{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T17:21:17Z","timestamp":1772644877923,"version":"3.50.1"},"reference-count":290,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"Commonwealth Cyber Initiative, an investment in the advancement of cyber research & development, innovation, and workforce development"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/access.2024.3381998","type":"journal-article","created":{"date-parts":[[2024,3,26]],"date-time":"2024-03-26T20:29:23Z","timestamp":1711484963000},"page":"46524-46550","source":"Crossref","is-referenced-by-count":1,"title":["A Systematic Mapping Study on Intrusion Response Systems"],"prefix":"10.1109","volume":"12","author":[{"given":"Adel","family":"Rezapour","sequence":"first","affiliation":[{"name":"Department of Computer Engineering, Science and Research Branch, Islamic Azad University, Birjand Branch, Birjand, Iran"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6661-0942","authenticated-orcid":false,"given":"Mohammad","family":"GhasemiGol","sequence":"additional","affiliation":[{"name":"School of Cybersecurity, Old Dominion University, Norfolk, VA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0447-3641","authenticated-orcid":false,"given":"Daniel","family":"Takabi","sequence":"additional","affiliation":[{"name":"School of Cybersecurity, Old Dominion University, Norfolk, VA, USA"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.06.005"},{"key":"ref2","first-page":"129","article-title":"An intrusion response taxonomy and its role in automatic intrusion response","volume-title":"Proc. IEEE Workshop Inf. Assurance Secur.","author":"Carver"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/EASE2008.8"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2015.03.007"},{"key":"ref5","volume-title":"Intrusion damage control and assessment: A taxonomy and implementation of automated responses to intrusive behavior","author":"Fisch","year":"1996"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/11610496_139"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1504\/ijics.2007.012248"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-35890-6_23"},{"issue":"1","key":"ref9","first-page":"1","article-title":"Intrusion response systems: Survey and taxonomy","volume":"12","author":"Shameli-Sendi","year":"2012","journal-title":"Int. J. Comput. Sci. Netw. Secur."},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.04.009"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2372251.2372257"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ICSMC.2000.884341"},{"key":"ref13","volume-title":"Network intrusion detection & response system","author":"Adetoye","year":"2003"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3431233"},{"key":"ref15","first-page":"3","article-title":"Response mechanisms for intrusion response systems (IRSS)","volume-title":"Proc. 5th Collaborative Res. Symp. Secur., E-Learning, Internet Netw.","author":"Anuar"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/ISSA.2010.5588654"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.3390\/a10020039"},{"key":"ref18","first-page":"195","article-title":"Response option for attacks detected by intrusion detection system","volume-title":"Proc. 4th Int. Conf. Softw. Eng. Comput. Syst. (ICSECS)","author":"Anwar"},{"issue":"4","key":"ref19","first-page":"281","article-title":"A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification","volume":"7","author":"Asosheh","year":"2008","journal-title":"WSEAS Trans. Comput."},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/RELDIS.1998.740533"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2019.2953364"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.14569\/IJACSA.2015.060601"},{"key":"ref23","article-title":"Intrusion response systems: Past, present and future","author":"Chouhan","year":"2023","journal-title":"arXiv:2303.03070"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1002\/nem.626"},{"key":"ref25","volume-title":"Automatic response to intrusion detection","author":"Eng","year":"2004"},{"key":"ref26","first-page":"149","article-title":"Automated intrusion response system: Surveys and analysis","volume-title":"Proc. Int. Conf. Secur. Manage. (SAM)","author":"Fessi"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/B978-012373566-9.50015-X"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-88771-5"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22277-2_16"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ICC40277.2020.9149083"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-68028-2_15"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/WI-IATW.2006.41"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/MUE.2007.81"},{"key":"ref34","volume-title":"Intrusion detection and response systems for mobile ad hoc networks","author":"Huang","year":"2006"},{"key":"ref35","volume-title":"Improving intrusion prevention, detection and response","author":"Ibrahim","year":"2011"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1007\/s13369-016-2400-3"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2015.12.006"},{"key":"ref38","first-page":"382","article-title":"Comparison and improvement of metrics for selecting intrusion response measures against DoS attacks","volume-title":"Proc. GI Sicherheit Conf.","author":"Jahnke"},{"issue":"2","key":"ref39","first-page":"84","article-title":"Research on intrusion detection and response: A survey","volume":"1","author":"Kabiri","year":"2005","journal-title":"Int. J. Netw. Secur."