{"id":"https://openalex.org/W3211484264","doi":"https://doi.org/10.1109/sp46214.2022.9833671","title":"DEEPCASE: Semi-Supervised Contextual Analysis of Security Events","display_name":"DEEPCASE: Semi-Supervised Contextual Analysis of Security Events","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W3211484264","doi":"https://doi.org/10.1109/sp46214.2022.9833671","mag":"3211484264"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833671","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833671","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://ris.utwente.nl/ws/files/268414561/2022.sp.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026980331","display_name":"Thijs van Ede","orcid":"https://orcid.org/0000-0003-3865-6390"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]},{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL","US"],"is_corresponding":true,"raw_author_name":"Thijs van Ede","raw_affiliation_strings":["University of Twente","Santa Barbara, University of California"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]},{"raw_affiliation_string":"Santa Barbara, University of California","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072290972","display_name":"Hojjat Aghakhani","orcid":null},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hojjat Aghakhani","raw_affiliation_strings":["University of California,Santa Barbara","Santa Barbara, University of California"],"affiliations":[{"raw_affiliation_string":"University of California,Santa Barbara","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"Santa Barbara, University of California","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009899842","display_name":"Noah Spahn","orcid":"https://orcid.org/0000-0002-2723-0370"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Noah Spahn","raw_affiliation_strings":["University of California,Santa Barbara","Santa Barbara, University of California"],"affiliations":[{"raw_affiliation_string":"University of California,Santa Barbara","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"Santa Barbara, University of California","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047353024","display_name":"Riccardo Bortolameotti","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Riccardo Bortolameotti","raw_affiliation_strings":["ReaQta"],"affiliations":[{"raw_affiliation_string":"ReaQta","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006916505","display_name":"Marco Cova","orcid":null},"institutions":[{"id":"https://openalex.org/I4391768063","display_name":"VMware (United States)","ror":"https://ror.org/01mwmh458","country_code":null,"type":"company","lineage":["https://openalex.org/I4391768063"]}],"countries":[],"is_corresponding":false,"raw_author_name":"Marco Cova","raw_affiliation_strings":["VMware, Inc"],"affiliations":[{"raw_affiliation_string":"VMware, Inc","institution_ids":["https://openalex.org/I4391768063"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071672404","display_name":"Andrea Continella","orcid":"https://orcid.org/0000-0002-0329-1830"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Andrea Continella","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027678871","display_name":"Maarten van Steen","orcid":"https://orcid.org/0000-0002-5113-2746"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Maarten van Steen","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056553463","display_name":"Peter Andreas","orcid":"https://orcid.org/0000-0003-2929-5001"},"institutions":[{"id":"https://openalex.org/I94624287","display_name":"University of Twente","ror":"https://ror.org/006hf6230","country_code":"NL","type":"education","lineage":["https://openalex.org/I94624287"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Andreas Peter","raw_affiliation_strings":["University of Twente"],"affiliations":[{"raw_affiliation_string":"University of Twente","institution_ids":["https://openalex.org/I94624287"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022177364","display_name":"Christopher Kruegel","orcid":"https://orcid.org/0000-0001-5140-3414"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christopher Kruegel","raw_affiliation_strings":["University of California,Santa Barbara","Santa Barbara, University of California"],"affiliations":[{"raw_affiliation_string":"University of California,Santa Barbara","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"Santa Barbara, University of California","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075685499","display_name":"Giovanni Vigna","orcid":"https://orcid.org/0000-0002-3422-5369"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Giovanni Vigna","raw_affiliation_strings":["University of California,Santa Barbara","Santa Barbara, University of California"],"affiliations":[{"raw_affiliation_string":"University of California,Santa Barbara","institution_ids":["https://openalex.org/I154570441"]},{"raw_affiliation_string":"Santa Barbara, University of California","institution_ids":["https://openalex.org/I154570441"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5026980331"],"corresponding_institution_ids":["https://openalex.org/I154570441","https://openalex.org/I94624287"],"apc_list":null,"apc_paid":null,"fwci":16.7429,"has_fulltext":true,"cited_by_count":80,"citation_normalized_percentile":{"value":0.99709544,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"522","last_page":"539"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/workload","display_name":"Workload","score":0.8195487260818481},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7553048729896545},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6658025979995728},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6123610734939575},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.5998711585998535},{"id":"https://openalex.org/keywords/operator","display_name":"Operator (biology)","score":0.5270122289657593},{"id":"https://openalex.org/keywords/forcing","display_name":"Forcing (mathematics)","score":0.49549901485443115},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4368163049221039},{"id":"https://openalex.org/keywords/attack-patterns","display_name":"Attack patterns","score":0.418878436088562},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.19681069254875183},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.12025627493858337}],"concepts":[{"id":"https://openalex.org/C2778476105","wikidata":"https://www.wikidata.org/wiki/Q628539","display_name":"Workload","level":2,"score":0.8195487260818481},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7553048729896545},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6658025979995728},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6123610734939575},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.5998711585998535},{"id":"https://openalex.org/C17020691","wikidata":"https://www.wikidata.org/wiki/Q139677","display_name":"Operator (biology)","level":5,"score":0.5270122289657593},{"id":"https://openalex.org/C197115733","wikidata":"https://www.wikidata.org/wiki/Q1003136","display_name":"Forcing (mathematics)","level":2,"score":0.49549901485443115},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4368163049221039},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.418878436088562},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.19681069254875183},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.12025627493858337},{"id":"https://openalex.org/C86339819","wikidata":"https://www.wikidata.org/wiki/Q407384","display_name":"Transcription factor","level":3,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C158448853","wikidata":"https://www.wikidata.org/wiki/Q425218","display_name":"Repressor","level":4,"score":0.0},{"id":"https://openalex.org/C49204034","wikidata":"https://www.wikidata.org/wiki/Q52139","display_name":"Climatology","level":1,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/sp46214.2022.9833671","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833671","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},{"id":"pmh:oai:oro.open.ac.uk:102721","is_oa":false,"landing_page_url":"https://oro.open.ac.uk/view/person/ns22457.html>;","pdf_url":null,"source":{"id":"https://openalex.org/S4306401187","display_name":"Open Research Online (The Open University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I204136569","host_organization_name":"The Open University","host_organization_lineage":["https://openalex.org/I204136569"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},{"id":"pmh:oai:ris.utwente.nl:openaire_cris_publications/77762dec-1d6c-44fb-993a-ca8052dd4fc7","is_oa":true,"landing_page_url":"https://research.utwente.nl/en/publications/77762dec-1d6c-44fb-993a-ca8052dd4fc7","pdf_url":"https://ris.utwente.nl/ws/files/268414561/2022.sp.pdf","source":{"id":"https://openalex.org/S4406922991","display_name":"University of Twente Research Information","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"van Ede, T, Aghakhani, H, Spahn, N, Bortolameotti, R, Cova, M, Continella, A, van Steen, M, Peter, A, Kruegel, C & Vigna, G 2022, DEEPCASE : Semi-Supervised Contextual Analysis of Security Events. in 2022 IEEE Symposium on Security and Privacy (SP). Proceedings - IEEE Symposium on Security and Privacy, vol. 2022-May, IEEE, pp. 522-539, 43rd IEEE Symposium on Security and Privacy, S & P 2022, Virtual Event, 22/05/22. https://doi.org/10.1109/SP46214.2022.9833671","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:oops.uni-oldenburg.de:5180","is_oa":false,"landing_page_url":"http://oops.uni-oldenburg.de/5180/","pdf_url":null,"source":{"id":"https://openalex.org/S4306400585","display_name":"Carl von Ossiezky University of Oldenburg","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Book Section"}],"best_oa_location":{"id":"pmh:oai:ris.utwente.nl:openaire_cris_publications/77762dec-1d6c-44fb-993a-ca8052dd4fc7","is_oa":true,"landing_page_url":"https://research.utwente.nl/en/publications/77762dec-1d6c-44fb-993a-ca8052dd4fc7","pdf_url":"https://ris.utwente.nl/ws/files/268414561/2022.sp.pdf","source":{"id":"https://openalex.org/S4406922991","display_name":"University of Twente Research Information","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"van Ede, T, Aghakhani, H, Spahn, N, Bortolameotti, R, Cova, M, Continella, A, van Steen, M, Peter, A, Kruegel, C & Vigna, G 2022, DEEPCASE : Semi-Supervised Contextual Analysis of Security Events. in 2022 IEEE Symposium on Security and Privacy (SP). Proceedings - IEEE Symposium on Security and Privacy, vol. 2022-May, IEEE, pp. 522-539, 43rd IEEE Symposium on Security and Privacy, S & P 2022, Virtual Event, 22/05/22. https://doi.org/10.1109/SP46214.2022.9833671","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6399999856948853,"id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G1792691042","display_name":"SaTC: CORE: Medium: Augmenting Automated Vulnerability Analysis with Human