{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,30]],"date-time":"2026-06-30T01:17:12Z","timestamp":1782782232074,"version":"3.54.5"},"reference-count":21,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,11]]},"DOI":"10.1109\/isi.2018.8587402","type":"proceedings-article","created":{"date-parts":[[2018,12,27]],"date-time":"2018-12-27T23:00:33Z","timestamp":1545951633000},"page":"49-54","source":"Crossref","is-referenced-by-count":14,"title":["Extracting and Evaluating Similar and Unique Cyber Attack Strategies from Intrusion Alerts"],"prefix":"10.1109","author":[{"given":"Stephen","family":"Moskal","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Shanchieh Jay","family":"Yang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael E.","family":"Kuhl","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref10","first-page":"639","article-title":"SAQL: A stream-based query system for real-time abnormal system behavior detection","author":"gao","year":"2018","journal-title":"27th USENIX Security Symposium (USENIX Security 18)"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2001.991517"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"ref13","first-page":"244","article-title":"Alert correlation for extracting attack strategies","volume":"3","author":"zhu","year":"2006","journal-title":"IJ Network Security"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2009.06.019"},{"key":"ref15","first-page":"58","article-title":"A new alert correlation algorithm based on attack graph","author":"roschke","year":"2011","journal-title":"Computational Intelligence in Security for Information Systems"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1190"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1016\/j.inffus.2009.01.005"},{"key":"ref18","first-page":"205","article-title":"Adaptive behavioral intrusion detection systems and methods","author":"stute","year":"2012"},{"key":"ref19","article-title":"Scipy ndimage filters gaussian filter","year":"2014"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1177\/1548512917725408"},{"key":"ref3","article-title":"Cyber kill chain &#x2014; lockheed martin security","year":"2016"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2010.12.004"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/1501434.1501479"},{"key":"ref8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.comcom.2014.04.012","article-title":"False alarm minimization techniques in signature-based intrusion detection systems: A survey","volume":"49","author":"hubballi","year":"2014","journal-title":"Computer Communications"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.10.022"},{"key":"ref2","article-title":"Challenges of managing an intrusion detection system (ids) in the enterprise","author":"meyer","year":"2008"},{"key":"ref1","article-title":"Security alerts: You only have 7 minutes to decide","author":"illes","year":"2017"},{"key":"ref9","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1016\/j.jnca.2015.12.006","article-title":"Intrusion response systems: Foundations, design, and challenges","volume":"62","author":"inayat","year":"2016","journal-title":"Journal of Network and Computer Applications"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/34.49051"},{"key":"ref21","article-title":"Collegiate penetration testing competition","year":"2018"}],"event":{"name":"2018 IEEE International Conference on Intelligence and Security Informatics (ISI)","location":"Miami, FL","start":{"date-parts":[[2018,11,9]]},"end":{"date-parts":[[2018,11,11]]}},"container-title":["2018 IEEE International Conference on Intelligence and Security Informatics (ISI)"],"original-title":[],"link":[{"URL":"https:\/\/2.zoppoz.workers.dev:443\/http\/xplorestaging.ieee.org\/ielx7\/8575039\/8587309\/08587402.pdf?arnumber=8587402","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T13:42:12Z","timestamp":1643290932000},"score":1,"resource":{"primary":{"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/ieeexplore.ieee.org\/document\/8587402\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11]]},"references-count":21,"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/doi.org\/10.1109\/isi.2018.8587402","relation":{},"subject":[],"published":{"date-parts":[[2018,11]]}}}