{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T13:06:19Z","timestamp":1777381579451,"version":"3.51.4"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031599323","type":"print"},{"value":"9783031599330","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-59933-0_18","type":"book-chapter","created":{"date-parts":[[2024,5,27]],"date-time":"2024-05-27T11:01:49Z","timestamp":1716807709000},"page":"267-284","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Cybersecurity Analytics: Toward an\u00a0Efficient ML-Based Network Intrusion Detection System (NIDS)"],"prefix":"10.1007","author":[{"given":"Tariq","family":"Mouatassim","sequence":"first","affiliation":[]},{"given":"Hassan","family":"El Ghazi","sequence":"additional","affiliation":[]},{"given":"Khadija","family":"Bouzaachane","sequence":"additional","affiliation":[]},{"given":"El Mahdi","family":"El Guarmah","sequence":"additional","affiliation":[]},{"given":"Iyad","family":"Lahsen-Cherif","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,5,25]]},"reference":[{"key":"18_CR1","doi-asserted-by":"publisher","unstructured":"Alani, M.M., Miri, A.: Towards an explainable universal feature set for IoT intrusion detection. Sensors 22(15), 5690 (2022). https:\/\/doi.org\/10.3390\/s22155690, https:\/\/www.mdpi.com\/1424-8220\/22\/15\/5690","DOI":"10.3390\/s22155690"},{"key":"18_CR2","unstructured":"Carrier, T., Victor, P., Tekeoglu, A., Lashkari, A.H.: Malware Memory Analysis | Datasets | Canadian Institute for Cybersecurity | UNB \u2014 unb.ca. https:\/\/www.unb.ca\/cic\/datasets\/malmem-2022.html. Accessed 12 Oct 2023"},{"key":"18_CR3","unstructured":"Cichonski, P., Millar, T., Grance, T., Scarfone, K.: Computer security incident handling guide(800-61-revision 2). Nat. Inst. Stand. Technol. 10 (2012)"},{"key":"18_CR4","doi-asserted-by":"publisher","first-page":"12499","DOI":"10.1007\/s00521-020-04708-x","volume":"32","author":"P Devan","year":"2020","unstructured":"Devan, P., Khare, N.: An efficient XGBoost-DNN-based classification model for network intrusion detection system. Neural Comput. Appl. 32, 12499\u201312514 (2020)","journal-title":"Neural Comput. Appl."},{"key":"18_CR5","doi-asserted-by":"crossref","unstructured":"Divekar, A., Parekh, M., Savla, V., Mishra, R., Shirole, M.: Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives. In: 2018 IEEE 3rd International Conference on Computing, Communication and Security (ICCCS), pp. 1\u20138. IEEE (2018)","DOI":"10.1109\/CCCS.2018.8586840"},{"key":"18_CR6","doi-asserted-by":"publisher","unstructured":"Dong, H., He, D., Wang, F.: SMOTE-XGBoost using tree parzen estimator optimization for copper flotation method classification. Powder Technol. 375, 174\u2013181 (2020). https:\/\/doi.org\/10.1016\/j.powtec.2020.07.065, https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0032591020306896","DOI":"10.1016\/j.powtec.2020.07.065"},{"key":"18_CR7","doi-asserted-by":"crossref","unstructured":"Dunsin, D., Ghanem, M.C., Ouazzane, K., Vassilev, V.: A comprehensive analysis of the role of artificial intelligence and machine learning in modern digital forensics and incident response. arXiv preprint arXiv:2309.07064 (2023)","DOI":"10.2139\/ssrn.4554035"},{"key":"18_CR8","doi-asserted-by":"crossref","unstructured":"El Mrabet, Z., El Ghazi, H., Kaabouch, N.: A performance comparison of data mining algorithms based intrusion detection system for smart grid. In: 2019 IEEE International Conference on Electro Information Technology (EIT), pp. 298\u2013303. IEEE (2019)","DOI":"10.1109\/EIT.2019.8834255"},{"key":"18_CR9","doi-asserted-by":"publisher","unstructured":"El Mrabet, Z., Ezzari, M., Elghazi, H., El Majd, B.A.: Deep learning-based intrusion detection system for advanced metering infrastructure. In: Proceedings of the 2nd International Conference on Networking, Information Systems & Security. NISS19, Association for Computing Machinery, New York, NY, USA (2019). https:\/\/doi.org\/10.1145\/3320326.3320391","DOI":"10.1145\/3320326.3320391"},{"key":"18_CR10","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1016\/j.compeleceng.2018.01.015","volume":"67","author":"Z El Mrabet","year":"2018","unstructured":"El Mrabet, Z., Kaabouch, N., El Ghazi, H., El Ghazi, H.: Cyber-security in smart grid: survey and challenges. Comput. Electr. Eng. 67, 469\u2013482 (2018)","journal-title":"Comput. Electr. Eng."