{"id":"https://openalex.org/W2796347684","doi":"https://doi.org/10.1109/access.2018.2823724","title":"An Effective High Threating Alarm Mining Method for Cloud Security Management","display_name":"An Effective High Threating Alarm Mining Method for Cloud Security Management","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2796347684","doi":"https://doi.org/10.1109/access.2018.2823724","mag":"2796347684"},"language":"en","primary_location":{"id":"doi:10.1109/access.2018.2823724","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2823724","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2018.2823724","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060733795","display_name":"Yongwei Meng","orcid":"https://orcid.org/0000-0002-3990-4635"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yongwei Meng","raw_affiliation_strings":["MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062913166","display_name":"Tao Qin","orcid":"https://orcid.org/0000-0003-4874-2567"},"institutions":[{"id":"https://openalex.org/I24603500","display_name":"University of Massachusetts Amherst","ror":"https://ror.org/0072zz521","country_code":"US","type":"education","lineage":["https://openalex.org/I24603500"]},{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN","US"],"is_corresponding":false,"raw_author_name":"Tao Qin","raw_affiliation_strings":["Department of Electrical and Computer Engineering, University of Massachusetts, Amherst, MA, USA","MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Massachusetts, Amherst, MA, USA","institution_ids":["https://openalex.org/I24603500"]},{"raw_affiliation_string":"MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100778215","display_name":"Yukun Liu","orcid":"https://orcid.org/0000-0003-2994-5393"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yukun Liu","raw_affiliation_strings":["MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079609442","display_name":"Chao He","orcid":"https://orcid.org/0000-0002-4666-377X"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chao He","raw_affiliation_strings":["MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China"],"affiliations":[{"raw_affiliation_string":"MOE Key Lab for Intelligent Networks and Network Security, Xi\u2019an Jiaotong University, Xi\u2019an, China","institution_ids":["https://openalex.org/I87445476"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5060733795"],"corresponding_institution_ids":["https://openalex.org/I87445476"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.7352,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.73450425,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"6","issue":null,"first_page":"22634","last_page":"22644"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9909999966621399,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8210935592651367},{"id":"https://openalex.org/keywords/alarm","display_name":"ALARM","score":0.6424197554588318},{"id":"https://openalex.org/keywords/deep-packet-inspection","display_name":"Deep packet inspection","score":0.5843443870544434},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.554088294506073},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5251842737197876},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5057158470153809},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.45348212122917175},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4467964172363281},{"id":"https://openalex.org/keywords/rank","display_name":"Rank (graph theory)","score":0.4351580739021301},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.42453733086586},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.3124087452888489},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.0998639166355133}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8210935592651367},{"id":"https://openalex.org/C2779119184","wikidata":"https://www.wikidata.org/wiki/Q294350","display_name":"ALARM","level":2,"score":0.6424197554588318},{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.5843443870544434},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.554088294506073},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5251842737197876},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5057158470153809},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.45348212122917175},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4467964172363281},{"id":"https://openalex.org/C164226766","wikidata":"https://www.wikidata.org/wiki/Q7293202","display_name":"Rank (graph theory)","level":2,"score":0.4351580739021301},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.42453733086586},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.3124087452888489},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0998639166355133},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2018.2823724","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2823724","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:be7554e986fa474fb229ad17dcfb1b7b","is_oa":true,"landing_page_url":"https://doaj.org/article/be7554e986fa474fb229ad17dcfb1b7b","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 6, Pp 22634-22644 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2018.2823724","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2823724","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1732853937","display_name":null,"funder_award_id":"2016JM6040","funder_id":"https://openalex.org/F4320324173","funder_display_name":"Natural