{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T18:45:40Z","timestamp":1776883540526,"version":"3.51.2"},"reference-count":15,"publisher":"IEEE","license":[{"start":{"date-parts":[[2020,4,1]],"date-time":"2020-04-01T00:00:00Z","timestamp":1585699200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,4,1]],"date-time":"2020-04-01T00:00:00Z","timestamp":1585699200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,4,1]],"date-time":"2020-04-01T00:00:00Z","timestamp":1585699200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,4]]},"DOI":"10.1109\/noms47738.2020.9110439","type":"proceedings-article","created":{"date-parts":[[2020,6,8]],"date-time":"2020-06-08T18:06:15Z","timestamp":1591639575000},"page":"1-4","source":"Crossref","is-referenced-by-count":12,"title":["On the Detection of Persistent Attacks using Alert Graphs and Event Feature Embeddings"],"prefix":"10.1109","author":[{"given":"Benjamin","family":"Burr","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shelly","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Geoff","family":"Salmon","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hazem","family":"Soliman","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3240323.3240377"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1088\/1742-5468\/2008\/10\/P10008"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.70.066111"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623732"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939754"},{"key":"ref15","first-page":"957","article-title":"From word embeddings to document distances","volume":"37","author":"kusner","year":"2015","journal-title":"ICML’15 Proceedings of the 32nd International Conference on International Conference on Machine Learning"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-24230-9_4"},{"key":"ref3","article-title":"Statistical Causality Analysis of Alert Correlation Feature Selection","author":"ren","year":"2010","journal-title":"M Sc Thesis"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3325061.3325062"},{"key":"ref5","author":"shittu","year":"2016","journal-title":"Mining intrusion detection alert logs to minimise false positives & gain attack insight"},{"key":"ref8","first-page":"3111","article-title":"Distributed Representations of Words and Phrases and their Compositionality","volume":"2","author":"mikolov","year":"2013","journal-title":"Proceedings of the 26th International Conference on Neural Information Processing Systems"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991122"},{"key":"ref2","article-title":"Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win","author":"lambert","year":"2015","journal-title":"Defender Mindset Blog"},{"key":"ref1","article-title":"Attack Analysis Results for Adversarial Engagement 1 of the DARPA Transparent Computing Program","author":"eshete","year":"2016","journal-title":"arXiv preprint arXiv 1610 09756"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ICDMW.2017.93"}],"event":{"name":"NOMS 2020-2020 IEEE\/IFIP Network Operations and Management Symposium","location":"Budapest, Hungary","start":{"date-parts":[[2020,4,20]]},"end":{"date-parts":[[2020,4,24]]}},"container-title":["NOMS 2020 - 2020 IEEE\/IFIP Network Operations and Management Symposium"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9107308\/9110252\/09110439.pdf?arnumber=9110439","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,28]],"date-time":"2022-06-28T17:56:51Z","timestamp":1656439011000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9110439\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4]]},"references-count":15,"URL":"https:\/\/doi.org\/10.1109\/noms47738.2020.9110439","relation":{},"subject":[],"published":{"date-parts":[[2020,4]]}}}