{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T16:12:16Z","timestamp":1777997536149,"version":"3.51.4"},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2023,11,10]],"date-time":"2023-11-10T00:00:00Z","timestamp":1699574400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,11,10]],"date-time":"2023-11-10T00:00:00Z","timestamp":1699574400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2024,6]]},"DOI":"10.1007\/s10586-023-04179-4","type":"journal-article","created":{"date-parts":[[2023,11,10]],"date-time":"2023-11-10T07:01:44Z","timestamp":1699599704000},"page":"3819-3836","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Multi-stage intrusion detection system aided by grey wolf optimization algorithm"],"prefix":"10.1007","volume":"27","author":[{"given":"Somnath","family":"Chatterjee","sequence":"first","affiliation":[]},{"given":"Vaibhav","family":"Shaw","sequence":"additional","affiliation":[]},{"given":"Ranit","family":"Das","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,11,10]]},"reference":[{"key":"4179_CR1","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1016\/j.jnca.2013.08.001","volume":"40","author":"N Hoque","year":"2014","unstructured":"Hoque, N., Bhuyan, M.H., Baishya, R.C., Bhattacharyya, D.K., Kalita, J.K.: Network attacks: taxonomy, tools and systems. J. Netw. Comput. Appl. 40, 307\u2013324 (2014). https:\/\/doi.org\/10.1016\/j.jnca.2013.08.001","journal-title":"J. Netw. Comput. Appl."},{"key":"4179_CR2","doi-asserted-by":"publisher","first-page":"e475","DOI":"10.7717\/peerj-cs.475","volume":"7","author":"A Bilen","year":"2021","unstructured":"Bilen, A., \u00d6zer, A.B.: Cyber-attack method and perpetrator prediction using machine learning algorithms. Peer J. Comput. Sci. 7, e475 (2021). https:\/\/doi.org\/10.7717\/peerj-cs.475","journal-title":"Peer J. Comput. Sci."},{"issue":"1","key":"4179_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13635-016-0042-3","volume":"2016","author":"J Ullrich","year":"2016","unstructured":"Ullrich, J., Cropper, J., Fr\u00fchwirt, P., Weippl, E.: The role and security of firewalls in cyber-physical cloud computing. EURASIP J. Inf. Secur. 2016(1), 1\u201320 (2016). https:\/\/doi.org\/10.1186\/s13635-016-0042-3","journal-title":"EURASIP J. Inf. Secur."},{"key":"4179_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1155\/2018\/8210614","volume":"2018","author":"G Li","year":"2018","unstructured":"Li, G., Yan, Z., Fu, Y., Chen, H.: Data fusion for network intrusion detection: a review. Secur. Commun. Netw. 2018, 1\u201316 (2018). https:\/\/doi.org\/10.1155\/2018\/8210614","journal-title":"Secur. Commun. Netw."},{"key":"4179_CR5","doi-asserted-by":"publisher","unstructured":"Azeez, N.A., Bada, T.M., Misra, S., Adewumi, A., der Vyver, C.V., Ahuja, R.: Intrusion Detection and Prevention Systems: An Updated Review. In: Data Management, Analytics and Innovation. Springer, Singapore. pp. 685\u2013696 (2019). https:\/\/doi.org\/10.1007\/978-981-32-9949-8_48","DOI":"10.1007\/978-981-32-9949-8_48"},{"key":"4179_CR6","doi-asserted-by":"publisher","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. IEEE (2009). https:\/\/doi.org\/10.1109\/cisda.2009.5356528","DOI":"10.1109\/cisda.2009.5356528"},{"issue":"6","key":"4179_CR7","first-page":"446","volume":"4","author":"L Dhanabal","year":"2015","unstructured":"Dhanabal, L., Shantharajah, S.: A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int. J. Adv. Res. Comput. Commun. Eng. 4(6), 446\u2013452 (2015)","journal-title":"Int. J. Adv. Res. Comput. Commun. Eng."