{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,3]],"date-time":"2026-02-03T21:29:31Z","timestamp":1770154171866,"version":"3.49.0"},"publisher-location":"Singapore","reference-count":35,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819564187","type":"print"},{"value":"9789819564194","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-6419-4_15","type":"book-chapter","created":{"date-parts":[[2026,2,3]],"date-time":"2026-02-03T08:58:01Z","timestamp":1770109081000},"page":"253-271","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["X-AdvIDS: A Framework for\u00a0Assessing and\u00a0Improving the\u00a0Adversarial Robustness of\u00a0Intrusion Detection Systems with\u00a0Explainability-Guided Mutation and\u00a0Analysis"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5945-3712","authenticated-orcid":false,"given":"Phan The","family":"Duy","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0094-4650","authenticated-orcid":false,"given":"Truong Thi Hoang","family":"Hao","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0004-9774-2744","authenticated-orcid":false,"given":"Nguyen Viet","family":"Hoang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0006-3023-8249","authenticated-orcid":false,"given":"Nguyen Duc","family":"Trung","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1456-9081","authenticated-orcid":false,"given":"Le Duc","family":"Thinh","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4880-5214","authenticated-orcid":false,"given":"Doan Minh","family":"Trung","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3147-3356","authenticated-orcid":false,"given":"Van-Hau","family":"Pham","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,2,4]]},"reference":[{"key":"15_CR1","doi-asserted-by":"crossref","unstructured":"Abou El\u00a0Houda, Z., Brik, B., Khoukhi, L.: why should I trust your IDS?: an explainable deep learning framework for intrusion detection systems in internet of things networks. IEEE Open J. Commun. Soc. 3, 1164\u20131176 (2022)","DOI":"10.1109\/OJCOMS.2022.3188750"},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Al-Essa, M., Andresini, G., Appice, A., Malerba, D.: Panacea: a neural model ensemble for cyber-threat detection. Mach. Learn. 1\u201344 (2024)","DOI":"10.1109\/DSAA60987.2023.10302518"},{"key":"15_CR3","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2023.108732","volume":"108","author":"MM Alani","year":"2023","unstructured":"Alani, M.M.: An explainable efficient flow-based Industrial IoT intrusion detection system. Comput. Electr. Eng. 108, 108732 (2023)","journal-title":"Comput. Electr. Eng."},{"key":"15_CR4","doi-asserted-by":"publisher","first-page":"73214","DOI":"10.1109\/ACCESS.2022.3189645","volume":"10","author":"MM Alani","year":"2022","unstructured":"Alani, M.M., Awad, A.I.: Paired: an explainable lightweight android malware detection system. IEEE Access 10, 73214\u201373228 (2022)","journal-title":"IEEE Access"},{"key":"15_CR5","doi-asserted-by":"crossref","unstructured":"Alatwi, H.A., Morisset, C.: Realism versus performance for adversarial examples against DL-based NIDS. In: Proceedings of the 38th ACM\/SIGAPP Symposium on Applied Computing, pp. 1549\u20131557 (2023)","DOI":"10.1145\/3555776.3577671"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Alhussien, N., Aleroud, A., Melhem, A., Khamaiseh, S.Y.: Constraining adversarial attacks on network intrusion detection systems: transferability and defense analysis. IEEE Trans. Netw. Serv. Manag. (2024)","DOI":"10.1109\/TNSM.2024.3357316"},{"key":"15_CR7","doi-asserted-by":"crossref","unstructured":"Chen, P.Y., Zhang, H., Sharma, Y., Yi, J., Hsieh, C.J.: Zoo: zeroth order optimization based black-box attacks to deep neural networks without training substitute models. In: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 15\u201326 (2017)","DOI":"10.1145\/3128572.3140448"},{"key":"15_CR8","unstructured":"Cheng, S., Dong, Y., Pang, T., Su, H., Zhu, J.: Improving black-box adversarial attacks with a transfer-based prior. In: Advances in Neural Information Processing Systems, vol. 32 (2019)"},{"key":"15_CR9","doi-asserted-by":"publisher","first-page":"165263","DOI":"10.1109\/ACCESS.2020.3022633","volume":"8","author":"MS Elsayed","year":"2020","unstructured":"Elsayed, M.S., Le-Khac, N.A., Jurcut, A.D.: InSDN: a novel SDN intrusion dataset. IEEE Access 8, 165263\u2013165284 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3022633","journal-title":"IEEE Access"},{"key":"15_CR10","doi-asserted-by":"crossref","unstructured":"Galli, A., La\u00a0Gatta, V., Moscato, V., Postiglione, M., Sperl\u00ec, G.: Explainability in AI-based behavioral malware detection systems. Comput. Secur. 