{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,7]],"date-time":"2026-04-07T16:25:25Z","timestamp":1775579125840,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,8,13]],"date-time":"2024-08-13T00:00:00Z","timestamp":1723507200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Austrian Research Promotion Agency","award":["FO999899544"],"award-info":[{"award-number":["FO999899544"]}]},{"DOI":"10.13039\/100018709","name":"European Defence Fund","doi-asserted-by":"publisher","award":["101121403"],"award-info":[{"award-number":["101121403"]}],"id":[{"id":"10.13039\/100018709","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100018709","name":"European Defence Fund","doi-asserted-by":"publisher","award":["101103385"],"award-info":[{"award-number":["101103385"]}],"id":[{"id":"10.13039\/100018709","id-type":"DOI","asserted-by":"publisher"}]},{"name":"European Defence Fund","award":["101121403"],"award-info":[{"award-number":["101121403"]}]},{"name":"European Defence Fund","award":["101103385"],"award-info":[{"award-number":["101103385"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,8,13]]},"DOI":"10.1145\/3675741.3675748","type":"proceedings-article","created":{"date-parts":[[2024,8,6]],"date-time":"2024-08-06T16:34:45Z","timestamp":1722962085000},"page":"41-53","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Introducing a New Alert Data Set for Multi-Step Attack Analysis"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3813-3151","authenticated-orcid":false,"given":"Max","family":"Landauer","sequence":"first","affiliation":[{"name":"AIT Austrian Institute of Technology, Austria"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1922-7892","authenticated-orcid":false,"given":"Florian","family":"Skopik","sequence":"additional","affiliation":[{"name":"AIT Austrian Institute of Technology, Austria"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3259-6972","authenticated-orcid":false,"given":"Markus","family":"Wurzenberger","sequence":"additional","affiliation":[{"name":"AIT Austrian Institute of Technology, Austria"}]}],"member":"320","published-online":{"date-parts":[[2024,8,13]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the USENIX Security Symposium. 2783\u20132800","author":"Alahmadi A","year":"2022","unstructured":"Bushra\u00a0A Alahmadi, Louise Axon, and Ivan Martinovic. 2022. 99% False Positives: A Qualitative Study of SOC Analysts\u2019 Perspectives on Security Alarms. In Proceedings of the USENIX Security Symposium. 2783\u20132800."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3433174.3433614"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.03.014"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2871866"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.dib.2020.106530"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-019-0038-7"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3168976"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3201582"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2020.3031317"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510581"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3567675"},{"key":"e_1_3_2_1_12_1","volume-title":"A survey on artificial intelligence techniques for security event correlation: models, challenges, and opportunities. Artificial Intelligence Review","author":"Levshun Diana","year":"2023","unstructured":"Diana Levshun and Igor Kotenko. 2023. A survey on artificial intelligence techniques for security event correlation: models, challenges, and opportunities. Artificial Intelligence Review (2023), 1\u201344."},{"key":"e_1_3_2_1_13_1","volume-title":"https:\/\/www.mandiant.com\/m-trends. Online","author":"Trends","year":"2023","unstructured":"Mandiant. 2023. M-Trends 2023. https:\/\/www.mandiant.com\/m-trends. Online; accessed 2023-08-10."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3514040"},{"key":"e_1_3_2_1_15_1","volume-title":"Framework to describe intentions of a cyber attack action. arXiv preprint arXiv:2002.07838","author":"Moskal Stephen","year":"2020","unstructured":"Stephen Moskal and Shanchieh\u00a0Jay Yang. 2020. Framework to describe intentions of a cyber attack action. arXiv preprint arXiv:2002.07838 (2020)."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2018.8587402"},{"key":"e_1_3_2_1_17_1","first-page":"731","article-title":"Alert-driven attack graph generation using s-pdfa","volume":"19","author":"Nadeem Azqa","year":"2021","unstructured":"Azqa Nadeem, Sicco Verwer, Stephen Moskal, and Shanchieh\u00a0Jay Yang. 2021. Alert-driven attack graph generation using s-pdfa. IEEE Transactions on Dependable and Secure Computing 19, 2 (2021), 731\u2013746.","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.03.001"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/DESEC.2018.8625145"},{"key":"e_1_3_2_1_20_1","volume-title":"Towards event aggregation for reducing the","author":"Ramaki Ali\u00a0Ahmadian","year":"2021","unstructured":"Ali\u00a0Ahmadian Ramaki, Abbas Ghaemi-Bafghi, and Abbas Rasoolzadegan. 2021. Towards event aggregation for reducing the volume of logged events during IKC stages of APT attacks. arXiv preprint arXiv:2109.14303 (2021)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5220\/0006639801080116"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.12.012"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04968-2_4"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1117\/12.777341"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"e_1_3_2_1_26_1","volume-title":"FlexFringe: Modeling Software Behavior by Learning Probabilistic Automata. arXiv preprint arXiv:2203.16331","author":"Verwer Sicco","year":"2022","unstructured":"Sicco Verwer and Christian Hammerschmidt. 2022. FlexFringe: Modeling Software Behavior by Learning Probabilistic Automata. arXiv preprint arXiv:2203.16331 (2022)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-22915-7_40"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102203"}],"event":{"name":"CSET 2024: Workshop on Cyber Security Experimentation and Test","location":"Philadelphia PA USA","acronym":"CSET 2024"},"container-title":["Proceedings of the 17th Cyber Security Experimentation and Test Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3675741.3675748","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3675741.3675748","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:04:09Z","timestamp":1750291449000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3675741.3675748"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,13]]},"references-count":28,"alternative-id":["10.1145\/3675741.3675748","10.1145\/3675741"],"URL":"https:\/\/doi.org\/10.1145\/3675741.3675748","relation":{},"subject":[],"published":{"date-parts":[[2024,8,13]]},"assertion":[{"value":"2024-08-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}