{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,18]],"date-time":"2026-04-18T16:41:26Z","timestamp":1776530486381,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T00:00:00Z","timestamp":1628467200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"The Ministry ofInternal Affairs and Communications, Japan","award":["JPJ000254"],"award-info":[{"award-number":["JPJ000254"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,8,9]]},"DOI":"10.1145\/3474718.3474723","type":"proceedings-article","created":{"date-parts":[[2021,9,7]],"date-time":"2021-09-07T16:42:08Z","timestamp":1631032928000},"page":"9-16","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":48,"title":["Combat Security Alert Fatigue with AI-Assisted Techniques"],"prefix":"10.1145","author":[{"given":"Tao","family":"Ban","sequence":"first","affiliation":[{"name":"National Institute of Information and Communications Technology, Japan"}]},{"given":"Ndichu","family":"Samuel","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology, Japan"}]},{"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology, Japan"}]},{"given":"Daisuke","family":"Inoue","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology, Japan"}]}],"member":"320","published-online":{"date-parts":[[2021,9,7]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Threat Alert Prioritization Using Isolation Forest and Stacked Auto Encoder With Day-Forward-Chaining Analysis","author":"Aminanto Muhamad\u00a0Erza","unstructured":"Muhamad\u00a0Erza Aminanto , Tao Ban , Ryoichi Isawa , Takeshi Takahashi , and Daisuke Inoue . 2020. Threat Alert Prioritization Using Isolation Forest and Stacked Auto Encoder With Day-Forward-Chaining Analysis . In IEEE Access. IEEE , 217977\u2013217986. Muhamad\u00a0Erza Aminanto, Tao Ban, Ryoichi Isawa, Takeshi Takahashi, and Daisuke Inoue. 2020. Threat Alert Prioritization Using Isolation Forest and Stacked Auto Encoder With Day-Forward-Chaining Analysis. In IEEE Access. IEEE, 217977\u2013217986."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3041837"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2762828"},{"key":"e_1_3_2_1_4_1","volume-title":"International Workshop on Information Security Applications. Springer, 212\u2013223","author":"Aminanto Muhamad\u00a0Erza","year":"2017","unstructured":"Muhamad\u00a0Erza Aminanto and Kwangjo Kim . 2017 . Improving detection of Wi-Fi impersonation by fully unsupervised deep learning . In International Workshop on Information Security Applications. Springer, 212\u2013223 . Muhamad\u00a0Erza Aminanto and Kwangjo Kim. 2017. Improving detection of Wi-Fi impersonation by fully unsupervised deep learning. In International Workshop on Information Security Applications. Springer, 212\u2013223."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-36708-4_62"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/WCCAIS.2014.6916651"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2013.48"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/CBD.2013.27"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1961189.1961199"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"Herve Debar David Curry and Benjamin Feinstein. 2007. The intrusion detection message exchange format (IDMEF).  Herve Debar David Curry and Benjamin Feinstein. 2007. The intrusion detection message exchange format (IDMEF).","DOI":"10.17487\/rfc4765"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.3182\/20130902-3-CN-3020.00044"},{"key":"e_1_3_2_1_12_1","volume-title":"Pattern Classification","author":"Duda O.","unstructured":"Richard\u00a0 O. Duda , Peter\u00a0 E. Hart , and David\u00a0 G. Stork . 2000. Pattern Classification ( 2 nd Edition)(2 ed.). Wiley-Interscience . Richard\u00a0O. Duda, Peter\u00a0E. Hart, and David\u00a0G. Stork. 2000. Pattern Classification (2nd Edition)(2 ed.). Wiley-Interscience.","edition":"2"},{"key":"e_1_3_2_1_13_1","volume-title":"NODOZE: Combatting Threat Alert Fatigue with Automated Provenance Triage. In Network and Distributed Systems Security (NDSS) Symposium 2019","author":"Hassan Wajih\u00a0Ul","year":"2019","unstructured":"Wajih\u00a0Ul Hassan , Shengjian Guo , Ding Li , Zhengzhang Chen , Kangkook Jee , Zhichun Li , and Adam Bates . 