},{"key":"18_CR11","doi-asserted-by":"publisher","unstructured":"Fausto, A., Gaggero, G.B., Patrone, F., Girdinio, P., Marchese, M.: Toward the integration of cyber and physical security monitoring systems for critical infrastructures. Sensors 21(21) (2021). https:\/\/doi.org\/10.3390\/s21216970","DOI":"10.3390\/s21216970"},{"key":"18_CR12","doi-asserted-by":"crossref","unstructured":"Florea, A.C., Andonie, R.: Weighted random search for hyperparameter optimization. arXiv preprint arXiv:2004.01628 (2020)","DOI":"10.15837\/ijccc.2020.2.3868"},{"issue":"14","key":"18_CR13","doi-asserted-by":"publisher","first-page":"4759","DOI":"10.3390\/s21144759","volume":"21","author":"G Gonz\u00e1lez-Granadillo","year":"2021","unstructured":"Gonz\u00e1lez-Granadillo, G., Gonz\u00e1lez-Zarzosa, S., Diaz, R.: Security information and event management (SIEM): analysis, trends, and usage in critical infrastructures. Sensors 21(14), 4759 (2021)","journal-title":"Sensors"},{"key":"18_CR14","doi-asserted-by":"publisher","unstructured":"Henriques, J., Caldeira, F., Cruz, T., Sim\u00f5es, P.: Combining k-means and XGBoost models for anomaly detection using log datasets. Electronics 9(7) (2020). https:\/\/doi.org\/10.3390\/electronics9071164, https:\/\/www.mdpi.com\/2079-9292\/9\/7\/1164","DOI":"10.3390\/electronics9071164"},{"key":"18_CR15","doi-asserted-by":"publisher","first-page":"32150","DOI":"10.1109\/ACCESS.2020.2973219","volume":"8","author":"G Karatas","year":"2020","unstructured":"Karatas, G., Demir, O., Sahingoz, O.K.: Increasing the performance of machine learning-based IDSS on an imbalanced and up-to-date dataset. IEEE Access 8, 32150\u201332162 (2020)","journal-title":"IEEE Access"},{"key":"18_CR16","doi-asserted-by":"publisher","unstructured":"Kasongo, S.M., Sun, Y.: Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. J. Big Data 7(1), 105 (2020). https:\/\/doi.org\/10.1186\/s40537-020-00379-6","DOI":"10.1186\/s40537-020-00379-6"},{"key":"18_CR17","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/978-3-319-90775-8_3","volume-title":"Mobile Networks and Management","author":"N Koroniotis","year":"2018","unstructured":"Koroniotis, N., Moustafa, N., Sitnikova, E., Slay, J.: Towards developing network forensic mechanism for botnet activities in the IoT based on machine learning techniques. In: Hu, J., Khalil, I., Tari, Z., Wen, S. (eds.) MONAMI 2017. LNICST, vol. 235, pp. 30\u201344. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-90775-8_3"},{"issue":"1","key":"18_CR18","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/s12065-019-00291-w","volume":"14","author":"V Kumar","year":"2019","unstructured":"Kumar, V., Das, A.K., Sinha, D.: UIDS: a unified intrusion detection system for IoT environment. Evolution. Intell. 14(1), 47\u201359 (2019). https:\/\/doi.org\/10.1007\/s12065-019-00291-w","journal-title":"Evolution. Intell."},{"key":"18_CR19","unstructured":"Liashchynskyi, P., Liashchynskyi, P.: Grid search, random search, genetic algorithm: a big comparison for NAS. arXiv preprint arXiv:1912.06059 (2019)"},{"issue":"5","key":"18_CR20","first-page":"478","volume":"8","author":"S Meftah","year":"2019","unstructured":"Meftah, S., Rachidi, T., Assem, N.: Network based intrusion detection using the UNSW-NB15 dataset. Int. J. Comput. Digit. Syst. 8(5), 478\u2013487 (2019)","journal-title":"Int. J. Comput. Digit. Syst."