{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:37:30Z","timestamp":1767339450474,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030862602"},{"type":"electronic","value":"9783030862619"}],"license":[{"start":{"date-parts":[[2021,9,2]],"date-time":"2021-09-02T00:00:00Z","timestamp":1630540800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,9,2]],"date-time":"2021-09-02T00:00:00Z","timestamp":1630540800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-86261-9_15","type":"book-chapter","created":{"date-parts":[[2021,9,1]],"date-time":"2021-09-01T13:04:13Z","timestamp":1630501453000},"page":"148-158","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Machine Learning for Network-Based Intrusion Detection Systems: An Analysis of the CIDDS-001 Dataset"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2695-8535","authenticated-orcid":false,"given":"Jos\u00e9","family":"Carneiro","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5030-7751","authenticated-orcid":false,"given":"Nuno","family":"Oliveira","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2919-4817","authenticated-orcid":false,"given":"Norberto","family":"Sousa","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8075-531X","authenticated-orcid":false,"given":"Eva","family":"Maia","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2519-9859","authenticated-orcid":false,"given":"Isabel","family":"Pra\u00e7a","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,9,2]]},"reference":[{"issue":"2","key":"15_CR1","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/s12083-017-0630-0","volume":"12","author":"N Sultana","year":"2018","unstructured":"Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Network. Appl. 12(2), 493\u2013501 (2018). https:\/\/doi.org\/10.1007\/s12083-017-0630-0","journal-title":"Peer-to-Peer Network. Appl."},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Sharafaldin, I., Habibi Lashkari, A., Ghorbani, A.A.: toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy, pp. 108\u2013116. SCITEPRESS - Science and Technology Publications (2018)","DOI":"10.5220\/0006639801080116"},{"key":"15_CR3","unstructured":"Garc\u00eda, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods \u2014 Elsevier Enhanced Reader"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Wheelus, C., Khoshgoftaar, T.M., Zuech, R., Najafabadi, M.M.: a session based approach for aggregating network traffic data - the SANTA dataset. In: 2014 IEEE International Conference on Bioinformatics and Bioengineering, pp. 369\u2013378, November 2014","DOI":"10.1109\/BIBE.2014.72"},{"key":"15_CR5","unstructured":"Ring, M., Wunderlich, S., Gr\u00fcdl, D., Landes, D., Hotho, A.: Flow-based benchmark data sets for intrusion detection. In: Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS), p. 10 (2017)"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Thomas, C., Sharma, V., Balakrishnan, N.: Usefulness of DARPA dataset for intrusion detection system evaluation. In: Proceedings of SPIE - The International Society for Optical Engineering (2008)","DOI":"10.1117\/12.777341"},{"key":"15_CR7","doi-asserted-by":"crossref","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium. Computational Intelligence for Security and Defense Applications, CISDA, vol. 2, July 2009","DOI":"10.1109\/CISDA.2009.5356528"},{"key":"15_CR8","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-030-69781-5_3","volume-title":"CPS4CIP 2020","author":"E Maia","year":"2021","unstructured":"Maia, E., Reis, B., Pra\u00e7a, I., Becue, A., Lancelin, D., Demailly, S.D., Sousa, O.: Cyber threat monitoring systems - comparing attack detection performance of ensemble algorithms. In: Abie, H., Ranise, S., Verderame, L., Cambiaso, E., Ugarelli, R., Giunta, G., Pra\u00e7a, I., Battisti, F. (eds.) CPS4CIP 2020. LNCS, vol. 12618, pp. 31\u201347. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-69781-5_3"},{"key":"15_CR9","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/978-981-15-4032-5_52","volume-title":"Soft Computing: Theories and Applications","author":"I Kumar","year":"2020","unstructured":"Kumar, I., Mohd, N., Bhatt, C., Sharma, S.K.: Development of IDS using supervised machine learning. In: Pant, M., Kumar Sharma, T., Arya, R., Sahana, B.C., Zolfagharinia, H. (eds.) Soft Computing: Theories and Applications. AISC, vol. 1154, pp. 565\u2013577. Springer, Singapore (2020). https:\/\/doi.org\/10.1007\/978-981-15-4032-5_52"},{"issue":"4","key":"15_CR10","doi-asserted-by":"publisher","first-page":"1674","DOI":"10.3390\/app11041674","volume":"11","author":"N Oliveira","year":"2021","unstructured":"Oliveira, N., Pra\u00e7a, I., Maia, E., Sousa, O.: Intelligent cyber attack detection and classification for network-based intrusion detection systems. Appl. Sci. 11(4), 1674 (2021)","journal-title":"Appl. Sci."