{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T17:29:41Z","timestamp":1769016581543,"version":"3.49.0"},"reference-count":22,"publisher":"IEEE","license":[{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1109\/bigdata47090.2019.9006328","type":"proceedings-article","created":{"date-parts":[[2020,2,25]],"date-time":"2020-02-25T06:05:34Z","timestamp":1582610734000},"page":"3200-3209","source":"Crossref","is-referenced-by-count":32,"title":["A Framework for Cyber Threat Intelligence Extraction from Raw Log Data"],"prefix":"10.1109","author":[{"given":"Max","family":"Landauer","sequence":"first","affiliation":[]},{"given":"Florian","family":"Skopik","sequence":"additional","affiliation":[]},{"given":"Markus","family":"Wurzenberger","sequence":"additional","affiliation":[]},{"given":"Wolfgang","family":"Hotwagner","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"Rauber","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","author":"barnum","year":"2006","journal-title":"Common Attack Pattern Enumeration and Classification (CAPEC) Schema Description"},{"key":"ref11","author":"bianco","year":"2014","journal-title":"The pyramid of pain Intel-driven detection & response to increase your adversary’s cost of operations"},{"key":"ref12","first-page":"144","article-title":"Huma: A multi-layer framework for threat analysis in a heterogeneous log environment","author":"navarro","year":"2017","journal-title":"et al"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2002.1004372"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/EISIC.2017.20"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2016.7568578"},{"key":"ref16","article-title":"Aecid-pg: A tree-based log parser generator to enable log analysis","author":"wurzenberger","year":"2019","journal-title":"Proceedings of the 4th International Workshop on Analytics for Network and Service Management"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPSW.2012.146"},{"key":"ref18","article-title":"Attack patterns as a knowledge resource for building secure software","author":"barnum","year":"2007","journal-title":"Proceedings of the OMG Software Assurance Workshop"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/950191.950192"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134646"},{"key":"ref3","article-title":"Threat intelligence: Collecting, analysing, evaluating","author":"chismon","year":"2015","journal-title":"Tech Rep"},{"key":"ref6","first-page":"458","article-title":"Chainsmith: Automatically learning the semantics of malicious campaigns by mining threat intelligence reports","author":"zhu","year":"2018","journal-title":"Proceedings of Symposium on Security and Privacy"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.03.001"},{"key":"ref8","article-title":"How to define and build an effective cyber threat intelligence capability","author":"dalziel","year":"2014","journal-title":"Syngress Publishing"},{"key":"ref7","article-title":"Definition: Threat intelligence","author":"mcmillan","year":"2013","journal-title":"Gartner com"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.2014.6987016"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.001"},{"key":"ref9","author":"barnum","year":"2012","journal-title":"Standardizing Cyber Threat Intelligence Information with the Structured Threat Information EXpression (STIX)"},{"key":"ref20","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1007\/3-540-45474-8_4","article-title":"Probabilistic alert correlation","author":"valdes","year":"2001","journal-title":"Proceedings of the 4th International Workshop on Recent Advances in Intrusion Detection"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.7717\/peerj-cs.25"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991122"}],"event":{"name":"2019 IEEE International Conference on Big Data (Big Data)","location":"Los Angeles, CA, USA","start":{"date-parts":[[2019,12,9]]},"end":{"date-parts":[[2019,12,12]]}},"container-title":["2019 IEEE International Conference on Big Data (Big Data)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8986695\/9005444\/09006328.pdf?arnumber=9006328","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,17]],"date-time":"2022-07-17T21:54:34Z","timestamp":1658094874000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9006328\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,12]]},"references-count":22,"URL":"https:\/\/doi.org\/10.1109\/bigdata47090.2019.9006328","relation":{},"subject":[],"published":{"date-parts":[[2019,12]]}}}