},{"key":"18_CR21","doi-asserted-by":"publisher","unstructured":"Moustafa, N.: A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets. Sustain. Cities Soc. 72, 102994 (2021). https:\/\/doi.org\/10.1016\/j.scs.2021.102994, https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S2210670721002808","DOI":"10.1016\/j.scs.2021.102994"},{"key":"18_CR22","doi-asserted-by":"crossref","unstructured":"Nil\u0103, C., Patriciu, V.: Taking advantage of unsupervised learning in incident response. In: 2020 12th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), pp. 1\u20136. IEEE (2020)","DOI":"10.1109\/ECAI50035.2020.9223163"},{"key":"18_CR23","doi-asserted-by":"publisher","unstructured":"Nil\u0103, C., Apostol, I., Patriciu, V.: Machine learning approach to quick incident response. In: 2020 13th International Conference on Communications (COMM), pp. 291\u2013296 (2020). https:\/\/doi.org\/10.1109\/COMM48946.2020.9141989","DOI":"10.1109\/COMM48946.2020.9141989"},{"key":"18_CR24","unstructured":"OWASP Top 10:2021 \u2014 owasp.org. https:\/\/owasp.org\/Top10\/. Accessed 07 Oct 2023"},{"key":"18_CR25","doi-asserted-by":"publisher","unstructured":"Pavlov, A., Voloshina, N.: Dataset selection for attacker group identification methods. In: 2021 30th Conference of Open Innovations Association FRUCT, pp. 171\u2013176 (2021). https:\/\/doi.org\/10.23919\/FRUCT53335.2021.9599966","DOI":"10.23919\/FRUCT53335.2021.9599966"},{"key":"18_CR26","doi-asserted-by":"publisher","unstructured":"Priya, S., Sahu, B.K., Kumar, B., Yadav, M.: Network intrusion detection system using XGBoost. Int. J. Eng. Adv. Technol. 9(1), 4070\u20134073 (2019). https:\/\/doi.org\/10.35940\/ijeat.A1307.109119, https:\/\/www.ijeat.org\/portfolio-item\/A1307109119\/","DOI":"10.35940\/ijeat.A1307.109119"},{"key":"18_CR27","doi-asserted-by":"publisher","unstructured":"Sarhan, M., Layeghy, S., Portmann, M.: Towards a standard feature set for network intrusion detection system datasets. Mob. Netw. Appl. 27(1), 357\u2013370 (2022). https:\/\/doi.org\/10.1007\/s11036-021-01843-0","DOI":"10.1007\/s11036-021-01843-0"},{"key":"18_CR28","doi-asserted-by":"publisher","unstructured":"Scarfone, K.A., Mell, P.M.: Guide to intrusion detection and prevention systems (IDPS). Technical report NIST SP 800-94, National Institute of Standards and Technology, Gaithersburg, MD (2007). https:\/\/doi.org\/10.6028\/NIST.SP.800-94, https:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-94.pdf, edition: 0","DOI":"10.6028\/NIST.SP.800-94"},{"key":"18_CR29","doi-asserted-by":"publisher","unstructured":"Talukder, M.A., et al.: A dependable hybrid machine learning model for network intrusion detection. J. Inf. Secur. Appl. 72, 103405 (2023). https:\/\/doi.org\/10.1016\/j.jisa.2022.103405, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S2214212622002496","DOI":"10.1016\/j.jisa.2022.103405"},{"key":"18_CR30","doi-asserted-by":"publisher","unstructured":"Yang, L., Moubayed, A., Shami, A.: MTH-IDS: a multi-tiered hybrid intrusion detection system for internet of vehicles. IEEE Internet Things J. 616\u2013632 (2022). https:\/\/doi.org\/10.1109\/JIOT.2021.3084796, http:\/\/arxiv.org\/abs\/2105.13289, arXiv:2105.13289 [cs]","DOI":"10.1109\/JIOT.2021.3084796"},{"key":"18_CR31","doi-asserted-by":"publisher","unstructured":"Yang, L., Shami, A.: On hyperparameter optimization of machine learning algorithms: theory and practice. Neurocomputing 415, 295\u2013316 (2020). https:\/\/doi.org\/10.1016\/j.neucom.2020.07.061, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0925231220311693","DOI":"10.1016\/j.neucom.2020.07.061"},{"key":"18_CR32","unstructured":"Zoghi, Z., Serpen, G.: UNSW-NB15 computer security dataset: analysis through visualization. arXiv preprint arXiv:2101.05067 (2021)"}],"container-title":["Lecture Notes in Computer Science","Machine Learning for Networking"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-59933-0_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,27]],"date-time":"2024-05-27T11:04:39Z","timestamp":1716807879000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-59933-0_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031599323","9783031599330"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-59933-0_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"25 May 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"MLN","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Machine Learning for Networking","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 November 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"mln2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.adda-association.org\/mln-2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"47% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}