{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T20:41:05Z","timestamp":1757450465274,"version":"3.28.0"},"reference-count":40,"publisher":"IEEE","license":[{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1109\/bigdata47090.2019.9005988","type":"proceedings-article","created":{"date-parts":[[2020,2,25]],"date-time":"2020-02-25T06:05:34Z","timestamp":1582610734000},"page":"5937-5944","source":"Crossref","is-referenced-by-count":1,"title":["An Ensemble Approach for Suspicious Traffic Detection from High Recall Network Alerts"],"prefix":"10.1109","author":[{"given":"Peilin","family":"Wu","sequence":"first","affiliation":[]},{"given":"Jinlei","family":"Li","sequence":"additional","affiliation":[]},{"given":"Yan","family":"Meng","sequence":"additional","affiliation":[]},{"given":"Haojin","family":"Zhu","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"Classification Roc curve and auc","year":"2019","key":"ref39"},{"key":"ref38","article-title":"Dart: Dropouts meet multiple additive regression trees","author":"rashmi","year":"2015","journal-title":"International Conference on Artificial Intelligence and Statistics (AISTATS)"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939785"},{"key":"ref32","first-page":"1189","article-title":"Greedy function approximation: a gradient boosting machine","author":"friedman","year":"2001","journal-title":"Annals of Statistics"},{"journal-title":"Breiman Leo and Cutler Adele Random Forests","year":"2004","key":"ref31"},{"key":"ref30","first-page":"18","article-title":"Classification and regression by randomforest","volume":"2","author":"liaw","year":"2002","journal-title":"R News"},{"key":"ref37","first-page":"993","article-title":"Latent dirichlet allocation","volume":"3","author":"blei","year":"2003","journal-title":"Journal of Machine Learning Research"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/BigData47090.2019.9005668"},{"key":"ref35","article-title":"Catboost: unbiased boosting with categorical features","author":"prokhorenkova","year":"2018","journal-title":"32nd Conference on Neural Information Processing Systems (NeurIPS 2018)"},{"key":"ref34","article-title":"Lightgbm: A highly efficient gradient boosting decision tree","author":"ke","year":"2017","journal-title":"31st Conference on Neural Information Processing Systems (NIPS 2017)"},{"journal-title":"State-of-the-Art in Cyber Threat Models and Methodologies","year":"2016","author":"magar","key":"ref10"},{"journal-title":"Bagging Predictors","year":"1994","author":"breiman","key":"ref40"},{"journal-title":"The cyber security ecosystem Defining a taxonomy of existing emerging and future cyber threats","year":"2017","author":"ferdinand","key":"ref11"},{"journal-title":"Attack taxonomies and ontologies","year":"2015","author":"abrek","key":"ref12"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2011.2163829"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2019.8802772"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2017.2753244"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2016.7524528"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2009.07.011"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCB.2008.2002909"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.07.007"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/1007730.1007735"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134015"},{"key":"ref27","doi-asserted-by":"crossref","first-page":"769","DOI":"10.1109\/TSMC.1976.4309452","article-title":"Two modifications of cnn","volume":"smc 6","author":"tomek","year":"1976","journal-title":"IEEE Transactions on Systems Man and Cybernetics"},{"journal-title":"The 2019 Official Annual Cybercrime Report","year":"2019","author":"morgan","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/1835804.1835883"},{"key":"ref29","first-page":"10","article-title":"Balancing training data for automated annotation of keywords: a case study","author":"batista","year":"2003","journal-title":"BioInformatics Workshop"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629587"},{"journal-title":"System and method for adding network traffic data to a database of network traffic data","year":"2001","author":"waugh","key":"ref8"},{"key":"ref7","article-title":"Scalable cyber-security analytics with a new summary-based approximate query engine","author":"?lezak","year":"2017","journal-title":"2017 IEEE International Conference on Big Data (Big Data)"},{"journal-title":"Data breach statistics","year":"2019","key":"ref2"},{"journal-title":"Classification of network attacks and detection methods","year":"2016","author":"val\u00fa\u0161ek","key":"ref9"},{"journal-title":"AVOIDIT A Cyber Attack Taxonomy","year":"2009","author":"simmons","key":"ref1"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1142\/S0218001409007326"},{"key":"ref22","article-title":"Adasyn: Adaptive synthetic sampling approach for imbalanced learning","author":"he","year":"2008","journal-title":"International Joint Conference on Neural Networks 2008"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1613\/jair.953"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1968.1054155"},{"key":"ref23","first-page":"878","article-title":"Borderline-smote: A new over-sampling method in imbalanced data sets learning","volume":"3644","author":"han","year":"2005","journal-title":"International Conference on Intelligent Computing 2005"},{"key":"ref26","article-title":"KNN Approach to Unbalanced Data Distributions: A Case Study Involving Information Extraction","author":"zhang","year":"2003","journal-title":"Proc Workshop Learning from Imbalanced Datasets II"},{"key":"ref25","doi-asserted-by":"crossref","first-page":"448","DOI":"10.1109\/TSMC.1976.4309523","article-title":"An experiment with the edited nearest-neighbor rule","volume":"smc 6","author":"tomek","year":"1976","journal-title":"IEEE Transactions on Systems Man and Cybernetics"}],"event":{"name":"2019 IEEE International Conference on Big Data (Big Data)","start":{"date-parts":[[2019,12,9]]},"location":"Los Angeles, CA, USA","end":{"date-parts":[[2019,12,12]]}},"container-title":["2019 IEEE International Conference on Big Data (Big Data)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8986695\/9005444\/09005988.pdf?arnumber=9005988","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,17]],"date-time":"2022-07-17T21:47:57Z","timestamp":1658094477000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9005988\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,12]]},"references-count":40,"URL":"https:\/\/doi.org\/10.1109\/bigdata47090.2019.9005988","relation":{},"subject":[],"published":{"date-parts":[[2019,12]]}}}