},{"key":"15_CR11","doi-asserted-by":"publisher","first-page":"709","DOI":"10.1016\/j.procs.2017.12.091","volume":"125","author":"A Verma","year":"2018","unstructured":"Verma, A., Ranga, V.: Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning. Procedia Comput. Sci. 125, 709\u2013716 (2018)","journal-title":"Procedia Comput. Sci."},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Althubiti, S.A., Jones, E.M., Roy, K.: LSTM for anomaly-based network intrusion detection. In: 2018 28th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1\u20133 (2018)","DOI":"10.1109\/ATNAC.2018.8615300"},{"issue":"4","key":"15_CR13","doi-asserted-by":"publisher","first-page":"2287","DOI":"10.1007\/s11277-019-06986-8","volume":"111","author":"A Verma","year":"2019","unstructured":"Verma, A., Ranga, V.: Machine learning based intrusion detection systems for IoT applications. Wirel. Pers. Commun. 111(4), 2287\u20132310 (2019). https:\/\/doi.org\/10.1007\/s11277-019-06986-8","journal-title":"Wirel. Pers. Commun."},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Kilincer, I.F., Ertam, F., Sengur, A.: Machine learning methods for cyber security intrusion detection: datasets and comparative study. Comput. Netw. 188, 107840 (2021)","DOI":"10.1016\/j.comnet.2021.107840"},{"key":"15_CR15","doi-asserted-by":"crossref","unstructured":"Zwane, S., Tarwireyi, P., Adigun, M.: Ensemble learning approach for flow-based intrusion detection system. In: 2019 IEEE AFRICON, pp. 1\u20138 (2019)","DOI":"10.1109\/AFRICON46755.2019.9133979"},{"key":"15_CR16","doi-asserted-by":"crossref","unstructured":"Adhi Tama, B., Rhee, K.H.: Attack classification analysis of IoT network via deep learning approach. Res. Briefs Inf. Commun. Technol. Evolu. (ReBICTE), vol. 3, November 2017","DOI":"10.56801\/rebicte.v3i.54"},{"key":"15_CR17","unstructured":"Ring, M., Wunderlich, S., Grudl, D.: Technical report CIDDS-001 data set. J. Inf. Warfare 13 (2017)"},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Anbar, M., Abdullah, R., Hasbullah, I.H., Chong, Y.-W., Elejla, O.E.: Comparative performance analysis of classification algorithms for intrusion detection system. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand, pp. 282\u2013288, IEEE, December 2016","DOI":"10.1109\/PST.2016.7906975"},{"issue":"2","key":"15_CR19","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/s11749-016-0481-7","volume":"25","author":"G Biau","year":"2016","unstructured":"Biau, G., Scornet, E.: A random forest guided tour. TEST 25(2), 197\u2013227 (2016). https:\/\/doi.org\/10.1007\/s11749-016-0481-7","journal-title":"TEST"},{"key":"15_CR20","doi-asserted-by":"publisher","first-page":"38","DOI":"10.2214\/AJR.18.20224","volume":"212","author":"GS Handelman","year":"2019","unstructured":"Handelman, G.S., et al.: Peering into the black box of artificial intelligence: evaluation metrics of machine learning methods. Am. J. Roentgenol. 212, 38\u201343 (2019)","journal-title":"Am. J. Roentgenol."},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Hossin, M., Sulaiman, M.N.: A review on evaluation metrics for data classification evaluations. Int. J. Data Min. Knowl. Manage. Process 5, 1\u201311 (2015)","DOI":"10.5121\/ijdkp.2015.5201"},{"key":"15_CR22","doi-asserted-by":"crossref","unstructured":"Bisong, E.: Google Colaboratory, pp. 59\u201364. Apress, Berkeley (2019)","DOI":"10.1007\/978-1-4842-4470-8_7"}],"container-title":["Lecture Notes in Networks and Systems","Distributed Computing and Artificial Intelligence, Volume 1: 18th International Conference"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-86261-9_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,11,8]],"date-time":"2023-11-08T04:25:34Z","timestamp":1699417534000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-86261-9_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,9,2]]},"ISBN":["9783030862602","9783030862619"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-86261-9_15","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"type":"print","value":"2367-3370"},{"type":"electronic","value":"2367-3389"}],"subject":[],"published":{"date-parts":[[2021,9,2]]},"assertion":[{"value":"2 September 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DCAI","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Distributed Computing and Artificial Intelligence","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Salamanca","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dcai2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dcai-conference.net\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}