{"id":"https://openalex.org/W4206985935","doi":"https://doi.org/10.1145/3511101","title":"PCAM: A Data-driven Probabilistic Cyber-alert Management Framework","display_name":"PCAM: A Data-driven Probabilistic Cyber-alert Management Framework","publication_year":2022,"publication_date":"2022-01-22","ids":{"openalex":"https://openalex.org/W4206985935","doi":"https://doi.org/10.1145/3511101"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3511101","pdf_url":null,"source":{"id":"https://openalex.org/S97833917","display_name":"ACM Transactions on Internet Technology","issn_l":"1533-5399","issn":["1533-5399","1557-6051"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"journal-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100627250","display_name":"Haipeng Chen","orcid":"https://orcid.org/0000-0003-0572-8888"},"institutions":[{"id":"https://openalex.org/I2801851002","display_name":"Harvard University Press","ror":"https://ror.org/006v7bf86","country_code":"US","type":"other","lineage":["https://openalex.org/I136199984","https://openalex.org/I2801851002"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haipeng Chen","raw_affiliation_strings":["Harvard University, Boston, MA"],"affiliations":[{"raw_affiliation_string":"Harvard University, Boston, MA","institution_ids":["https://openalex.org/I2801851002"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012534829","display_name":"Andrew Duncklee","orcid":null},"institutions":[{"id":"https://openalex.org/I130785548","display_name":"Clark University","ror":"https://ror.org/04123ky43","country_code":"US","type":"education","lineage":["https://openalex.org/I130785548"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andrew Duncklee","raw_affiliation_strings":["Clark University, Wooster, MA"],"affiliations":[{"raw_affiliation_string":"Clark University, Wooster, MA","institution_ids":["https://openalex.org/I130785548"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010727123","display_name":"Sushil Jajodia","orcid":"https://orcid.org/0000-0003-3210-558X"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sushil Jajodia","raw_affiliation_strings":["George Mason University, Fairfax, VA"],"affiliations":[{"raw_affiliation_string":"George Mason University, Fairfax, VA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100448620","display_name":"Rui Liu","orcid":"https://orcid.org/0000-0003-2115-8491"},"institutions":[{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rui Liu","raw_affiliation_strings":["Dartmouth College, Hanover, NH"],"affiliations":[{"raw_affiliation_string":"Dartmouth College, Hanover, NH","institution_ids":["https://openalex.org/I107672454"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010143187","display_name":"Sean McNamara","orcid":null},"institutions":[{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sean Mcnamara","raw_affiliation_strings":["Dartmouth College, Hanover, NH"],"affiliations":[{"raw_affiliation_string":"Dartmouth College, Hanover, NH","institution_ids":["https://openalex.org/I107672454"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038645035","display_name":"V. S. Subrahmanian","orcid":"https://orcid.org/0000-0001-7191-0296"},"institutions":[{"id":"https://openalex.org/I111979921","display_name":"Northwestern University","ror":"https://ror.org/000e0be47","country_code":"US","type":"education","lineage":["https://openalex.org/I111979921"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"V. S. Subrahmanian","raw_affiliation_strings":["Northwestern University, Evanston, IL"],"affiliations":[{"raw_affiliation_string":"Northwestern University, Evanston, IL","institution_ids":["https://openalex.org/I111979921"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.633,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.581472,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":80,"max":83},"biblio":{"volume":"22","issue":"3","first_page":"1","last_page":"24"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9989,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/false-alarm","display_name":"False alarm","score":0.5530374},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.41382712}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8779234},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.6965146},{"id":"https://openalex.org/C68387754","wikidata":"https://www.wikidata.org/wiki/Q7271585","display_name":"Schedule","level":2,"score":0.5633369},{"id":"https://openalex.org/C2776836416","wikidata":"https://www.wikidata.org/wiki/Q1364844","display_name":"False alarm","level":2,"score":0.5530374},{"id":"https://openalex.org/C2779119184","wikidata":"https://www.wikidata.org/wiki/Q294350","display_name":"ALARM","level":2,"score":0.5050574},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.45333323},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4492605},{"id":"https://openalex.org/C144559511","wikidata":"https://www.wikidata.org/wiki/Q2986279","display_name":"Principal (computer security)","level":2,"score":0.43460917},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.41382712},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.35227033},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.22413588},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.20291552},{"id":"https://openalex.org/C192562407","wikidata":"https://www.wikidata.org/wiki/Q228736","display_name":"Materials science","level":0,"score":0.0},{"id":"https://openalex.org/C159985019","wikidata":"https://www.wikidata.org/wiki/Q181790","display_name":"Composite