{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T19:14:59Z","timestamp":1779909299094,"version":"3.53.1"},"publisher-location":"Singapore","reference-count":25,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819544332","type":"print"},{"value":"9789819544349","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,11,13]],"date-time":"2025-11-13T00:00:00Z","timestamp":1762992000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,11,13]],"date-time":"2025-11-13T00:00:00Z","timestamp":1762992000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-4434-9_32","type":"book-chapter","created":{"date-parts":[[2025,11,12]],"date-time":"2025-11-12T23:02:50Z","timestamp":1762988570000},"page":"631-642","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Few-Shot Retrieval-Augmented LLMs for\u00a0Anomaly Detection in\u00a0Network Traffic"],"prefix":"10.1007","author":[{"given":"Furqan","family":"Rustam","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Islam","family":"Obaidat","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Davide","family":"Di Monda","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Anca Delia","family":"Jurcut","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2025,11,13]]},"reference":[{"key":"32_CR1","unstructured":"MQTT-IoT-IDS2020 Dataset. https:\/\/paperswithcode.com\/dataset\/mqtt-iot-ids2020. Accessed 27 July 2025"},{"key":"32_CR2","unstructured":"sentence-transformers\/all-mpnet-base-v2. https:\/\/huggingface.co\/sentence-transformers\/all-mpnet-base-v2. Accessed 27 July 2025"},{"key":"32_CR3","unstructured":"Ali, T., Kostakos, P.: Huntgpt: Integrating Machine Learning-Based Anomaly Detection and Explainable AI With Large Language Models (LLMs). arXiv preprint (2023)"},{"key":"32_CR4","doi-asserted-by":"crossref","unstructured":"Bovenzi, G., et al.: Mapping the landscape of generative AI in network monitoring and management. IEEE Trans. Netw. Serv. Manag. (2025)","DOI":"10.1109\/TNSM.2025.3543022"},{"key":"32_CR5","unstructured":"Canadian Institute for Cybersecurity: CIC-DDoS2019 Dataset. https:\/\/www.unb.ca\/cic\/datasets\/ddos-2019.html. Accessed 27 July 2025"},{"key":"32_CR6","unstructured":"Child, R., Gray, S., Radford, A., Sutskever, I.: Generating long sequences with sparse transformers. arXiv preprint arXiv:1904.10509 (2019)"},{"key":"32_CR7","doi-asserted-by":"crossref","unstructured":"De Vivo, S., Obaidat, I., Dai, D., Liguori, P.: DDoShield-IoT: a testbed for simulating and lightweight detection of IoT botnet DDoS attacks. In: Proceedings of the 54th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp.\u00a01\u20138 (2024)","DOI":"10.1109\/DSN-W60302.2024.00014"},{"key":"32_CR8","doi-asserted-by":"crossref","unstructured":"Douze, M., et al.: The Faiss Library (2024)","DOI":"10.1109\/TBDATA.2025.3618474"},{"issue":"4","key":"32_CR9","doi-asserted-by":"publisher","first-page":"2861","DOI":"10.1007\/s11831-020-09478-2","volume":"28","author":"R Geetha","year":"2021","unstructured":"Geetha, R., Thilagam, T.: A review on the effectiveness of machine learning and deep learning algorithms for cyber security. Arch. Comput. Methods Eng. 28(4), 2861\u20132879 (2021)","journal-title":"Arch. Comput. Methods Eng."},{"key":"32_CR10","doi-asserted-by":"publisher","first-page":"48890","DOI":"10.1109\/ACCESS.2022.3172432","volume":"10","author":"A Ghourabi","year":"2022","unstructured":"Ghourabi, A.: A security model based on LightGBM and transformer to protect healthcare systems from cyberattacks. IEEE Access 10, 48890\u201348903 (2022)","journal-title":"IEEE Access"},{"key":"32_CR11","unstructured":"Grattafiori, A., et\u00a0al.: The llama 3 herd of models. arXiv preprint arXiv:2407.21783 (2024)"},{"key":"32_CR12","unstructured":"Guo, D., et\u00a0al.: Deepseek-r1: incentivizing reasoning capability in LLMs via reinforcement learning. arXiv preprint arXiv:2501.12948 (2025)"},{"issue":"10","key":"32_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3659575","volume":"56","author":"J Halvorsen","year":"2024","unstructured":"Halvorsen, J., Izurieta, C., Cai, H., Gebremedhin, A.: Applying generative machine learning to intrusion detection: a systematic mapping study and review. ACM Comput. Surv. 56(10), 1\u201333 (2024)","journal-title":"ACM Comput. Surv."