},{"key":"4179_CR8","doi-asserted-by":"publisher","unstructured":"Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military communications and information systems conference (MilCIS). IEEE (2015). https:\/\/doi.org\/10.1109\/milcis.2015.7348942","DOI":"10.1109\/milcis.2015.7348942"},{"key":"4179_CR9","unstructured":"Baldi, P.: Autoencoders, unsupervised learning, and deep architectures. In: Proceedings of ICML workshop on unsupervised and transfer learning. JMLR Workshop and Conference Proceedings. pp. 37\u201349 (2012)"},{"key":"4179_CR10","doi-asserted-by":"publisher","first-page":"45182","DOI":"10.1109\/access.2019.2908225","volume":"7","author":"Y Zeng","year":"2019","unstructured":"Zeng, Y., Gu, H., Wei, W., Guo, Y.: $$Deep-full-range$$: a deep learning based network encrypted traffic classification and intrusion detection framework. IEEE Access 7, 45182\u201345190 (2019). https:\/\/doi.org\/10.1109\/access.2019.2908225","journal-title":"IEEE Access"},{"key":"4179_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1155\/2017\/4184196","volume":"2017","author":"Y Yu","year":"2017","unstructured":"Yu, Y., Long, J., Cai, Z.: Network intrusion detection through stacking dilated convolutional autoencoders. Secur. Commun. Netw. 2017, 1\u201310 (2017). https:\/\/doi.org\/10.1155\/2017\/4184196","journal-title":"Secur. Commun. Netw."},{"issue":"10","key":"4179_CR12","doi-asserted-by":"publisher","first-page":"1701","DOI":"10.3390\/s16101701","volume":"16","author":"T Ma","year":"2016","unstructured":"Ma, T., Wang, F., Cheng, J., Yu, Y., Chen, X.: A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors 16(10), 1701 (2016). https:\/\/doi.org\/10.3390\/s16101701","journal-title":"Sensors"},{"issue":"5","key":"4179_CR13","doi-asserted-by":"publisher","first-page":"848","DOI":"10.1007\/s12559-018-9564-y","volume":"10","author":"BG Atli","year":"2018","unstructured":"Atli, B.G., Miche, Y., Kalliola, A., Oliver, I., Holtmanns, S., Lendasse, A.: Anomaly-based intrusion detection using extreme learning machine and aggregation of network traffic statistics in probability space. Cogn. Comput. 10(5), 848\u2013863 (2018). https:\/\/doi.org\/10.1007\/s12559-018-9564-y","journal-title":"Cogn. Comput."},{"issue":"3","key":"4179_CR14","doi-asserted-by":"publisher","first-page":"1092","DOI":"10.1109\/tpwrd.2014.2300099","volume":"29","author":"Y Yang","year":"2014","unstructured":"Yang, Y., McLaughlin, K., Sezer, S., Littler, T., Im, E.G., Pranggono, B., et al.: Multiattribute SCADA-specific intrusion detection system for power networks. IEEE Trans. Power Deliv. 29(3), 1092\u20131102 (2014). https:\/\/doi.org\/10.1109\/tpwrd.2014.2300099","journal-title":"IEEE Trans. Power Deliv."},{"issue":"1\u20133","key":"4179_CR15","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1080\/19393555.2015.1125974","volume":"25","author":"N Moustafa","year":"2016","unstructured":"Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. A Global Perspect. 25(1\u20133), 18\u201331 (2016). https:\/\/doi.org\/10.1080\/19393555.2015.1125974","journal-title":"Inf. Secur. J. A Global Perspect."