{"id":"https://openalex.org/W3007351103","doi":"https://doi.org/10.1109/bigdata47090.2019.9006042","title":"An Approach for Scale Suspicious Network Events Detection","display_name":"An Approach for Scale Suspicious Network Events Detection","publication_year":2019,"publication_date":"2019-12-01","ids":{"openalex":"https://openalex.org/W3007351103","doi":"https://doi.org/10.1109/bigdata47090.2019.9006042","mag":"3007351103"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata47090.2019.9006042","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata47090.2019.9006042","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054446049","display_name":"Cong Dong","orcid":"https://orcid.org/0000-0001-7581-7160"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Cong Dong","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087627692","display_name":"YuFan Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I162868743","display_name":"Tianjin University","ror":"https://ror.org/012tb2g32","country_code":"CN","type":"education","lineage":["https://openalex.org/I162868743"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"YuFan Chen","raw_affiliation_strings":["College of Management and Economics, Tianjin University"],"affiliations":[{"raw_affiliation_string":"College of Management and Economics, Tianjin University","institution_ids":["https://openalex.org/I162868743"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101898324","display_name":"Yunjian Zhang","orcid":"https://orcid.org/0009-0006-0927-6363"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"YunJian Zhang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102920589","display_name":"Bo Jiang","orcid":"https://orcid.org/0000-0002-7185-990X"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bo Jiang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101792887","display_name":"Dongxu Han","orcid":"https://orcid.org/0000-0003-3058-3545"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"DongXu Han","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031113046","display_name":"Baoxu Liu","orcid":"https://orcid.org/0009-0006-9851-5548"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"BaoXu Liu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5054446049"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.3537,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.65726195,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"2019","issue":null,"first_page":"5854","last_page":"5863"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.8145585060119629},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7820556163787842},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.548612117767334},{"id":"https://openalex.org/keywords/cover","display_name":"Cover (algebra)","score":0.4852016270160675},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4579235017299652},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.448382169008255},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.42216262221336365},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.41332799196243286}],"concepts":[{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.8145585060119629},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7820556163787842},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.548612117767334},{"id":"https://openalex.org/C2780428219","wikidata":"https://www.wikidata.org/wiki/Q16952335","display_name":"Cover (algebra)","level":2,"score":0.4852016270160675},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4579235017299652},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.448382169008255},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.42216262221336365},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.41332799196243286},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata47090.2019.9006042","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata47090.2019.9006042","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W27721215","https://openalex.org/W178280372","https://openalex.org/W273955616","https://openalex.org/W351141490","https://openalex.org/W1278625838","https://openalex.org/W1510688672","https://openalex.org/W1534477342","https://openalex.org/W1678356000","https://openalex.org/W1696501374","https://openalex.org/W1963669090","https://openalex.org/W1974869330","https://openalex.org/W2007751474","https://openalex.org/W2011666252","https://openalex.org/W2072957471","https://openalex.org/W2086787243","https://openalex.org/W2093911552","https://openalex.org/W2108867737","https://openalex.org/W2121686811","https://openalex.org/W2141200504","https://openalex.org/W2163277533","https://openalex.org/W2167421717","https://openalex.org/W2173213060","https://openalex.org/W2295598076","https://openalex.org/W2412250047","https://openalex.org/W2559137209","https://openalex.org/W2583522268","https://openalex.org/W2768348081","https://openalex.org/W2783287794","https://openalex.org/W2794601036","https://openalex.org/W2810737462","https://openalex.org/W2885442465","https://openalex.org/W2925289689","https://openalex.org/W2964022491","https://openalex.org/W3008365266","https://openalex.org/W3099183575","https://openalex.org/W3100704955","https://openalex.org/W3102476541","https://openalex.org/W3187685808","https://openalex.org/W4231518042","https://openalex.org/W6601099728","https://openalex.org/W6610017368","https://openalex.org/W6628148685","https://openalex.org/W6632075054","https://openalex.org/W6637404493","https://openalex.org/W6637589134","https://openalex.org/W6732662577","https://openalex.org/W6745609711","https://openalex.org/W6750729320","https://openalex.org/W6799453493"],"related_works":["https://openalex.org/W4232403550","https://openalex.org/W623607250","https://openalex.org/W4245429118","https://openalex.org/W4205110281","https://openalex.org/W4212927854","https://openalex.org/W4211151614","https://openalex.org/W4244798043","https://openalex.org/W4361866086","https://openalex.org/W4251969024","https://openalex.org/W4250793136"],"abstract_inverted_index":{"Detecting":[0],"the":[1,17,34,46,91,96,102,106,119,125,128,139,145,150,159],"real":[2],"suspicious":[3],"events":[4],"from":[5],"a":[6,13,67],"large":[7,68],"number":[8,69],"of":[9,36,42,55,70,79,95,99,110,113,127,136],"low-quality":[10],"alerts":[11,71],"is":[12,45,149],"severe":[14],"challenge":[15],"to":[16,29,48,123],"security":[18],"operations":[19],"center":[20],"teams.":[21],"In":[22],"this":[23,30],"paper,":[24],"we":[25,116],"present":[26],"an":[27],"approach":[28,44,132],"problem":[31],"by":[32],"following":[33],"sequence":[35],"machine":[37],"learning":[38],"steps.":[39],"The":[40,75,87,130],"highlight":[41],"our":[43],"method":[47],"generate":[49],"two":[50,76],"simple":[51],"but":[52],"effective":[53],"categories":[54],"features":[56,80,83,89,104],"based":[57],"on":[58,138,144],"group":[59,98],"and":[60,84,142],"aggregation":[61,93,108],"operations,":[62],"which":[63,148],"can":[64],"scale":[65],"with":[66],"using":[72],"MapReduce":[73],"framework.":[74],"generated":[77],"types":[78],"are":[81],"local":[82,88],"global":[85,103],"features.":[86],"cover":[90,105],"alert":[92],"information":[94,109],"same":[97],"events,":[100],"while":[101],"network":[107],"different":[111],"groups":[112],"events.":[114],"Moreover,":[115],"also":[117],"introduce":[118],"model":[120],"stacking":[121],"mechanism":[122],"enhance":[124],"robustness":[126],"model.":[129],"proposed":[131],"achieves":[133],"AUC":[134],"scores":[135],"0.9512":[137],"validating":[140],"dataset":[141],"0.9303":[143],"test":[146],"set,":[147],"2":[151],"<sup":[152],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[153],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">nd</sup>":[154],"highest":[155],"final":[156],"score":[157],"in":[158],"competition.":[160]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}