2019 . NODOZE: Combatting Threat Alert Fatigue with Automated Provenance Triage. In Network and Distributed Systems Security (NDSS) Symposium 2019 ( San Diego). Wajih\u00a0Ul Hassan, Shengjian Guo, Ding Li, Zhengzhang Chen, Kangkook Jee, Zhichun Li, and Adam Bates. 2019. NODOZE: Combatting Threat Alert Fatigue with Automated Provenance Triage. In Network and Distributed Systems Security (NDSS) Symposium 2019 (San Diego)."},{"key":"e_1_3_2_1_14_1","volume-title":"Log Event Extended Format (LEEF). https:\/\/www.ibm.com\/support\/knowledgecenter\/SS42VS_DSM\/b_Leef_format_guide.pdf. [Online","author":"IBM.","year":"2019","unstructured":"IBM. 2016. Log Event Extended Format (LEEF). https:\/\/www.ibm.com\/support\/knowledgecenter\/SS42VS_DSM\/b_Leef_format_guide.pdf. [Online ; accessed 9th May 2019 ]. IBM. 2016. Log Event Extended Format (LEEF). https:\/\/www.ibm.com\/support\/knowledgecenter\/SS42VS_DSM\/b_Leef_format_guide.pdf. [Online; accessed 9th May 2019]."},{"key":"e_1_3_2_1_15_1","volume-title":"The JSON Data Interchange Format. https:\/\/www.ecma-international.org\/wp-content\/uploads\/ECMA-404_1st_edition_october_2013.pdf. [Online","author":"International ECMA","year":"2021","unstructured":"ECMA International . 2013. The JSON Data Interchange Format. https:\/\/www.ecma-international.org\/wp-content\/uploads\/ECMA-404_1st_edition_october_2013.pdf. [Online ; accessed 30th January 2021 ]. ECMA International. 2013. The JSON Data Interchange Format. https:\/\/www.ecma-international.org\/wp-content\/uploads\/ECMA-404_1st_edition_october_2013.pdf. [Online; accessed 30th January 2021]."},{"key":"e_1_3_2_1_16_1","volume-title":"Performance Evaluation of Different Feature Encoding Schemes on Cybersecurity Logs. In 2019 SoutheastCon","author":"Jackson Eric","year":"2019","unstructured":"Eric Jackson and Rajeev Agrawal . 2019. Performance Evaluation of Different Feature Encoding Schemes on Cybersecurity Logs. In 2019 SoutheastCon . IEEE , 1\u20139. https:\/\/doi.org\/10.1109\/SoutheastCon42311. 2019 .9020560 Eric Jackson and Rajeev Agrawal. 2019. Performance Evaluation of Different Feature Encoding Schemes on Cybersecurity Logs. In 2019 SoutheastCon. IEEE, 1\u20139. https:\/\/doi.org\/10.1109\/SoutheastCon42311.2019.9020560"},{"key":"e_1_3_2_1_17_1","volume-title":"Improving Attack Detection Performance in NIDS Using GAN. In 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)","author":"Li Dongyang","year":"2020","unstructured":"Dongyang Li , Daisuke Kotani , and Yasuo Okabe . 2020. Improving Attack Detection Performance in NIDS Using GAN. In 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC) . IEEE , 817\u2013825. https:\/\/doi.org\/10.1109\/COMPSAC48688. 2020 .0-162 Dongyang Li, Daisuke Kotani, and Yasuo Okabe. 2020. Improving Attack Detection Performance in NIDS Using GAN. In 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, 817\u2013825. https:\/\/doi.org\/10.1109\/COMPSAC48688.2020.0-162"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2014.6889798"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/CASON.2011.6085959"},{"key":"e_1_3_2_1_20_1","volume-title":"31.9% of IT Security Professionals Ignore Alerts. https:\/\/www.mcafee.com\/blogs\/enterprise\/cloud-security\/alert-fatigue-31-9-of-it-security-professionals-ignore-alerts\/. [Online","author":"Fatigue Alert","year":"2021","unstructured":"McAfee. 2017. Alert Fatigue : 31.9% of IT Security Professionals Ignore Alerts. https:\/\/www.mcafee.com\/blogs\/enterprise\/cloud-security\/alert-fatigue-31-9-of-it-security-professionals-ignore-alerts\/. [Online ; accessed 30th January 2021 ]. McAfee. 2017. Alert Fatigue: 31.9% of IT Security Professionals Ignore Alerts. https:\/\/www.mcafee.com\/blogs\/enterprise\/cloud-security\/alert-fatigue-31-9-of-it-security-professionals-ignore-alerts\/. [Online; accessed 30th January 2021]."