{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,12]],"date-time":"2026-01-12T23:54:03Z","timestamp":1768262043016,"version":"3.49.0"},"reference-count":41,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"name":"Fundamental Research Funds for the Central Universities through the Project \u201cResearch on the Detection of Network Intrusion Evasion Based on Big Data Technology\u201d","award":["2016MS33"],"award-info":[{"award-number":["2016MS33"]}]},{"DOI":"10.13039\/501100004826","name":"Natural Science Foundation of Beijing Municipality","doi-asserted-by":"publisher","award":["4162056"],"award-info":[{"award-number":["4162056"]}],"id":[{"id":"10.13039\/501100004826","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2019]]},"DOI":"10.1109\/access.2019.2925639","type":"journal-article","created":{"date-parts":[[2019,6,28]],"date-time":"2019-06-28T19:58:23Z","timestamp":1561751903000},"page":"87816-87826","source":"Crossref","is-referenced-by-count":9,"title":["Detection and Recognition of Atomic Evasions Against Network Intrusion Detection\/Prevention Systems"],"prefix":"10.1109","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8450-3753","authenticated-orcid":false,"given":"Jia","family":"Jingping","sequence":"first","affiliation":[]},{"given":"Chen","family":"Kehua","sequence":"additional","affiliation":[]},{"given":"Chen","family":"Jia","sequence":"additional","affiliation":[]},{"given":"Zhou","family":"Dengwen","sequence":"additional","affiliation":[]},{"given":"Ma","family":"Wei","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","first-page":"1","article-title":"Recurrent auto-encoder model for multidimensional time series representation","author":"wong","year":"2018","journal-title":"Proc ICLR"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258516"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.12.012"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/CISDA.2009.5356528"},{"key":"ref31","author":"hettich","year":"1999","journal-title":"The UCI KDD Archive"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(00)00139-0"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.07.003"},{"key":"ref36","first-page":"339","article-title":"Reading network packets as a natural language for intrusion detection","author":"mimura","year":"2017","journal-title":"Proc Int Conf Inf Security Cryptol"},{"key":"ref35","author":"holstein","year":"2002","journal-title":"How does Fragroute Evade NIDS Detection?"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/1921168.1921179"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SecTech.2014.18"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1007\/s10618-016-0455-0"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2011.092311.00082"},{"key":"ref12","author":"gorton","year":"2004","journal-title":"Combining Evasion Techniques to Avoid Network Intrusion Detection Systems"},{"key":"ref13","first-page":"1","article-title":"Automatic discovery of evasion vulnerabilities using targeted protocol fuzzing","author":"levomaki","year":"2017","journal-title":"Proc Black Hat Briefings"},{"key":"ref14","first-page":"1","article-title":"Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics","author":"kreibich","year":"2001","journal-title":"Proc Usenix Secur Symp"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2003.1199327"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2003.822645"},{"key":"ref17","first-page":"229","article-title":"Snort: Lightweight intrusion detection for networks","volume":"99","author":"roesch","year":"1999","journal-title":"LISA"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2011.12"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.27"},{"key":"ref28","article-title":"Probabilistic modeling and inference for obfuscated cyber attack sequences","author":"du","year":"2018","journal-title":"arXiv 1809 01562"},{"key":"ref4","author":"roelker","year":"2003","journal-title":"1HTTP IDS Evasions Revisited"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.9734\/BJAST\/2016\/23668"},{"key":"ref3","article-title":"Insertion, evasion, and denial of service: Eluding network intrusion detection","author":"ptacek","year":"1998"},{"key":"ref6","first-page":"1","article-title":"Evolutions of evasion techniques aigainst network intrusion detection systems","author":"vidal","year":"2013","journal-title":"Proc of the 6th Int Conf on Inf"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.06.005"},{"key":"ref5","article-title":"Detecting and modeling polymorphic shellcode","author":"nbou","year":"2010"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2017.37"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1002\/dac.3339"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.17487\/rfc0761"},{"key":"ref9","author":"majewski","year":"2014","journal-title":"Advanced Evasion Techniques for Dummies"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"ref20","author":"novak","year":"2005"},{"key":"ref22","article-title":"IDS system evasion techniques","author":"bukac","year":"2010"},{"key":"ref21","first-page":"1","volume":"3","author":"novak","year":"2007","journal-title":"Target Based Tcp Stream Reassembly"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/IRI.2018.00009"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2513092.2500489"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/TCYB.2015.2415032"},{"key":"ref26","article-title":"Improving network intrusion detection classifiers by non-payload-based exploit-independent obfuscations: An adversarial approach","author":"homoliak","year":"2018","journal-title":"arXiv 1805 02684"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2017.09.053"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/8600701\/08750789.pdf?arnumber=8750789","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,10]],"date-time":"2021-08-10T19:39:55Z","timestamp":1628624395000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8750789\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"references-count":41,"URL":"https:\/\/doi.org\/10.1109\/access.2019.2925639","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]}}}