103842 (2024)","DOI":"10.1016\/j.cose.2024.103842"},{"key":"15_CR11","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)"},{"issue":"8","key":"15_CR12","doi-asserted-by":"publisher","first-page":"2632","DOI":"10.1109\/JSAC.2021.3087242","volume":"39","author":"D Han","year":"2021","unstructured":"Han, D., et al.: Evaluating and improving adversarial robustness of machine learning-based network intrusion detectors. IEEE J. Sel. Areas Commun. 39(8), 2632\u20132647 (2021). https:\/\/doi.org\/10.1109\/JSAC.2021.3087242","journal-title":"IEEE J. Sel. Areas Commun."},{"issue":"1","key":"15_CR13","doi-asserted-by":"publisher","first-page":"538","DOI":"10.1109\/COMST.2022.3233793","volume":"25","author":"K He","year":"2023","unstructured":"He, K., Kim, D.D., Asghar, M.R.: Adversarial machine learning for network intrusion detection systems: a comprehensive survey. IEEE Commun. Surv. Tutor. 25(1), 538\u2013566 (2023). https:\/\/doi.org\/10.1109\/COMST.2022.3233793","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Jemaa, A., Rashid, A., Tahar, S.: Extending xreason: formal explanations for adversarial detection (2024). https:\/\/arxiv.org\/abs\/2501.00537","DOI":"10.1007\/978-981-96-6935-6_37"},{"key":"15_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109073","volume":"214","author":"H Jmila","year":"2022","unstructured":"Jmila, H., Khedher, M.I.: Adversarial machine learning for network intrusion detection: a comparative study. Comput. Netw. 214, 109073 (2022)","journal-title":"Comput. Netw."},{"key":"15_CR16","doi-asserted-by":"publisher","first-page":"4924","DOI":"10.1109\/TIFS.2021.3117075","volume":"16","author":"A Kuppa","year":"2021","unstructured":"Kuppa, A., Le-Khac, N.A.: Adversarial XAI methods in cybersecurity. IEEE Trans. Inf. Forensics Secur. 16, 4924\u20134938 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"15_CR17","doi-asserted-by":"crossref","unstructured":"Liu, Y., Tantithamthavorn, C., Li, L., Liu, Y.: Explainable AI for android malware detection: towards understanding why the models perform so well? In: 2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE), pp. 169\u2013180 (2022)","DOI":"10.1109\/ISSRE55969.2022.00026"},{"key":"15_CR18","unstructured":"Lundberg, S.M., Lee, S.I.: A unified approach to interpreting model predictions. In: Advances in Neural Information Processing Systems, vol. 30 (2017)"},{"key":"15_CR19","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards Deep Learning Models Resistant to Adversarial Attacks (2019)"},{"key":"15_CR20","doi-asserted-by":"crossref","unstructured":"Makridis, G., et al.: XAI enhancing cyber defence against adversarial attacks in industrial applications. In: 2022 IEEE 5th International Conference on Image Processing Applications and Systems (IPAS), pp.\u00a01\u20138. IEEE (2022)","DOI":"10.1109\/IPAS55744.2022.10052858"},{"key":"15_CR21","doi-asserted-by":"publisher","first-page":"112392","DOI":"10.1109\/ACCESS.2022.3216617","volume":"10","author":"S Neupane","year":"2022","unstructured":"Neupane, S., et al.: Explainable intrusion detection systems (X-IDS): a survey of current methods, challenges, and opportunities. IEEE Access 10, 112392\u2013112415 (2022)","journal-title":"IEEE Access"},{"key":"15_CR22","unstructured":"Nicolae, M.I., et al.: Adversarial Robustness Toolbox v1. 0.0. arXiv preprint arXiv:1807.01069 (2018)"},{"key":"15_CR23","doi-asserted-by":"crossref","unstructured":"Okada, S., et al.: XAI-driven adversarial attacks on network intrusion detectors. In: Proceedings of the 2024 European Interdisciplinary Cybersecurity Conference, pp. 65\u201373 (2024)","DOI":"10.1145\/3655693.3655714"},{"key":"15_CR24","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1016\/j.future.2020.04.013","volume":"110","author":"M Pawlicki","year":"2020","unstructured":"Pawlicki, M., Chora\u015b, M., Kozik, R.: Defending network intrusion detection systems against adversarial evasion attacks. Futur. Gener. Comput. Syst. 110, 148\u2013154 (2020)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"15_CR25","volume":"71","author":"J Peng","year":"2022","unstructured":"Peng, J., et al.: An trustworthy intrusion detection framework enabled by ex-post-interpretation-enabled approach. J. Inf. Secur. Appl. 71, 103364 (2022)","journal-title":"J. Inf. Secur. Appl."