},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-74439-1_7"},{"key":"ref41","article-title":"Survey on vehicular ad hoc networks and its access technologies security vulnerabilities and countermeasures","author":"Kelarestaghi","year":"2019","journal-title":"arXiv:1903.01541"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11207-2_17"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3232848"},{"key":"ref44","article-title":"Using machine learning to guide automated intrusion response","author":"Lopes","year":"2020"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-32258-8_59"},{"key":"ref46","first-page":"522","article-title":"Intrusion detection and response to automated attacks","volume-title":"Proc. 7th Int. Conf. Enterprise Inf. Syst. (ICEIS)","author":"Maschino"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/ISTEL.2012.6483124"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/CSO.2010.30"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-020-03198-9"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2017.2781126"},{"key":"ref51","first-page":"1","article-title":"Developing attack defense ideas for ad hoc wireless networks","volume-title":"Proc. 2nd Int. Workshop Dependable Netw. Comput. Mobile Syst. (DNCMS)","author":"Oliveira"},{"key":"ref52","article-title":"Classifying and responding to network intrusions","author":"Papadaki","year":"2004"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45184-6_6"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2005.07.002"},{"issue":"1","key":"ref55","first-page":"90","article-title":"Enhancing response in intrusion detection systems","volume":"2","author":"Papadaki","year":"2003","journal-title":"J. Inf. Warfare"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2012.08.007"},{"issue":"10","key":"ref57","first-page":"479","article-title":"A survey on intrusion response mechanism for MANET routing attacks","volume":"2","author":"Rasha","year":"2012","journal-title":"Int. J. Emerg. Technol. Adv. Eng."},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/CONGRESS.2009.12"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/ICM.2011.363"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1108\/ics-07-2018-0084"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.2753\/mis0742-1222240110"},{"issue":"3","key":"ref62","first-page":"471","article-title":"Contextual fuzzy cognitive map for intrusion response system","volume":"2","author":"Zaghdoud","year":"2013","journal-title":"Int. J. Comput. Inf. Technol."},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2014.52003"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45248-5_8"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/CDC.2006.376981"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2013.03.012"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25349-2_115"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-012-0127-9"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2014.02.139"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2009.5202379"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2015.07.023"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/IAS.2007.67"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/CSSE.2008.1651"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-51966-1_5"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/CSP55486.2022.00031"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/FAS-W.2019.00047"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/CASoN.2012.6412406"},{"issue":"3","key":"ref78","first-page":"147","article-title":"An improved cost-sensitive intrusion response model","volume":"8","author":"Ikuomola","year":"2013","journal-title":"J. Inf. Assurance Secur."},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/CEEC.2010.5606485"},{"issue":"4","key":"ref80","first-page":"55","article-title":"FIRE: Fuzzy-logic based theoretic intrusion response and recovery engine","volume":"3","author":"Irugu","year":"2015","journal-title":"Int. J. Comput. Sci. Trends Technol."},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2007.45"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/NSS.2010.80"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1007\/s11704-019-8175-4"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15497-3_38"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1007\/s00607-016-0495-8"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1080\/01969722.2017.1319693"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/DSNW.2010.5542603"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.3233\/jcs-2002-101-202"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2018.8487417"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/AICCSA.2009.5069450"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-017-0573-5"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2009.07.079"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1108\/09685220610670396"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1145\/1852666.1852698"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1002\/sec.299"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1109\/IFITA.2010.271"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2000.821505"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2015.05.004"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2017.12.003"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1109\/PDCAT.2003.1236280"},{"issue":"6","key":"ref101","first-page":"471","article-title":"Analysis of decision making factors for automated intrusion response system (AIRS): A review","volume":"14","author":"Singh","year":"2016","journal-title":"Int. J. Comput. Sci. Inf. Secur."