material","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3511101","pdf_url":null,"source":{"id":"https://openalex.org/S97833917","display_name":"ACM Transactions on Internet Technology","issn_l":"1533-5399","issn":["1533-5399","1557-6051"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/8","display_name":"Decent work and economic growth","score":0.48}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":18,"referenced_works":["https://openalex.org/W195533127","https://openalex.org/W2043060858","https://openalex.org/W2060392206","https://openalex.org/W2141608288","https://openalex.org/W2155926039","https://openalex.org/W2497419571","https://openalex.org/W2591919231","https://openalex.org/W2593932391","https://openalex.org/W2763567925","https://openalex.org/W2777415629","https://openalex.org/W2795461338","https://openalex.org/W2800335238","https://openalex.org/W2907590737","https://openalex.org/W2959987720","https://openalex.org/W2963832721","https://openalex.org/W2964725750","https://openalex.org/W2971302517","https://openalex.org/W3082226847"],"related_works":["https://openalex.org/W4312911637","https://openalex.org/W4294760885","https://openalex.org/W2990103409","https://openalex.org/W2956785605","https://openalex.org/W2322450009","https://openalex.org/W2296612019","https://openalex.org/W2164689411","https://openalex.org/W2123406758","https://openalex.org/W2035851797","https://openalex.org/W100040114"],"abstract_inverted_index":{"We":[0,104,145,174],"propose":[1],"PCAM":[2,35,80,107,176,214],",":[3],"a":[4,33,51,88,136,168,186],"Probabilistic":[5],"Cyber-Alert":[6],"Management":[7],"framework,":[8],"that":[9,62,130,213],"enables":[10],"chief":[11],"information":[12],"security":[13],"officers":[14],"to":[15,49,75,97,122,149,198,217],"better":[16],"manage":[17],"cyber-alerts.":[18],"Workers":[19],"in":[20,27,56,222],"Cyber":[21],"Security":[22],"Operation":[23],"Centers":[24],"usually":[25],"work":[26],"8-":[28],"or":[29],"12-hour":[30],"shifts.":[31],"Before":[32],"shift,":[34],"analyzes":[36],"data":[37],"about":[38],"all":[39],"past":[40],"alerts":[41,44,69,72,129,201],"and":[42,93,99,142,157,164,204],"true":[43,68,71,128],"during":[45,161],"the":[46,63,85,124,151,223],"shift":[47],"time-frame":[48],"schedule":[50,179],"given":[52,167],"set":[53],"of":[54,66,115,127,139,154,190,220],"analysts":[55,159],"accordance":[57],"with":[58],"workplace":[59],"constraints":[60],"so":[61],"expected":[64,125],"number":[65,126],"\u201cuncovered\u201d":[67],"(i.e.,":[70],"not":[73,132],"shown":[74],"an":[76,193],"analyst)":[77],"is":[78,215],"minimized.":[79],"achieves":[81],"this":[82,101],"by":[83,135],"formulating":[84],"problem":[86,92],"as":[87],"bi-level":[89],"non-linear":[90],"optimization":[91],"then":[94],"shows":[95],"how":[96],"linearize":[98],"solve":[100],"complex":[102],"problem.":[103],"have":[105],"tested":[106,175],"extensively.":[108],"Using":[109],"statistics":[110,181,224],"derived":[111],"from":[112],"44":[113,183],"days":[114,189],"real-world":[116],"alert":[117],"data,":[118,191],"we":[119,210],"are":[120,131,146,202,207],"able":[121,148],"minimize":[123],"manually":[133],"examined":[134],"team":[137],"consisting":[138],"junior,":[140,155],"senior,":[141,156],"principal":[143,158],"analysts.":[144],"also":[147],"identify":[150],"optimal":[152],"mix":[153],"needed":[160],"both":[162],"day":[163],"night":[165],"shifts":[166],"budget,":[169],"outperforming":[170],"some":[171],"reasonable":[172],"baselines.":[173],"\u2019s":[177],"proposed":[178],"(from":[180],"on":[182,185],"days)":[184],"further":[187],"6":[188],"using":[192],"off-the-shelf":[194],"false":[195],"alarm":[196],"classifier":[197],"predict":[199],"which":[200,205],"real":[203],"ones":[206],"false.":[208],"Moreover,":[209],"show":[211],"experimentally":[212],"robust":[216],"various":[218],"kinds":[219],"errors":[221],"used.":[225]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4206985935","counts_by_year":[{"year":2024,"cited_by_count":4}],"updated_date":"2025-01-02T22:02:32.185735","created_date":"2022-01-26"}
  <script>parent.window.postMessage('ixistenz.url:https://api.openalex.org/works/doi:10.1145%2F3511101', '*'); </script> <div id='browserdiffcontainer' style='position: fixed; right: 10px; top: 10vh; min-width: 60px;  border: 1px solid white; background: rgb(251, 189, 0);; opacity: 0.9; font-family: helvetica, arial, sans serif;  font-size: 12px; z-index: 20001; padding-bottom: 20px;'><div onclick="toggle('browserdiffcontainerlist'); return false;" style='background: rgb(151, 89, 0);; color: white; '><strong>&nbsp; <span class='glyphicon glyphicon-minus'></span> NODES</strong></div><div id='browserdiffcontainerlist' style='padding-left: 10px; padding-right: 5px; max-height: 50vh; overflow: auto; '><div><a href='#diffid883' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:883', '*');; return false;" style='text-decoration: none; '>Association </a> <a style='color: white;' href='#diffid883'><sup>4</sup></a></div><div><a href='#diffid123' style='color: white;' onClick="parent.window.postMessage('ixistenz.opendiff:123', '*');; return false;" style='text-decoration: none; '>INTERN </a> <a style='color: white;' href='#diffid123'><sup>2</sup></a></div></div></div>
<script>
function toggle( divname ) {
  var x = document.getElementById( divname );
  if (x.style.display === 'none') {
    x.style.display = 'block';
  } else {
    x.style.display = 'none';
  }
} </script>