{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T15:12:53Z","timestamp":1781017973457,"version":"3.54.1"},"reference-count":53,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"National Key Research and Development Program of China","award":["2021YFB2700900"],"award-info":[{"award-number":["2021YFB2700900"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62376074"],"award-info":[{"award-number":["62376074"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Shenzhen Science and Technology Program","award":["KCXST20221021111404010"],"award-info":[{"award-number":["KCXST20221021111404010"]}]},{"name":"Shenzhen Science and Technology Program","award":["JSGG20220831103400002"],"award-info":[{"award-number":["JSGG20220831103400002"]}]},{"name":"Shenzhen Science and Technology Program","award":["JSGGKQTD20221101115655027"],"award-info":[{"award-number":["JSGGKQTD20221101115655027"]}]},{"name":"Shenzhen Science and Technology Program","award":["KJZD20230923114405011"],"award-info":[{"award-number":["KJZD20230923114405011"]}]},{"name":"Shenzhen Science and Technology Program","award":["KCXFZ20230731093001002"],"award-info":[{"award-number":["KCXFZ20230731093001002"]}]},{"name":"Shenzhen Science and Technology Program","award":["ZDSYS20230626091203008"],"award-info":[{"award-number":["ZDSYS20230626091203008"]}]},{"DOI":"10.13039\/501100004806","name":"Fok Ying Tong Education Foundation","doi-asserted-by":"publisher","award":["171058"],"award-info":[{"award-number":["171058"]}],"id":[{"id":"10.13039\/501100004806","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002920","name":"University Grants Committee of the Hong Kong Special Administrative Region, China","doi-asserted-by":"publisher","award":["11201421"],"award-info":[{"award-number":["11201421"]}],"id":[{"id":"10.13039\/501100002920","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Cloud Technology Endowed Professorship"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/tifs.2024.3372771","type":"journal-article","created":{"date-parts":[[2024,3,4]],"date-time":"2024-03-04T14:11:58Z","timestamp":1709561518000},"page":"4741-4751","source":"Crossref","is-referenced-by-count":25,"title":["Double-Layer Detection of Internal Threat in Enterprise Systems Based on Deep Learning"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3820-8128","authenticated-orcid":false,"given":"Daojing","family":"He","sequence":"first","affiliation":[{"name":"School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xin","family":"Lv","sequence":"additional","affiliation":[{"name":"School of Information Engineering, Jiangxi University of Science and Technology, Ganzhou, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xueqian","family":"Xu","sequence":"additional","affiliation":[{"name":"School of Software Engineering, East China Normal University, Shanghai, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8524-229X","authenticated-orcid":false,"given":"Sammy","family":"Chan","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering, City University of Hong Kong, Kowloon Tong, Hong Kong"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9208-5336","authenticated-orcid":false,"given":"Kim-Kwang Raymond","family":"Choo","sequence":"additional","affiliation":[{"name":"Department of Information Systems and Cyber Security, The University of Texas at San Antonio, San Antonio, TX, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3118931"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/s10588-021-09341-0"},{"key":"ref3","volume-title":"The CERT Guide to Insder Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)","author":"Cappelli","year":"2012"},{"key":"ref4","volume-title":"Insider Threat Report","year":"2023"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3151103"},{"issue":"3","key":"ref6","first-page":"292","article-title":"Application of matroids on network security","volume":"43","author":"Dui-Xia","year":"2015","journal-title":"J. Chin. Comput. Syst."},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ICAIT.2019.8935925"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/ICASID.2018.8693118"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101941"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SSCI47803.2020.9308236"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.14"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1631\/FITEE.1800516"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2954319"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3189530"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/SAI.2017.8252096"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecurity.2012.11"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/CITA.2015.7349818"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/ISPA\/IUCC.2017.00160"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.21236\/ADA456046"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.05.031"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/WETICE49692.2020.00045"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ICDMW.2018.00009"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2913705"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2800740"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2989739"},{"key":"ref26","volume-title":"Fighting Computer Crime: A New Framework for Protecting Information","author":"Parker","year":"1998"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-25952-7_15"},{"key":"ref28","article-title":"Database intrusion detection systems (DIDs): Insider threat detection via behavioural-based anomaly detection systems\u2014A brief survey of concepts and approaches","author":"Imran Khan","year":"2020","journal-title":"arXiv:2011.02308"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.3390\/app10155208"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ICISS49785.2020.9315932"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2995959.2995964"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/FTC.2016.7821723"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74320-0_8"},{"key":"ref34","article-title":"Recurrent neural network language models for open vocabulary event-level cyber anomaly detection","author":"Tuor","year":"2017","journal-title":"arXiv:1712.00557"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/ICAIBD57115.2023.10206282"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.3390\/app10144945"},{"key":"ref37","first-page":"1","article-title":"Learning correlation graph and anomalous employee behavior for insider threat detection","volume-title":"Proc. 21st Int. Conf. Inf. Fusion","author":"Wang"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SmartNets58706.2023.10215718"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2023.3279032"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1997.9.8.1735"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939785"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.21275\/ART20203995"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-020-09814-9"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.neunet.2005.06.042"},{"key":"ref45","article-title":"Attention is all you need","author":"Vaswani","year":"2017","journal-title":"arXiv:1706.03762"},{"key":"ref46","volume-title":"Enron Email Dataset","year":"2022"},{"key":"ref47","volume-title":"Phishing Dataset","year":"2022"},{"key":"ref48","volume-title":"Software Engineering Institute Insider Threat","year":"2023"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ACMI53878.2021.9528204"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1080\/08874417.2021.1903367"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2494502"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/ICSC.2018.00056"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2018.00043"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/10319981\/10458116.pdf?arnumber=10458116","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,31]],"date-time":"2025-07-31T18:31:17Z","timestamp":1753986677000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10458116\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":53,"URL":"https:\/\/doi.org\/10.1109\/tifs.2024.3372771","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}