{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T22:16:42Z","timestamp":1757456202479,"version":"3.28.0"},"reference-count":37,"publisher":"IEEE","license":[{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1109\/bigdata47090.2019.9006042","type":"proceedings-article","created":{"date-parts":[[2020,2,25]],"date-time":"2020-02-25T06:05:34Z","timestamp":1582610734000},"page":"5854-5863","source":"Crossref","is-referenced-by-count":3,"title":["An Approach for Scale Suspicious Network Events Detection"],"prefix":"10.1109","author":[{"given":"Cong","family":"Dong","sequence":"first","affiliation":[]},{"given":"YuFan","family":"Chen","sequence":"additional","affiliation":[]},{"given":"YunJian","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Bo","family":"Jiang","sequence":"additional","affiliation":[]},{"given":"DongXu","family":"Han","sequence":"additional","affiliation":[]},{"given":"BaoXu","family":"Liu","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.elerap.2018.08.002"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/BDCloud.2018.00107"},{"key":"ref31","first-page":"58","article-title":"A new alert correlation algorithm based on attack graph","author":"roschke","year":"2011","journal-title":"Computational Intelligence in Security for Information Systems"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.05.005"},{"key":"ref37","first-page":"2029","article-title":"Using big data to enhance the bosch production line performance: A kaggle challenge","author":"mangal","year":"2016","journal-title":"2014 IEEE International Conference on Big Data (Big Data)"},{"key":"ref36","article-title":"Kaggle lshtc4 winning solution","author":"puurula","year":"2014","journal-title":"arXiv preprint arXiv 1405 0546"},{"key":"ref35","first-page":"1","article-title":"Ensemble methods in machine learning","author":"dietterich","year":"2000","journal-title":"International Workshop on Multiple Classifier Systems"},{"key":"ref34","article-title":"Light gbm machine learning algorithm to online click fraud detection","volume":"2019","author":"minastireanu","year":"2019","journal-title":"Journal of Information Assurance & Cybersecurity"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/IAdCC.2013.6514334"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ICITCS.2013.6717881"},{"key":"ref12","doi-asserted-by":"crossref","first-page":"593","DOI":"10.1007\/978-3-642-31537-4_46","article-title":"Application of bagging, boosting and stacking to intrusion detection","author":"syarif","year":"2012","journal-title":"Proceedings Workshop on Machine Learning and Data Mining in Pattern Recognition"},{"key":"ref13","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/978-3-319-03584-0_14","article-title":"Alert correlation algorithms: A survey and taxonomy","author":"mirheidari","year":"2013","journal-title":"Cyberspace Safety and Security"},{"key":"ref14","first-page":"69","article-title":"A survey on ids alerts processing techniques","author":"al-mamory","year":"2007","journal-title":"Proceeding of the 6th WSEAS international conference on information security and privacy (ISP'07)"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.10.022"},{"key":"ref16","doi-asserted-by":"crossref","first-page":"1106","DOI":"10.1016\/j.jnca.2009.02.010","article-title":"Decentralized multi-dimensional alert correlation for collaborative intrusion detection","volume":"32","author":"zhou","year":"2009","journal-title":"Journal of Network and Computer Applications"},{"key":"ref17","first-page":"97","article-title":"Building attack scenarios through integration of complementary alert correlation method","volume":"4","author":"ning","year":"2004","journal-title":"NDSS"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/586143.586144"},{"key":"ref19","doi-asserted-by":"crossref","first-page":"979","DOI":"10.1145\/3167132.3167239","article-title":"Gac: graph-based alert correlation for the detection of distributed multi-step attacks","author":"haas","year":"2018","journal-title":"Proceedings of the 33rd Annual ACM Symposium on Applied Computing"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/1327452.1327492"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2015.12.127"},{"key":"ref27","first-page":"18","article-title":"Classification and regression by randomforest","volume":"2","author":"liaw","year":"2002","journal-title":"R News"},{"key":"ref3","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","article-title":"Probabilistic alert correlation","author":"valdes","year":"2001","journal-title":"International Workshop on Recent Advances in Intrusion Detection"},{"journal-title":"Gartner identifies the top seven security and risk management trends for 2019","year":"2019","key":"ref6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.Congress.2014.18"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0166017"},{"key":"ref8","first-page":"1840","article-title":"Scalable Cyber-security Analytics with a New summary-based Approximate Query Engine","year":"2017","journal-title":"Proceedings of 2017 IEEE International Conference on Big Data BigData 2017"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/BigData47090.2019.9005668"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00034"},{"key":"ref1","first-page":"1","article-title":"Alert correlation and aggregation techniques for reduction of security alerts and detection of multistage attack","volume":"5","author":"alserhani","year":"2016","journal-title":"International Journal of Advanced Studies in Computers Science and Engineering"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/1852666.1852722"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939785"},{"key":"ref21","first-page":"1189","article-title":"Greedy function approximation: a gradient boosting machine","author":"friedman","year":"2001","journal-title":"Annals of Statistics"},{"key":"ref24","first-page":"6638","article-title":"Catboost: unbiased boosting with categorical features","author":"prokhorenkova","year":"2018","journal-title":"Advances in neural information processing systems"},{"key":"ref23","first-page":"3146","article-title":"Lightgbm: A highly efficient gradient boosting decision tree","author":"ke","year":"2017","journal-title":"Advances in Neural IInformation Processing Systems"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.jneumeth.2014.11.011"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.enconman.2014.12.053"}],"event":{"name":"2019 IEEE International Conference on Big Data (Big Data)","start":{"date-parts":[[2019,12,9]]},"location":"Los Angeles, CA, USA","end":{"date-parts":[[2019,12,12]]}},"container-title":["2019 IEEE International Conference on Big Data (Big Data)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8986695\/9005444\/09006042.pdf?arnumber=9006042","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,17]],"date-time":"2022-07-17T21:49:24Z","timestamp":1658094564000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9006042\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,12]]},"references-count":37,"URL":"https:\/\/doi.org\/10.1109\/bigdata47090.2019.9006042","relation":{},"subject":[],"published":{"date-parts":[[2019,12]]}}}