Activity","funder_award_id":"1704253","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4182325116","display_name":null,"funder_award_id":"FA8750-19C-0003","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G4713059963","display_name":null,"funder_award_id":"FA8750","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G629491556","display_name":null,"funder_award_id":"(NWO)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G7226114609","display_name":null,"funder_award_id":"CNS-1704253","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320338294","display_name":"Air Force Research Laboratory","ror":"https://ror.org/02e2egq70"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3211484264.pdf","grobid_xml":"https://content.openalex.org/works/W3211484264.grobid-xml"},"referenced_works_count":61,"referenced_works":["https://openalex.org/W50754117","https://openalex.org/W1516506771","https://openalex.org/W1587595544","https://openalex.org/W1673310716","https://openalex.org/W1965555277","https://openalex.org/W2039157918","https://openalex.org/W2064675550","https://openalex.org/W2069087469","https://openalex.org/W2133564696","https://openalex.org/W2138615112","https://openalex.org/W2156387975","https://openalex.org/W2157331557","https://openalex.org/W2163277533","https://openalex.org/W2165558283","https://openalex.org/W2165698076","https://openalex.org/W2183341477","https://openalex.org/W2250879510","https://openalex.org/W2529444969","https://openalex.org/W2752373508","https://openalex.org/W2761388029","https://openalex.org/W2767094836","https://openalex.org/W2890262614","https://openalex.org/W2891432086","https://openalex.org/W2896457183","https://openalex.org/W2947745012","https://openalex.org/W2951025380","https://openalex.org/W2962703433","https://openalex.org/W2963341956","https://openalex.org/W2963403868","https://openalex.org/W2964304846","https://openalex.org/W2964308564","https://openalex.org/W2964636835","https://openalex.org/W2966492225","https://openalex.org/W2986291326","https://openalex.org/W2986944522","https://openalex.org/W2988337058","https://openalex.org/W2990503390","https://openalex.org/W2998038410","https://openalex.org/W2998714163","https://openalex.org/W2999178765","https://openalex.org/W3007070494","https://openalex.org/W3007562398","https://openalex.org/W3008508243","https://openalex.org/W3105780912","https://openalex.org/W3128155874","https://openalex.org/W4292779060","https://openalex.org/W4385245566","https://openalex.org/W6602066945","https://openalex.org/W6635359292","https://openalex.org/W6637131181","https://openalex.org/W6679434410","https://openalex.org/W6680970901","https://openalex.org/W6682889407","https://openalex.org/W6739901393","https://openalex.org/W6743979602","https://openalex.org/W6753153400","https://openalex.org/W6755207826","https://openalex.org/W6763172785","https://openalex.org/W6764072591","https://openalex.org/W6778883912","https://openalex.org/W6790215498"],"related_works":["https://openalex.org/W986318368","https://openalex.org/W2000785801","https://openalex.org/W2384410913","https://openalex.org/W2352878646","https://openalex.org/W2990194547","https://openalex.org/W2004734601","https://openalex.org/W2130149817","https://openalex.org/W1480123525","https://openalex.org/W2620865396","https://openalex.org/W2414054180"],"abstract_inverted_index":{"Security":[0,20],"monitoring":[1],"systems":[2],"detect":[3],"potentially":[4,93],"malicious":[5],"activities":[6],"in":[7,189],"IT":[8],"infrastructures,":[9],"by":[10,180],"either":[11],"looking":[12],"for":[13,17],"known":[14],"signatures":[15],"or":[16],"anomalous":[18],"behaviors.":[19],"operators":[21,179],"investigate":[22],"these":[23],"events":[24,61,75,90,104,126,130,140,156,171],"to":[25,32,44,58,62,78,87,100,127,143],"determine":[26,45,128],"whether":[27,46],"they":[28,65],"pose":[29,66],"a":[30,38,53,67,119],"threat":[31],"their":[33],"organization.":[34],"In":[35,146],"many":[36],"cases,":[37],"single":[39],"event":[40],"may":[41],"be":[42,79,144],"insufficient":[43],"certain":[47,155],"activity":[48],"is":[49],"indeed":[50],"malicious.":[51,160],"Therefore,":[52],"security":[54,83,103,111,178],"operator":[55,112],"frequently":[56],"needs":[57],"correlate":[59,102],"multiple":[60],"identify":[63],"if":[64],"real":[68],"threat.":[69],"Unfortunately,":[70],"the":[71,110,123,137,148,170,174,184],"vast":[72],"number":[73,138],"of":[74,109,139,169,177,186,193],"that":[76,121,141,163],"need":[77,142],"correlated":[80],"often":[81],"overload":[82],"operators,":[84],"forcing":[85],"them":[86],"ignore":[88],"some":[89],"and,":[91,105],"thereby,":[92],"miss":[94],"attacks.":[95],"This":[96,134],"work":[97],"studies":[98],"how":[99],"automatically":[101,166],"thus,":[106],"automate":[107],"parts":[108],"workload.":[113],"We":[114,161],"design":[115],"and":[116,172],"evaluate":[117],"DEEPCASE,":[118],"system":[120],"leverages":[122],"context":[124,149],"around":[125],"which":[129],"require":[131],"further":[132],"inspection.":[133],"approach":[135,165],"reduces":[136,173],"inspected.":[145],"addition,":[147],"provides":[150],"valuable":[151],"insights":[152],"into":[153],"why":[154],"are":[157],"classified":[158],"as":[159],"show":[162],"our":[164],"filters":[167],"86.72%":[168],"manual":[175],"workload":[176],"90.53%,":[181],"while":[182],"underestimating":[183],"risk":[185],"potential":[187],"threats":[188],"less":[190],"than":[191],"0.001%":[192],"cases.":[194]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":24},{"year":2024,"cited_by_count":24},{"year":2023,"cited_by_count":26},{"year":2022,"cited_by_count":4}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}