},{"issue":"4","key":"4179_CR16","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1109\/tbdata.2017.2715166","volume":"5","author":"N Moustafa","year":"2019","unstructured":"Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans.on Big Data 5(4), 481\u2013494 (2019). https:\/\/doi.org\/10.1109\/tbdata.2017.2715166","journal-title":"IEEE Trans.on Big Data"},{"issue":"1","key":"4179_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-018-0145-4","volume":"5","author":"SM Othman","year":"2018","unstructured":"Othman, S.M., Ba-Alwi, F.M., Alsohybe, N.T., Al-Hashida, A.Y.: Intrusion detection model using machine learning algorithm on big data environment. J. Big Data 5(1), 1\u201312 (2018). https:\/\/doi.org\/10.1186\/s40537-018-0145-4","journal-title":"J. Big Data"},{"key":"4179_CR18","doi-asserted-by":"publisher","first-page":"107720","DOI":"10.1016\/j.compeleceng.2022.107720","volume":"99","author":"SK Sahu","year":"2022","unstructured":"Sahu, S.K., Mohapatra, D.P., Rout, J.K., Sahoo, K.S., Pham, Q.V., Dao, N.N.: A LSTM-FCNN based multi-class intrusion detection using scalable framework. Comput. Electr. Eng. 99, 107720 (2022). https:\/\/doi.org\/10.1016\/j.compeleceng.2022.107720","journal-title":"Comput. Electr. Eng."},{"key":"4179_CR19","doi-asserted-by":"publisher","first-page":"53346","DOI":"10.1109\/access.2020.2980937","volume":"8","author":"G Andresini","year":"2020","unstructured":"Andresini, G., Appice, A., Mauro, N.D., Loglisci, C., Malerba, D.: Multi-channel deep feature learning for intrusion detection. IEEE Access 8, 53346\u201353359 (2020). https:\/\/doi.org\/10.1109\/access.2020.2980937","journal-title":"IEEE Access"},{"key":"4179_CR20","first-page":"108","volume":"1","author":"I Sharafaldin","year":"2018","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108\u2013116 (2018)","journal-title":"ICISSp"},{"issue":"1","key":"4179_CR21","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.jnca.2012.09.004","volume":"36","author":"HJ Liao","year":"2013","unstructured":"Liao, H.J., Lin, C.H.R., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16\u201324 (2013). https:\/\/doi.org\/10.1016\/j.jnca.2012.09.004","journal-title":"J. Netw. Comput. Appl."},{"key":"4179_CR22","doi-asserted-by":"publisher","unstructured":"Bilge, L., Dumitras, T.: Before we knew it. In: Proceedings of the 2012 ACM conference on computer and communications security-CCS \u201912. ACM Press (2012). https:\/\/doi.org\/10.1145\/2382196.2382284","DOI":"10.1145\/2382196.2382284"},{"key":"4179_CR23","doi-asserted-by":"crossref","unstructured":"Sakurada, M., Yairi, T.: Anomaly detection using autoencoders with nonlinear dimensionality reduction. In: Proceedings of the MLSDA 2014 2nd workshop on machine learning for sensory data analysis - MLSDA\u201914. New York, New York, USA: ACM Press (2014)","DOI":"10.1145\/2689746.2689747"},{"key":"4179_CR24","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1016\/j.advengsoft.2013.12.007","volume":"69","author":"S Mirjalili","year":"2014","unstructured":"Mirjalili, S., Mirjalili, S.M., Lewis, A.: Grey wolf optimizer. Adv. Eng. Softw. 69, 46\u201361 (2014). https:\/\/doi.org\/10.1016\/j.advengsoft.2013.12.007","journal-title":"Adv. Eng. Softw."},{"issue":"1","key":"4179_CR25","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001)","journal-title":"Mach. Learn."},{"issue":"2","key":"4179_CR26","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/BF00058655","volume":"24","author":"L Breiman","year":"1996","unstructured":"Breiman, L.: Bagging predictors. Mach. Learn. 24(2), 123\u2013140 (1996)","journal-title":"Mach. Learn."