},{"issue":"6","key":"15_CR26","doi-asserted-by":"publisher","first-page":"852","DOI":"10.1109\/TAI.2021.3133846","volume":"3","author":"A Rawal","year":"2021","unstructured":"Rawal, A., McCoy, J., Rawat, D.B., Sadler, B.M., Amant, R.S.: Recent advances in trustworthy explainable artificial intelligence: status, challenges, and perspectives. IEEE Trans. Artif. Intell. 3(6), 852\u2013866 (2021)","journal-title":"IEEE Trans. Artif. Intell."},{"key":"15_CR27","doi-asserted-by":"crossref","unstructured":"Ribeiro, M.T., Singh, S., Guestrin, C.: Why should i trust you?: explaining the predictions of any classifier (2016). https:\/\/arxiv.org\/abs\/1602.04938","DOI":"10.1145\/2939672.2939778"},{"key":"15_CR28","doi-asserted-by":"crossref","unstructured":"Selvaganapathy, S., Sadasivam, S., Raj, N.: SafeXAI: explainable AI to detect adversarial attacks in electronic medical records. In: Intelligent Data Engineering and Analytics: Proceedings of the 9th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA 2021), pp. 501\u2013509. Springer (2022)","DOI":"10.1007\/978-981-16-6624-7_50"},{"key":"15_CR29","first-page":"108","volume":"1","author":"I Sharafaldin","year":"2018","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A., et al.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108\u2013116 (2018)","journal-title":"ICISSp"},{"key":"15_CR30","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1016\/j.inffus.2021.11.011","volume":"81","author":"R Shwartz-Ziv","year":"2022","unstructured":"Shwartz-Ziv, R., Armon, A.: Tabular data: deep learning is not all you need. Inf. Fusion 81, 84\u201390 (2022)","journal-title":"Inf. Fusion"},{"key":"15_CR31","unstructured":"Srivastava, G., et al.: XAI for cybersecurity: state of the art, challenges, open issues and future directions. arXiv preprint arXiv:2206.03585 (2022)"},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Sun, R., et al.: Mate! Are you really aware? An explainability-guided testing framework for robustness of malware detectors. In: Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 1573\u20131585 (2023)","DOI":"10.1145\/3611643.3616309"},{"key":"15_CR33","doi-asserted-by":"publisher","unstructured":"Tai, N.N., et al.: A robust and trustworthy intrusion detection system using adversarial machine learning and XAI. In: 2024 International Conference on Advanced Technologies for Communications (ATC), pp. 407\u2013412 (2024). https:\/\/doi.org\/10.1109\/ATC63255.2024.10908263","DOI":"10.1109\/ATC63255.2024.10908263"},{"key":"15_CR34","unstructured":"Tcydenova, E., Kim, T.W., Lee, C., Park, J.H.: Detection of adversarial attacks in AI-based intrusion detection systems using explainable AI. Hum.-Centric Comput. Inform. Sci. 11 (2021)"},{"issue":"3","key":"15_CR35","doi-asserted-by":"publisher","first-page":"1294","DOI":"10.1109\/TNET.2021.3137084","volume":"30","author":"C Zhang","year":"2022","unstructured":"Zhang, C., Costa-Perez, X., Patras, P.: Adversarial attacks against deep learning-based network intrusion detection systems and defense mechanisms. IEEE\/ACM Trans. Networking 30(3), 1294\u20131311 (2022)","journal-title":"IEEE\/ACM Trans. Networking"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-6419-4_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,3]],"date-time":"2026-02-03T08:58:08Z","timestamp":1770109088000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-6419-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9789819564187","9789819564194"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-6419-4_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"4 February 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Network and System Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Wuhan","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nss2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nsclab.org\/nss-socialsec2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}