},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2019.102359"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.31274\/rtd-180813-16828"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1109\/AINA.2007.9"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.3233\/jcs-2011-0436"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/CSF51468.2021.00003"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.31274\/etd-180810-284"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2009.54"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1145\/1533057.1533112"},{"key":"ref110","article-title":"The methodology for evaluating response cost for intrusion response systems","author":"Strasburg","year":"2008"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1109\/compsac.2009.54"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1109\/WICOM.2009.5302494"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.1109\/ICINFA.2008.4608295"},{"key":"ref114","first-page":"95","article-title":"Adaptive intrusion response to minimize risk over multiple network attacks","volume":"19","author":"Tanachaiwiwat","year":"2002","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2002.1176302"},{"issue":"2","key":"ref116","first-page":"240","article-title":"Cost minimization model for an adaptive intrusion response system","volume":"3","author":"Toyin","year":"2012","journal-title":"Indian J. Comput. Sci. Eng."},{"key":"ref117","volume-title":"Loss-sensitive decision rules for intrusion detection and response","author":"Wang","year":"2004"},{"key":"ref118","volume-title":"Distributed and cooperative intrusion response models for mobile ad hoc networks","author":"Wang","year":"2008"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74320-0_7"},{"key":"ref120","first-page":"29","article-title":"Cost-benefit analysis for network intrusion detection systems","volume-title":"Proc. CSI 28th Annu. Comput. Secur. Conf.","author":"Wei"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/CSCWD.2008.4537074"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-93767-0_12"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2010.06.001"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1109\/icste.2010.5608747"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.03.005"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-8849-2_118"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.18297\/etd\/23"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1108\/imcs-02-2013-0007"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1002\/sec.896"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-31811-0_6"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-51966-1_4"},{"key":"ref132","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-007-0039-z"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-77265-3_6"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-31811-0_7"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/7235043"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1016\/s1571-0661(04)80336-0"},{"key":"ref137","doi-asserted-by":"crossref","first-page":"159","DOI":"10.2991\/978-94-91216-32-9","article-title":"A formal framework to specify and deploy reaction policies","volume-title":"Web-Based Information Technologies and Distributed Systems","volume":"2","author":"Gabillon","year":"2010"},{"key":"ref138","volume-title":"Support for automated passive host-based intrusion response","author":"Gehani","year":"2003"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2017.05.043"},{"key":"ref140","volume-title":"Incident handling systems with automated intrusion response","author":"Herold","year":"2017"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.1109\/ISSC49989.2020.9180198"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1109\/ICAC.2016.11"},{"key":"ref143","doi-asserted-by":"publisher","DOI":"10.1145\/3168446"},{"key":"ref144","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.03.018"},{"key":"ref145","first-page":"1","article-title":"High-performance intrusion response planning on many-core architectures","volume-title":"Proc. 25th Int. Conf. Comput. Commun. Netw. (ICCCN)","author":"Iannucci"},{"issue":"10","key":"ref146","first-page":"1","article-title":"RRE: Network intrusion detection and game-theoretic for response strategy for automated","volume":"3","author":"Jadhav","year":"2015","journal-title":"Int. J. Eng. Tech. Res."},{"key":"ref147","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2009.5355128"},{"key":"ref148","volume-title":"Incident prioritisation for intrusion response systems","author":"Jumaat","year":"2012"},{"key":"ref149","doi-asserted-by":"publisher","DOI":"10.1109\/CRISIS.2008.4757471"},{"key":"ref150","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89173-4_6"},{"key":"ref151","doi-asserted-by":"publisher","DOI":"10.1109\/CSE.2009.233"},{"key":"ref152","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_11"},{"key":"ref153","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45801-8_39"},{"key":"ref154","doi-asserted-by":"publisher","DOI":"10.1109\/CACWD.2004.1349044"},{"key":"ref155","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2001.932194"},{"key":"ref156","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101927"},{"key":"ref157","doi-asserted-by":"publisher","DOI":"10.1109\/tii.2018.2866445"},{"key":"ref158","doi-asserted-by":"publisher","DOI":"10.1007\/11903697_13"},{"key":"ref159","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2006.6"},{"key":"ref160","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88313-5_3"},{"key":"ref161","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2004.1382066"},{"key":"ref162","volume-title":"Intrusion