{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,29]],"date-time":"2024-10-29T11:10:47Z","timestamp":1730200247984,"version":"3.28.0"},"reference-count":16,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1109\/bigdata.2018.8622083","type":"proceedings-article","created":{"date-parts":[[2019,1,25]],"date-time":"2019-01-25T03:07:18Z","timestamp":1548385638000},"page":"5068-5077","source":"Crossref","is-referenced-by-count":4,"title":["Defining a Metric Space of Host Logs and Operational Use Cases"],"prefix":"10.1109","author":[{"given":"Miki E.","family":"Verma","sequence":"first","affiliation":[]},{"given":"Robert A.","family":"Bridges","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"article-title":"Anatomy of cryptowall 3.0 virus&#x2014;a look inside ransomware code and tactics","year":"2015","author":"sela","key":"ref10"},{"article-title":"Windows event log reference","year":"0","author":"satran","key":"ref11"},{"key":"ref12","article-title":"Forming IDEAS interactive data exploration & analysis system","author":"bridges","year":"2018","journal-title":"Workshop on Security Information Workers SOUPS"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TPAMI.2007.1078"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom\/BigDataSE.2018.00250"},{"journal-title":"Modern Multidimensional Scaling Theory and Applications","year":"2005","author":"borg","key":"ref15"},{"key":"ref16","first-page":"226","author":"ester","year":"1996","journal-title":"A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise"},{"key":"ref4","article-title":"Malicious behavior detection using windows audit logs","volume":"abs 1506 4200","author":"berlin","year":"2015","journal-title":"CoRR"},{"key":"ref3","first-page":"227","article-title":"One graph is worth a thousand logs: Uncovering hidden structures in massive system event logs","author":"aharon","year":"2009","journal-title":"ECML PKDD"},{"key":"ref6","first-page":"1723","article-title":"Dependence-preserving data compaction for scalable forensic analysis","author":"hossain","year":"2018","journal-title":"27th USENIX"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2017.0-119"},{"year":"0","key":"ref8","article-title":"Detecting cryptowall 3.0 using real time event correlation"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978378"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.4108\/icst.collaboratecom.2013.254136"},{"key":"ref1","article-title":"Detecting security incidents using windows workstation event logs","author":"anthony","year":"2013","journal-title":"Sans Institute Infosec Reading Room"},{"article-title":"Detecting cryptowall 3.0 using real time event correlation","year":"2017","author":"tsapakidis","key":"ref9"}],"event":{"name":"2018 IEEE International Conference on Big Data (Big Data)","start":{"date-parts":[[2018,12,10]]},"location":"Seattle, WA, USA","end":{"date-parts":[[2018,12,13]]}},"container-title":["2018 IEEE International Conference on Big Data (Big Data)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8610059\/8621858\/08622083.pdf?arnumber=8622083","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T00:29:14Z","timestamp":1643243354000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8622083\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12]]},"references-count":16,"URL":"https:\/\/doi.org\/10.1109\/bigdata.2018.8622083","relation":{},"subject":[],"published":{"date-parts":[[2018,12]]}}}