{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T06:00:17Z","timestamp":1775628017051,"version":"3.50.1"},"reference-count":30,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T00:00:00Z","timestamp":1764720000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T00:00:00Z","timestamp":1764720000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,12,3]]},"DOI":"10.1109\/icmla66185.2025.00145","type":"proceedings-article","created":{"date-parts":[[2026,4,7]],"date-time":"2026-04-07T19:54:58Z","timestamp":1775591698000},"page":"966-971","source":"Crossref","is-referenced-by-count":0,"title":["Memory-Augmented Log Analysis with Phi-4-mini: Enhancing Threat Detection in Structured Security Logs"],"prefix":"10.1109","author":[{"given":"Anbi","family":"Guo","sequence":"first","affiliation":[{"name":"Pennsylvania State University,School of Electrical Engineering and Computer Science,University Park,PA,USA"}]},{"given":"Mahfuza","family":"Farooque","sequence":"additional","affiliation":[{"name":"Pennsylvania State University,School of Electrical Engineering and Computer Science,University Park,PA,USA"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/3458754"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1093\/bib\/bbac409"},{"key":"ref3","article-title":"Bloomberggpt: A large language model for finance","author":"Wu","year":"2023"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1038\/s41591-024-03423-7"},{"key":"ref5","article-title":"Google Cloud, \u201cRSA: Google Cloud Security AI Workbench and Generative AI,\u201d","year":"2024"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/DSAA.2018.00018"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2025.100765"},{"key":"ref8","first-page":"80","article-title":"Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains","volume":"1","author":"Hutchins","year":"2011","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44885-4_5"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1162\/tacl_a_00638"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1016\/s0079-6123(07)00020-9"},{"key":"ref12","article-title":"MemGPT: Towards LLMs as Operating Systems","author":"Packer","year":"2023"},{"key":"ref13","first-page":"1877","article-title":"Language models are few-shot learners","volume":"33","author":"Brown","year":"2020","journal-title":"Adv. Neural Inf. Process. Syst. (NeurIPS)"},{"key":"ref14","article-title":"Phi-4-mini technical report: Compact yet powerful multimodal language models via mixture-of-LoRAs","author":"Abouelenin","year":"2025"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/MilCIS.2015.7348942"},{"key":"ref16","article-title":"LoRA: Low-rank adaptation of large language models","author":"Hu","year":"2021"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134015"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN52387.2021.9534113"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/BigData59044.2023.10386543"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN64981.2025.11227209"},{"key":"ref21","article-title":"SecEncoder: Logs are All You Need in Security","author":"Bulut","year":"2024"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/WFPST58552.2024.00034"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/TBDATA.2019.2921572"},{"key":"ref24","first-page":"5776","article-title":"Minilm: Deep self-attention distillation for task-agnostic compression of pre-trained transformers","volume":"33","author":"Wang","year":"2020","journal-title":"Adv. Neural Inf. Process. Syst. (NeurIPS)"},{"key":"ref25","first-page":"9459","article-title":"Retrieval-augmented generation for knowledge-intensive NLP tasks","volume":"33","author":"Lewis","year":"2020","journal-title":"Adv. Neural Inf. Process. Syst. (NeurIPS)"},{"key":"ref26","article-title":"Enhancing retrieval-augmented generation: a study of best practices","author":"Li","year":"2025"},{"key":"ref27","article-title":"MITRE ATT&CK Framework","year":"2024"},{"key":"ref28","author":"Yu","year":"2016","journal-title":"A Bayesian Ensemble for Unsupervised Anomaly Detection"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1093\/jrsssb\/qkac007"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-023-10364-1"}],"event":{"name":"2025 International Conference on Machine Learning and Applications (ICMLA)","location":"Boca Raton, FL, USA","start":{"date-parts":[[2025,12,3]]},"end":{"date-parts":[[2025,12,5]]}},"container-title":["2025 International Conference on Machine Learning and Applications (ICMLA)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11471302\/11471304\/11471424.pdf?arnumber=11471424","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T05:21:12Z","timestamp":1775625672000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11471424\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,3]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/icmla66185.2025.00145","relation":{},"subject":[],"published":{"date-parts":[[2025,12,3]]}}}