{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T01:57:45Z","timestamp":1771034265375,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":23,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819755806","type":"print"},{"value":"9789819755813","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-981-97-5581-3_22","type":"book-chapter","created":{"date-parts":[[2024,8,1]],"date-time":"2024-08-01T19:02:53Z","timestamp":1722538973000},"page":"269-280","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Toward Unknown\/Known Cyberattack Detection with a Causal Transformer"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4214-8594","authenticated-orcid":false,"given":"Ming","family":"Dai","sequence":"first","affiliation":[]},{"given":"Aimei","family":"Kang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5329-0713","authenticated-orcid":false,"given":"Zengri","family":"Zeng","sequence":"additional","affiliation":[]},{"given":"Yuxuan","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Bing","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Jiayi","family":"Peng","sequence":"additional","affiliation":[]},{"given":"Wenjian","family":"Luo","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9950-9848","authenticated-orcid":false,"given":"Genghui","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,8,1]]},"reference":[{"issue":"7","key":"22_CR1","first-page":"659","volume":"44","author":"G Singh","year":"2022","unstructured":"Singh, G., Khare, N.: A survey of intrusion detection from the perspective of intrusion datasets and machine learning techniques. Int. J. Comput. Appl. 44(7), 659\u2013669 (2022)","journal-title":"Int. J. Comput. Appl."},{"issue":"4","key":"22_CR2","doi-asserted-by":"publisher","first-page":"4750","DOI":"10.1109\/TNSM.2022.3193099","volume":"19","author":"Z Zeng","year":"2022","unstructured":"Zeng, Z., Wei, P., Zeng, D.: Improving the stability of intrusion detection with causal deep learning. IEEE Trans. Netw. Serv. Manage. 19(4), 4750\u20134763 (2022)","journal-title":"IEEE Trans. Netw. Serv. Manage."},{"key":"22_CR3","doi-asserted-by":"publisher","first-page":"3538","DOI":"10.1109\/TIFS.2021.3083422","volume":"16","author":"J Yang","year":"2022","unstructured":"Yang, J., Chen, X., Chen, S.: Conditional variational auto-encoder and extreme value theory aided two-stage learning approach for intelligent fine-grained known\/unknown intrusion detection. IEEE Trans. Inf. Forensics Secur. 16, 3538\u20133553 (2022)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"22_CR4","unstructured":"Xu, J., Wu, H., Wang, J., Long, M,.: Anomaly transformer: Time series anomaly detection with association discrepancy. In: 8th International Conference on Learning Representations, vol. 9, pp. 1\u201320 (2022)"},{"issue":"1","key":"22_CR5","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1145\/3400051.3400058","volume":"22","author":"R Moraffah","year":"2020","unstructured":"Moraffah, R., Karmi, M., Liu, H.: Causal interpretability for machine learning-problems, methods and evaluation. ACM SIGKDD Explorations Newsl 22(1), 18\u201333 (2020)","journal-title":"ACM SIGKDD Explorations Newsl"},{"key":"22_CR6","unstructured":"Hunermund, P. : Causal machine learning and business decision making. In: 11th Academy of Management Proceedings on SSRN Electronic Journal (2), pp. 1\u20136. Academy Management (2022)"},{"issue":"8","key":"22_CR7","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1038\/s42256-020-0218-x","volume":"2","author":"Y Luo","year":"2020","unstructured":"Luo, Y., Peng, J., Ma, J.: When causal inference meets deep learning. Nat. Mach. Intell. 2(8), 426\u2013427 (2020)","journal-title":"Nat. Mach. Intell."},{"key":"22_CR8","doi-asserted-by":"crossref","unstructured":"Zhang, X. : Deep stable learning for out-of-distribution generalization. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition (2021)","DOI":"10.1109\/CVPR46437.2021.00533"},{"issue":"2","key":"22_CR9","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1038\/s42256-022-00445-z","volume":"4","author":"P Cui","year":"2022","unstructured":"Cui, P., Susan, A.: Stable learning establishes some common ground between causal inference and machine learning. Natu. Mach. Intell. 4(2), 110\u2013115 (2022)","journal-title":"Natu. Mach. Intell."},{"key":"22_CR10","doi-asserted-by":"crossref","unstructured":"Jung, Y., Jin T.: Estimating identifiable causal effects through double machine learning. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol.35 (13) (2021 )","DOI":"10.1609\/aaai.v35i13.17438"},{"key":"22_CR11","unstructured":"Vaswani, A.: Attention is all you need. Advances in neural information processing systems 30 (2017)"},{"key":"22_CR12","unstructured":"Bishop, C.M., Nasrabadi, N.M.: Pattern recognition and machine learning, vol. 4(4). Springer,\u00a0 New York(2006)"},{"key":"22_CR13","unstructured":"Habibi, L., A., Kaur, G., Rahali, A.: Didarknet: a contemporary approach to detect and characterize the darknet traffic using deep image learning. In: 10th International Conference on Communication and Network Security, pp. 1\u201313 (2020)"},{"key":"22_CR14","doi-asserted-by":"crossref","unstructured":"Carrier, T., Victor, P., Tekeoglu, A.: Detecting obfuscated malware using memory feature engineering. In ICISSP, pp. 177\u2013188 (2022)","DOI":"10.5220\/0010908200003120"},{"key":"22_CR15","doi-asserted-by":"crossref","unstructured":"Tuli, S., Giuliano, C., Nicholas, R.: Tranad: Deep transformer networks for anomaly detection in multivariate time series data. arXiv preprint arXiv:2201.07284 (2022)","DOI":"10.14778\/3514061.3514067"},{"key":"22_CR16","doi-asserted-by":"crossref","unstructured":"Hundman, K., Constantinou, V., Laporte, C., Colwell, I.: Detecting spacecraft anomalies using lstms and nonparametric dynamic thresholding. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 387\u2013395 (2022)","DOI":"10.1145\/3219819.3219845"},{"key":"22_CR17","doi-asserted-by":"crossref","unstructured":"Tan, M., Iacovazzi, A.: A neural attention model for real-time network intrusion detection. In: 44th International Conference on Local Computer Networks (LCN), pp. 291\u2013299 (2019)","DOI":"10.1109\/LCN44214.2019.8990890"},{"key":"22_CR18","doi-asserted-by":"crossref","unstructured":"Hou, H., Di, Z., Zhang, M., Yuan, D.: An intrusion detection method for cyber monintoring using attention based hierarchical LSTM. In: 8th International Conference on Big Data Security on Cloud (BigDataSecurity), pp. 125\u2013130 (2022)","DOI":"10.1109\/BigDataSecurityHPSCIDS54978.2022.00032"},{"key":"22_CR19","doi-asserted-by":"crossref","unstructured":"Li, D., Chen, D.: Madgan: multivariate anomaly detection for time series data with generative adversarial networks, vol.\u00a0 6(8), 703\u2013716 (2022)","DOI":"10.1007\/978-3-030-30490-4_56"},{"issue":"1","key":"22_CR20","doi-asserted-by":"publisher","first-page":"263410","DOI":"10.1371\/journal.pone.0263423","volume":"17","author":"Y Feng","year":"2022","unstructured":"Feng, Y., et al.: An improved X-means and isolation forest based methodology for network traffic anomaly detection. PLoS ONE 17(1), 263410\u2013263423 (2022)","journal-title":"PLoS ONE"},{"issue":"7","key":"22_CR21","doi-asserted-by":"publisher","first-page":"1757","DOI":"10.1109\/TPAMI.2012.256","volume":"35","author":"WJ Scheirer","year":"2012","unstructured":"Scheirer, W.J., de Rezende Rocha, A., Sapkota, A., Boult, T.: Toward open set recognition. IEEE Trans. Pattern Anal. Mach. Intell. 35(7), 1757\u20131772 (2012)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"22_CR22","doi-asserted-by":"crossref","unstructured":"Abou, E., Houda, Z., Senhaji, H., Khoukhi, L.: A novel unsupervised learning method for intrusion detection in software-defined networks. In: Computational Intelligence in Recent Communication Networks, pp. 103\u2013117 (2021)","DOI":"10.1007\/978-3-030-77185-0_7"},{"issue":"5","key":"22_CR23","doi-asserted-by":"publisher","first-page":"210","DOI":"10.3390\/info12050215","volume":"12","author":"K Fotiadou","year":"2021","unstructured":"Fotiadou, K., Velivassaki, T., Voulkidis, A., Skias, D.: Network traffic anomaly detection via deep learning. Information 12(5), 210\u2013215 (2021)","journal-title":"Information"}],"container-title":["Lecture Notes in Computer Science","Advanced Intelligent Computing Technology and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-97-5581-3_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,25]],"date-time":"2024-11-25T16:05:42Z","timestamp":1732550742000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-97-5581-3_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9789819755806","9789819755813"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-981-97-5581-3_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"1 August 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICIC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Intelligent Computing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tianjin","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 August 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 August 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icic2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ic-icc.cn\/2024\/index.htm","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}