Science Foundation of Shaanxi Province"},{"id":"https://openalex.org/G3343719966","display_name":null,"funder_award_id":"61602370","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4224320565","display_name":null,"funder_award_id":"61772411","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5839275618","display_name":null,"funder_award_id":"61672026","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8034435594","display_name":null,"funder_award_id":"201706285018","funder_id":"https://openalex.org/F4320322725","funder_display_name":"China Scholarship Council"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322725","display_name":"China Scholarship Council","ror":"https://ror.org/04atp4p48"},{"id":"https://openalex.org/F4320324173","display_name":"Natural Science Foundation of Shaanxi Province","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W65658698","https://openalex.org/W109501752","https://openalex.org/W351141490","https://openalex.org/W1573137014","https://openalex.org/W2023261822","https://openalex.org/W2028484373","https://openalex.org/W2036234778","https://openalex.org/W2043695517","https://openalex.org/W2048363584","https://openalex.org/W2064853889","https://openalex.org/W2067472607","https://openalex.org/W2070813941","https://openalex.org/W2082768060","https://openalex.org/W2108867737","https://openalex.org/W2132434720","https://openalex.org/W2141200504","https://openalex.org/W2142889610","https://openalex.org/W2152449272","https://openalex.org/W2163277533","https://openalex.org/W2622274362","https://openalex.org/W4231518042","https://openalex.org/W4252403066","https://openalex.org/W6634021737"],"related_works":["https://openalex.org/W2061466315","https://openalex.org/W2376886931","https://openalex.org/W1992118813","https://openalex.org/W2010561419","https://openalex.org/W2171331105","https://openalex.org/W2374845301","https://openalex.org/W2351448539","https://openalex.org/W1977863481","https://openalex.org/W2384741105","https://openalex.org/W1495178644"],"abstract_inverted_index":{"Security":[0],"equipment":[1],"such":[2],"as":[3],"intrusion":[4],"prevention":[5],"system":[6],"is":[7,205,240],"an":[8,202],"important":[9],"supplementary":[10],"for":[11,76,108],"security":[12,109],"management.":[13],"They":[14],"reduce":[15,151],"the":[16,64,84,95,126,134,141,152,159,164,189,199,208,219,223,226,230,235,245,254,257,268,273,280,292],"difficulty":[17],"of":[18,29,102,154,192,211,225,233],"network":[19,210,293],"management":[20,81],"by":[21,140],"giving":[22],"alarms":[23,39,62,85,132,156,194,237,246],"corresponding":[24],"to":[25,41,58,70,78,122,169,187],"different":[26,250],"attacks":[27,104],"instead":[28],"raw":[30],"traffic":[31],"packet":[32],"inspection.":[33],"But":[34],"there":[35],"are":[36,86,106,138,247],"many":[37,147],"false":[38,148,155,176],"due":[40],"their":[42,93,284],"running":[43],"mechanism,":[44],"which":[45,105,137],"greatly":[46],"reduces":[47],"its":[48],"usability.":[49],"In":[50],"this":[51],"paper,":[52],"we":[53,111,162,179],"develop":[54],"a":[55,113,181],"hierarchical":[56],"framework":[57],"mine":[59,170],"high":[60,281],"threating":[61],"from":[63],"massive":[65],"alarm":[66,115],"logs,":[67],"and":[68,73,124,157,173,244,265,287],"aim":[69],"provide":[71],"fundamental":[72],"useful":[74],"information":[75],"administrators":[77,276],"design":[79],"efficient":[80],"policy.":[82],"First,":[83],"divided":[87],"into":[88],"two":[89],"parts":[90],"based":[91,118,217],"on":[92,119,218,272],"attributes,":[94],"first":[96,231],"part":[97],"mainly":[98],"includes":[99],"several":[100],"kinds":[101],"famous":[103],"critical":[107],"management,":[110],"proposed":[112,180,258],"similar":[114,236],"mining":[116,167,238],"method":[117,186],"Choquet":[120],"integral":[121],"cluster":[123],"rank":[125,158,267],"frequently":[127],"occurred":[128],"attacks.":[129],"The":[130],"rest":[131,255],"constitute":[133],"second":[135],"part,":[136],"caused":[139],"potential":[142,160,269],"threats":[143,282],"attacks,":[144],"also":[145],"include":[146],"alarms.":[149,177],"To":[150,197],"effect":[153],"threats,":[161],"employ":[163],"frequent":[165],"pattern":[166],"algorithm":[168],"correlation":[171],"rules":[172],"then":[174],"filter":[175],"Following,":[178],"self-adapting":[182],"threat":[183,190],"degree":[184,191],"calculation":[185],"qualify":[188],"these":[193],"after":[195],"filtering.":[196],"verity":[198],"methods":[200,259],"developed,":[201],"experimental":[203],"platform":[204],"constructed":[206],"in":[207,289],"campus":[209],"Xi'an":[212],"Jiaotong":[213],"University.":[214],"Experimental":[215],"results":[216],"data":[220],"collected":[221],"verify":[222],"efficiency":[224],"developed":[227],"methods.":[228],"For":[229,253],"kind":[232],"alarms,":[234,256],"accuracy":[239,262],"higher":[241],"than":[242],"97%":[243],"ranked":[248],"with":[249,279,283],"processing":[251],"urgencies.":[252],"have":[260],"filtering":[261],"above":[263],"80%":[264],"can":[266,277],"threats.":[270],"Based":[271],"ranking":[274],"results,":[275],"deal":[278],"limited":[285],"time":[286],"energy,":[288],"turn,":[290],"keep":[291],"under":[294],"control.":[295]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2019,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}