},{"key":"e_1_3_2_1_21_1","unstructured":"McAfee. 2017. McAfee Enterprise Security Manager 10.2.0 Product Guide (Unmanaged). https:\/\/docs.mcafee.com\/bundle\/enterprise-security-manager-10.2.0-product-guide-unmanaged\/page\/GUID-984F5DA6-8D84-4549-855B-C77D53CF96B9.html. [Online; accessed 30th September 2020].  McAfee. 2017. McAfee Enterprise Security Manager 10.2.0 Product Guide (Unmanaged). https:\/\/docs.mcafee.com\/bundle\/enterprise-security-manager-10.2.0-product-guide-unmanaged\/page\/GUID-984F5DA6-8D84-4549-855B-C77D53CF96B9.html. [Online; accessed 30th September 2020]."},{"key":"e_1_3_2_1_22_1","unstructured":"MITRE. [n.d.]. Common Event Expression \u2014 CEE A Unified Event Language for Interoperability. http:\/\/makingsecuritymeasurable.mitre.org\/docs\/cee-intro-handout.pdf. [Online; accessed 9th May 2019].  MITRE. [n.d.]. Common Event Expression \u2014 CEE A Unified Event Language for Interoperability. http:\/\/makingsecuritymeasurable.mitre.org\/docs\/cee-intro-handout.pdf. [Online; accessed 9th May 2019]."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISIAS.2013.6947748"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCAA.2017.8229866"},{"key":"e_1_3_2_1_25_1","unstructured":"Li Sun Steven Versteeg Serdar Boztas and Asha Rao. 2016. Detecting Anomalous User Behavior Using an Extended Isolation Forest Algorithm: An Enterprise Case Study. CoRR abs\/1609.06676(2016). arxiv:1609.06676http:\/\/arxiv.org\/abs\/1609.06676  Li Sun Steven Versteeg Serdar Boztas and Asha Rao. 2016. Detecting Anomalous User Behavior Using an Extended Isolation Forest Algorithm: An Enterprise Case Study. CoRR abs\/1609.06676(2016). arxiv:1609.06676http:\/\/arxiv.org\/abs\/1609.06676"},{"key":"e_1_3_2_1_26_1","volume-title":"Workshops at the Thirty-First AAAI Conference on Artificial Intelligence.","author":"Tuor Aaron","year":"2017","unstructured":"Aaron Tuor , Samuel Kaplan , Brian Hutchinson , Nicole Nichols , and Sean Robinson . 2017 . Deep learning for unsupervised insider threat detection in structured cybersecurity data streams . In Workshops at the Thirty-First AAAI Conference on Artificial Intelligence. Aaron Tuor, Samuel Kaplan, Brian Hutchinson, Nicole Nichols, and Sean Robinson. 2017. Deep learning for unsupervised insider threat detection in structured cybersecurity data streams. In Workshops at the Thirty-First AAAI Conference on Artificial Intelligence."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"e_1_3_2_1_28_1","first-page":"2579","article-title":"Visualizing Data using t-SNE","volume":"9","author":"van\u00a0der Maaten Laurens","year":"2008","unstructured":"Laurens van\u00a0der Maaten and Geoffrey Hinton . 2008 . Visualizing Data using t-SNE . Journal of Machine Learning Research 9 (2008), 2579 \u2013 2605 . http:\/\/www.jmlr.org\/papers\/v9\/vandermaaten08a.html Laurens van\u00a0der Maaten and Geoffrey Hinton. 2008. Visualizing Data using t-SNE. Journal of Machine Learning Research 9 (2008), 2579\u20132605. http:\/\/www.jmlr.org\/papers\/v9\/vandermaaten08a.html","journal-title":"Journal of Machine Learning Research"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/211359"}],"event":{"name":"CSET '21: Cyber Security Experimentation and Test Workshop","location":"Virtual CA USA","acronym":"CSET '21"},"container-title":["Cyber Security Experimentation and Test Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3474718.3474723","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3474718.3474723","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:11:46Z","timestamp":1750191106000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3474718.3474723"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,9]]},"references-count":29,"alternative-id":["10.1145\/3474718.3474723","10.1145\/3474718"],"URL":"https:\/\/doi.org\/10.1145\/3474718.3474723","relation":{},"subject":[],"published":{"date-parts":[[2021,8,9]]},"assertion":[{"value":"2021-09-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}