},{"key":"32_CR14","doi-asserted-by":"crossref","unstructured":"Houssel, P.R., Singh, P., Layeghy, S., Portmann, M.: Towards Explainable Network Intrusion Detection Using Large Language Models. arXiv preprint (2024)","DOI":"10.1109\/BDCAT63179.2024.00021"},{"key":"32_CR15","unstructured":"Li, Y., Xiang, Z., Bastian, N.D., Song, D., Li, B.: IDS-agent: an LLM agent for explainable intrusion detection in IoT networks. In: NeurIPS 2024 Workshop on Open-World Agents (2024)"},{"key":"32_CR16","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2023.122564","volume":"241","author":"LD Manocchio","year":"2024","unstructured":"Manocchio, L.D., Layeghy, S., Lo, W.W., Kulatilleke, G.K., Sarhan, M., Portmann, M.: FlowTransformer: a transformer framework for flow-based network intrusion detection systems. Expert Syst. Appl. 241, 122564 (2024)","journal-title":"Expert Syst. Appl."},{"key":"32_CR17","unstructured":"Mistral AI: Announcing mistral 7b (2023). https:\/\/mistral.ai\/news\/announcing-mistral-7b. Accessed 27 July 2025"},{"key":"32_CR18","unstructured":"Ollama \/ DeepSeek AI: Deepseek-r1 (2025). https:\/\/ollama.com\/library\/deepseek-r1. Accessed 27 July 2025"},{"key":"32_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2024.110603","volume":"251","author":"F Rustam","year":"2024","unstructured":"Rustam, F., Aljedaani, W., Elsayed, M.S., Jurcut, A.D.: FAMTDS: a novel MFO-based fully automated malicious traffic detection system for multi-environment networks. Comput. Netw. 251, 110603 (2024)","journal-title":"Comput. Netw."},{"key":"32_CR20","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103564","volume":"136","author":"F Rustam","year":"2024","unstructured":"Rustam, F., Jurcut, A.D.: Malicious traffic detection in multi-environment networks using novel S-DATE and PSO-D-SEM approaches. Comput. Secur. 136, 103564 (2024)","journal-title":"Comput. Secur."},{"key":"32_CR21","doi-asserted-by":"publisher","unstructured":"Rustam, F., Jurcut, A.D., Aljedaani, W., Ashraf, I.: Securing multi-environment networks using versatile synthetic data augmentation technique and machine learning algorithms. In: 20th Annual International Conference on Privacy, Security and Trust (PST), pp. 1\u201310. IEEE (2023). https:\/\/doi.org\/10.1109\/PST58708.2023.10320203","DOI":"10.1109\/PST58708.2023.10320203"},{"key":"32_CR22","unstructured":"Rustam, F., Obaidat, I., Jurcut, A.D.: MULTI-LF: a unified continuous learning framework for real-time DDoS detection in multi-environment networks (2025)"},{"key":"32_CR23","doi-asserted-by":"publisher","unstructured":"Rustam, F., Ranaweera, P., Jurcut, A.D.: AI on the defensive and offensive: securing multi-environment networks from AI agents. In: International Conference on Communications (ICC), pp. 4287\u20134292. IEEE (2024). https:\/\/doi.org\/10.1109\/ICC51166.2024.10622943","DOI":"10.1109\/ICC51166.2024.10622943"},{"key":"32_CR24","doi-asserted-by":"crossref","unstructured":"Zhang, H., Sediq, A.B., Afana, A., Erol-Kantarci, M.: Large Language Models in Wireless Application Design: In-Context Learning-Enhanced Automatic Network Intrusion Detection. arXiv preprint (2024)","DOI":"10.1109\/GLOBECOM52923.2024.10901312"},{"key":"32_CR25","doi-asserted-by":"publisher","DOI":"10.1016\/j.jpdc.2024.104934","volume":"192","author":"U Zukaib","year":"2024","unstructured":"Zukaib, U., Cui, X., Zheng, C., Liang, D., Din, S.U.: Meta-fed ids: meta-learning and federated learning based fog-cloud approach to detect known and zero-day cyber attacks in IoMT networks. J. Parallel Distrib. Comput. 192, 104934 (2024)","journal-title":"J. Parallel Distrib. Comput."}],"container-title":["Lecture Notes in Computer Science","Cryptology and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-4434-9_32","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T10:02:32Z","timestamp":1769853752000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-4434-9_32"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,13]]},"ISBN":["9789819544332","9789819544349"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-4434-9_32","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,11,13]]},"assertion":[{"value":"13 November 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CANS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Osaka","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 November 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 November 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cans2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/cy2sec.comm.eng.osaka-u.ac.jp\/miyaji-lab\/event\/cans2025\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}