{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T08:22:44Z","timestamp":1775031764501,"version":"3.50.1"},"reference-count":38,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&amp;D Program of China","doi-asserted-by":"publisher","award":["2022YFB3103100"],"award-info":[{"award-number":["2022YFB3103100"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["92167102"],"award-info":[{"award-number":["92167102"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Importation and Development of High-Caliber Talents Project of Beijing Municipal Institutions","award":["CIT & TCD20190308"],"award-info":[{"award-number":["CIT & TCD20190308"]}]},{"DOI":"10.13039\/501100002888","name":"Beijing Municipal Education Commission","doi-asserted-by":"publisher","award":["KM202110005025"],"award-info":[{"award-number":["KM202110005025"]}],"id":[{"id":"10.13039\/501100002888","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005089","name":"Beijing Natural Science Foundation Project","doi-asserted-by":"publisher","award":["Z200002"],"award-info":[{"award-number":["Z200002"]}],"id":[{"id":"10.13039\/501100005089","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005090","name":"Beijing Nova Program","doi-asserted-by":"publisher","award":["Z211100002121150"],"award-info":[{"award-number":["Z211100002121150"]}],"id":[{"id":"10.13039\/501100005090","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2025,1]]},"DOI":"10.1109\/tse.2024.3497588","type":"journal-article","created":{"date-parts":[[2024,11,13]],"date-time":"2024-11-13T18:53:04Z","timestamp":1731523984000},"page":"153-171","source":"Crossref","is-referenced-by-count":3,"title":["A Context-Aware Clustering Approach for Assisting Operators in Classifying Security Alerts"],"prefix":"10.1109","volume":"51","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4117-2047","authenticated-orcid":false,"given":"Yu","family":"Liu","sequence":"first","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8881-0037","authenticated-orcid":false,"given":"Tong","family":"Li","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2929-2484","authenticated-orcid":false,"given":"Runzi","family":"Zhang","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group Company Ltd., Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-6539-797X","authenticated-orcid":false,"given":"Zhao","family":"Jin","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-7477-2925","authenticated-orcid":false,"given":"Mingkai","family":"Tong","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group Company Ltd., Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-2046-5305","authenticated-orcid":false,"given":"Wenmao","family":"Liu","sequence":"additional","affiliation":[{"name":"NSFOCUS Technologies Group Company Ltd., Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9536-7339","authenticated-orcid":false,"given":"Yiting","family":"Wang","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6058-0217","authenticated-orcid":false,"given":"Zhen","family":"Yang","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102675"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354239"},{"key":"ref3","first-page":"2783","article-title":"99% false positives: A qualitative study of {SOC} analysts\u2019 perspectives on security alarms","volume-title":"Proc. 31st USENIX Secur. Symp. (USENIX Secur.)","author":"Alahmadi","year":"2022"},{"key":"ref4","article-title":"Anticipating the unknowns - chief information security officer(CISO) benchmark study","year":"2019"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23349"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-36708-4_62"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM41043.2020.9155219"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.18293\/seke2022-116"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243811"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134015"},{"key":"ref11","article-title":"Attack2vec: Leveraging temporal word embeddings to understand the evolution of cyberattacks","author":"Shen","year":"2019"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833671"},{"key":"ref13","first-page":"2564","article-title":"Human-guided machine learning for fast and accurate network alarm triage","volume-title":"Proc. \u201911 Proc. 22nd Int. Joint Conf. Artif. Intell.","author":"Amershi","year":"2011"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2481244.2481248"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.14778\/3402707.3402736"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623732"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939754"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/2736277.2741093"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3097983.3098036"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.1310.4546"},{"key":"ref21","article-title":"Efficient estimation of word representations in vector space","author":"Mikolov","year":"2013"},{"issue":"34","key":"ref22","first-page":"226","article-title":"A density-based algorithm for discovering clusters in large spatial databases with noise","volume-title":"Proc. kdd","volume":"96","author":"Ester","year":"1996"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/304181.304187"},{"key":"ref24","first-page":"410","article-title":"V-measure: A conditional entropy-based external cluster evaluation measure","volume-title":"Proc. Joint Conf. Empirical Methods Natural Lang. Process. Comput. Natural Lang. Learn. (EMNLP-CoNLL)","author":"Rosenberg","year":"2007"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2024.01.032"},{"key":"ref26","article-title":"Throttle alerts","year":"2023"},{"issue":"11","key":"ref27","first-page":"2579","article-title":"Visualizing data using t-SNE","volume":"9","author":"Maaten","year":"2008","journal-title":"J. Mach. Learn. Res."},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3409768"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510055"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3417061"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623360"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678746"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2009.02.097"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/1555228.1555232"},{"key":"ref35","doi-asserted-by":"crossref","first-page":"162","DOI":"10.1145\/3377813.3381363","article-title":"Understanding and handling alert storm for online service systems","volume-title":"Proc. ACM\/IEEE 42nd Int. Conf. Softw. Eng.: Softw. Eng. Pract.","author":"Zhao","year":"2020"},{"key":"ref36","first-page":"373","article-title":"How incidental are the incidents? Characterizing and prioritizing incidents for large-scale online service systems","volume-title":"Proc. 35th IEEE\/ACM Int. Conf. Automated Softw. Eng.","author":"Chen","year":"2020"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/IPCCC47392.2019.8958761"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29044-2"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/32\/10837580\/10752431.pdf?arnumber=10752431","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,13]],"date-time":"2025-01-13T19:50:58Z","timestamp":1736797858000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10752431\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":38,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/tse.2024.3497588","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"value":"0098-5589","type":"print"},{"value":"1939-3520","type":"electronic"},{"value":"2326-3881","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1]]}}}