},{"key":"4179_CR27","volume-title":"Advances in Neural Information Processing Systems","author":"G Ke","year":"2017","unstructured":"Ke, G., Meng, Q., Finley, T., Wang, T., Chen, W., Ma, W., et al.: LightGBM: A Highly Efficient Gradient Boosting Decision Tree. In: Guyon, I., Luxburg, U.V., Bengio, S., Wallach, H., Fergus, R., Vishwanathan, S., et al. (eds.) Advances in Neural Information Processing Systems, vol. 30. Curran Associates Inc, NewYork (2017)"},{"key":"4179_CR28","doi-asserted-by":"crossref","unstructured":"F\u00fcrnkranz, J., Chan, P.K., Craw, S., Sammut, C., Uther, W., Ratnaparkhi, A., et\u00a0al.: Mean Squared Error. In: Encyclopedia of Machine Learning. pp. 653\u2013653. Springer, Boston (2011)","DOI":"10.1007\/978-0-387-30164-8_528"},{"key":"4179_CR29","doi-asserted-by":"crossref","unstructured":"Pearson\u2019s Correlation Coefficient. In: Encyclopedia of Public Health. pp. 1090\u20131091. Springer Netherlands, Dordrecht (2008)","DOI":"10.1007\/978-1-4020-5614-7_2569"},{"key":"4179_CR30","doi-asserted-by":"publisher","unstructured":"Moustafa, N., Slay, J.: The Significant Features of the UNSW-NB15 and the KDD99 Data Sets for Network Intrusion Detection Systems. In: 2015 4th international workshop on building analysis datasets and gathering experience returns for security (BADGERS). IEEE (2015). Available from: https:\/\/doi.org\/10.1109\/badgers.2015.014","DOI":"10.1109\/badgers.2015.014"},{"issue":"1","key":"4179_CR31","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-023-00694-8","volume":"10","author":"Y Yin","year":"2023","unstructured":"Yin, Y., Jang-Jaccard, J., Xu, W., Singh, A., Zhu, J., Sabrina, F., et al.: IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset. J. Big Data. 10(1), 1\u201326 (2023). https:\/\/doi.org\/10.1186\/s40537-023-00694-8","journal-title":"J. Big Data."},{"issue":"10","key":"4179_CR32","doi-asserted-by":"publisher","first-page":"1666","DOI":"10.3390\/sym12101666","volume":"12","author":"MS Al-Daweri","year":"2020","unstructured":"Al-Daweri, M.S., Ariffin, K.A.Z., Abdullah, S., Senan, M.F.E.M.: An analysis of the KDD99 and UNSW-NB15 datasets for the intrusion detection system. Symmetry 12(10), 1666 (2020). https:\/\/doi.org\/10.3390\/sym12101666","journal-title":"Symmetry"},{"issue":"1","key":"4179_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-020-00379-6","volume":"7","author":"SM Kasongo","year":"2020","unstructured":"Kasongo, S.M., Sun, Y.: Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. J. of Big Data 7(1), 1\u201320 (2020). https:\/\/doi.org\/10.1186\/s40537-020-00379-6","journal-title":"J. of Big Data"},{"issue":"2","key":"4179_CR34","doi-asserted-by":"publisher","first-page":"1397","DOI":"10.1007\/s10586-019-03008-x","volume":"23","author":"V Kumar","year":"2019","unstructured":"Kumar, V., Sinha, D., Das, A.K., Pandey, S.C., Goswami, R.T.: An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Clust. Comput. 23(2), 1397\u20131418 (2019). https:\/\/doi.org\/10.1007\/s10586-019-03008-x","journal-title":"Clust. Comput."},{"issue":"7","key":"4179_CR35","doi-asserted-by":"publisher","first-page":"1223","DOI":"10.3390\/en12071223","volume":"12","author":"J Gao","year":"2019","unstructured":"Gao, J., Chai, S., Zhang, B., Xia, Y.: Research on network intrusion detection based on incremental extreme learning machine and adaptive principal component analysis. Energies 12(7), 1223 (2019). https:\/\/doi.org\/10.3390\/en12071223","journal-title":"Energies"},{"key":"4179_CR36","doi-asserted-by":"publisher","unstructured":"Yulianto, A., Sukarno, P., Suwastika, N.A.: Improving AdaBoost-based Intrusion Detection System (IDS) Performance on CIC IDS 2017 Dataset. in: Journal of physics: conference series 1192, 012018 (2019). https:\/\/doi.org\/10.1088\/1742-6596\/1192\/1\/012018","DOI":"10.1088\/1742-6596\/1192\/1\/012018"},{"key":"4179_CR37","doi-asserted-by":"publisher","unstructured":"Reis, B., Maia, E., Pra\u00e7a, I.: Selection and Performance Analysis of CICIDS2017 Features Importance. In: Foundations and Practice of Security. Springer International Publishing, Berlin. pp. 56\u201371 (2020). https:\/\/doi.org\/10.1007\/978-3-030-45371-8_4","DOI":"10.1007\/978-3-030-45371-8_4"},{"key":"4179_CR38","doi-asserted-by":"publisher","unstructured":"Catillo, M., Rak, M., Villano, U.: 2L-ZED-IDS: A Two-Level Anomaly Detector for Multiple Attack Classes. In: Advances in Intelligent Systems and Computing. Springer International Publishing. pp. 687\u2013696 (2020). Available from: https:\/\/doi.org\/10.1007\/978-3-030-44038-1_63","DOI":"10.1007\/978-3-030-44038-1_63"},{"key":"4179_CR39","doi-asserted-by":"publisher","unstructured":"Alsyaibani, O.M.A., Utami, E., Hartanto, A.D.: An Intrusion Detection System Model Based on Bidirectional LSTM. In: 2021 3rd international conference on cybernetics and intelligent system (ICORIS). IEEE (2021). https:\/\/doi.org\/10.1109\/icoris52787.2021.9649612","DOI":"10.1109\/icoris52787.2021.9649612"},{"issue":"1","key":"4179_CR40","doi-asserted-by":"publisher","first-page":"1134","DOI":"10.11591\/ijece.v13i1.pp1134-1141","volume":"13","author":"J Jose","year":"2023","unstructured":"Jose, J., Jose, D.V.: Deep learning algorithms for intrusion detection systems in internet of things using CIC-IDS 2017 dataset. Int. J. Electr. Comput. Eng. (IJECE). 13(1), 1134 (2023). https:\/\/doi.org\/10.11591\/ijece.v13i1.pp1134-1141","journal-title":"Int. J. Electr. Comput. Eng. (IJECE)."},{"key":"4179_CR41","doi-asserted-by":"publisher","unstructured":"Verkerken, M., D\u2019hooge, L., Wauters, T., Volckaert, B., Turck, F.D.: Unsupervised Machine Learning Techniques for Network Intrusion Detection on Modern Data. In: 2020 4th cyber security in networking conference (CSNet). IEEE (2020). https:\/\/doi.org\/10.1109\/csnet50428.2020.9265461","DOI":"10.1109\/csnet50428.2020.9265461"},{"key":"4179_CR42","doi-asserted-by":"publisher","first-page":"22351","DOI":"10.1109\/access.2021.3056614","volume":"9","author":"ZK Maseer","year":"2021","unstructured":"Maseer, Z.K., Yusof, R., Bahaman, N., Mostafa, S.A., Foozy, C.F.M.: Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access 9, 22351\u201322370 (2021). https:\/\/doi.org\/10.1109\/access.2021.3056614","journal-title":"IEEE Access"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-023-04179-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-023-04179-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-023-04179-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T17:19:50Z","timestamp":1717003190000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-023-04179-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,10]]},"references-count":42,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2024,6]]}},"alternative-id":["4179"],"URL":"https:\/\/doi.org\/10.1007\/s10586-023-04179-4","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-2680915\/v1","asserted-by":"object"}]},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,11,10]]},"assertion":[{"value":"1 May 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 September 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 October 2023","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 November 2023","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Authors have consent for publication.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}}]}}