/ACCESS.2025.3587114","volume":"13","author":"K Saeed Alketbi","year":"2025","unstructured":"Saeed Alketbi, K., Mehmood, A.: A comprehensive survey of explainable artificial intelligence techniques for malicious insider threat detection. IEEE Access 13, 121772\u2013121798 (2025). https:\/\/doi.org\/10.1109\/ACCESS.2025.3587114","journal-title":"IEEE Access"},{"key":"18_CR20","doi-asserted-by":"publisher","unstructured":"Sharma, B., Pokharel, P., Joshi, B.: User behavior analytics for anomaly detection using LSTM autoencoder - insider threat detection. In: Proceedings of the 11th International Conference on Advances in Information Technology, pp.\u00a01\u20139. IAIT \u201920, Association for Computing Machinery, New York, NY, USA (Jul 2020). https:\/\/doi.org\/10.1145\/3406601.3406610, https:\/\/dl.acm.org\/doi\/10.1145\/3406601.3406610","DOI":"10.1145\/3406601.3406610"},{"key":"18_CR21","doi-asserted-by":"publisher","unstructured":"Suryotrisongko, H., Musashi, Y., Tsuneda, A., Sugitani, K.: Robust botnet dga detection: Blending xai and osint for cyber threat intelligence sharing. IEEE Access 10, 34613\u201334624 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3162588","DOI":"10.1109\/ACCESS.2022.3162588"},{"key":"18_CR22","doi-asserted-by":"publisher","unstructured":"Verma, S., Prabakeran, S.: A hybrid deep learning approach to network traffic anomaly detection enhanced by shap and lime interpretability. In: 2025 8th International Conference on Trends in Electronics and Informatics (ICOEI), pp. 1254\u20131261 (2025). https:\/\/doi.org\/10.1109\/ICOEI65986.2025.11013553","DOI":"10.1109\/ICOEI65986.2025.11013553"},{"key":"18_CR23","doi-asserted-by":"publisher","unstructured":"Wang, D., Yang, Q., Abdul, A., Lim, B.Y.: Designing Theory-Driven User-Centric Explainable AI. In: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, pp. 1\u201315. CHI \u201919, Association for Computing Machinery, New York, NY, USA (May 2019). https:\/\/doi.org\/10.1145\/3290605.3300831","DOI":"10.1145\/3290605.3300831"},{"key":"18_CR24","doi-asserted-by":"publisher","unstructured":"Xin, W., Shen, Q., Feng, K., Xia, Y., Wu, Z., Lin, Z.: Personalized User Profiles-based Insider Threat Detection for Distributed File System. pp. 1441\u20131446. IEEE (2022). https:\/\/doi.org\/10.1109\/TrustCom56396.2022.00204, https:\/\/ieeexplore.ieee.org\/document\/10063436, book Title: 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) ISSN: 2324-9013","DOI":"10.1109\/TrustCom56396.2022.00204"},{"key":"18_CR25","doi-asserted-by":"publisher","first-page":"2138","DOI":"10.3390\/sym14102138","volume":"14","author":"G Yang","year":"2022","unstructured":"Yang, G., Tang, C., Liu, X.: Dualac2nn: revisiting and alleviating alert fatigue from the detection perspective. Symmetry 14, 2138 (2022). https:\/\/doi.org\/10.3390\/sym14102138","journal-title":"Symmetry"},{"key":"18_CR26","doi-asserted-by":"publisher","unstructured":"Zhang, C., Wang, S., Zhan, D., Yu, T., Wang, T., Yin, M.: Detecting insider threat from behavioral logs based on ensemble and self-supervised learning. Secur. Commun. Netw. 2021, 1\u201311 (2021). https:\/\/doi.org\/10.1155\/2021\/4148441, place: London Publisher: Hindawi","DOI":"10.1155\/2021\/4148441"}],"container-title":["Lecture Notes in Computer Science","Algorithms and Architectures for Parallel Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-8408-6_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:10:29Z","timestamp":1775743829000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-8408-6_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9789819584079","9789819584086"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-8408-6_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"10 April 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICA3PP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Algorithms and Architectures for Parallel Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zhengzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 October 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 November 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ica3pp2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ieee-cybermatics.org\/2025\/ica3pp\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}