detection & prevention mechanism for mobile ad hoc networks","author":"Nadeem","year":"2010"},{"key":"ref163","doi-asserted-by":"publisher","DOI":"10.1109\/CyberC.2014.16"},{"key":"ref164","doi-asserted-by":"publisher","DOI":"10.1016\/s1004-4132(08)60021-3"},{"key":"ref165","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2011.34"},{"key":"ref166","doi-asserted-by":"publisher","DOI":"10.1109\/ICACA.2016.7887940"},{"key":"ref167","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2022.102722"},{"key":"ref168","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-75444-2_29"},{"key":"ref169","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194872"},{"key":"ref170","doi-asserted-by":"publisher","DOI":"10.1109\/MERCon.2016.7480104"},{"key":"ref171","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2001.932192"},{"key":"ref172","first-page":"181","article-title":"Application of belief-desire-intention agents in intrusion detection & response","volume-title":"Proc. Ann. Conf. Privacy Secur. Trust (PST)","author":"Shajari"},{"key":"ref173","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2016.2615622"},{"key":"ref174","doi-asserted-by":"publisher","DOI":"10.1109\/access.2019.2912114"},{"key":"ref175","volume-title":"A trust-based model for collaborative intrusion response","author":"Singh","year":"2005"},{"key":"ref176","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2013.57"},{"key":"ref177","doi-asserted-by":"publisher","DOI":"10.1145\/2668332.2668351"},{"key":"ref178","doi-asserted-by":"publisher","DOI":"10.1109\/ICNC47757.2020.9049740"},{"issue":"1","key":"ref179","first-page":"50","article-title":"Tracing based active intrusion response","volume":"1","author":"Wang","year":"2001","journal-title":"J. Inf. Warfare"},{"key":"ref180","doi-asserted-by":"publisher","DOI":"10.1007\/0-306-46998-7_26"},{"key":"ref181","doi-asserted-by":"publisher","DOI":"10.1109\/ICIEA.2006.257117"},{"key":"ref182","doi-asserted-by":"publisher","DOI":"10.1109\/WI-IATW.2006.46"},{"key":"ref183","doi-asserted-by":"publisher","DOI":"10.1109\/ICINFA.2010.5512396"},{"key":"ref184","doi-asserted-by":"publisher","DOI":"10.1109\/CIMCA.2006.177"},{"key":"ref185","doi-asserted-by":"publisher","DOI":"10.1109\/tpds.2013.211"},{"key":"ref186","doi-asserted-by":"publisher","DOI":"10.1109\/tpds.2013.211"},{"key":"ref187","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194894"},{"key":"ref188","doi-asserted-by":"publisher","DOI":"10.4108\/eai.24-10-2018.2280575"},{"issue":"1","key":"ref189","first-page":"23","article-title":"Intrusion detection and response in ad hoc networks","volume":"15","author":"Mitrokotsa","year":"2007","journal-title":"Int. J. Comput. Res."},{"key":"ref190","article-title":"Towards an effective intrusion response engine combined with intrusion detection in ad hoc networks","author":"Mitrokotsa","year":"2008","journal-title":"arXiv:0807.2053"},{"key":"ref191","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2000.821509"},{"key":"ref192","first-page":"1","article-title":"Design of an intrusion response system using evolutionary computation","author":"Parti","year":"2003"},{"key":"ref193","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-49443-8_7"},{"key":"ref194","doi-asserted-by":"publisher","DOI":"10.5220\/0007359503190327"},{"key":"ref195","first-page":"185","article-title":"Automated response using system-call delay","volume-title":"Proc. 9th USENIX Secur. Symp.","author":"Somayaji"},{"key":"ref196","doi-asserted-by":"publisher","DOI":"10.1007\/11428848_77"},{"key":"ref197","article-title":"A distributed autonomous-agent network-intrusion detection and response system","author":"Barrus","year":"1988"},{"issue":"12","key":"ref198","first-page":"151","article-title":"Intrusion intention recognition and response based on weighed plan knowledge graph","volume":"18","author":"Cai","year":"2014","journal-title":"Comput. Model. New Technol."},{"key":"ref199","first-page":"355","article-title":"Attacks against process control systems: Risk assessment, detection, and response","volume-title":"Proc. 6th ACM Symp. Inf., Comput. Commun. Secur.","author":"C\u00e1rdenas"},{"key":"ref200","doi-asserted-by":"publisher","DOI":"10.1007\/bf03219974"},{"key":"ref201","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2004.1310733"},{"key":"ref202","doi-asserted-by":"publisher","DOI":"10.1109\/PDP2018.2018.00081"},{"key":"ref203","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNMC.2001.962615"},{"key":"ref204","doi-asserted-by":"publisher","DOI":"10.5220\/0007715201480158"},{"key":"ref205","doi-asserted-by":"publisher","DOI":"10.1142\/9789812836243_0013"},{"key":"ref206","doi-asserted-by":"publisher","DOI":"10.1109\/ICNSC.2008.4525297"},{"key":"ref207","article-title":"Proactive intrusion prevention and response via attack graphs","author":"Noel","year":"2009","journal-title":"Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century"},{"key":"ref208","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-15-8677-4_45"},{"key":"ref209","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/179839"},{"key":"ref210","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSACW.2010.57"},{"key":"ref211","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2007.49"},{"key":"ref212","doi-asserted-by":"publisher","DOI":"10.1109\/tnet.2021.3137084"},{"key":"ref213","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30207-0_55"},{"key":"ref214","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.06.002"},{"key":"ref215","doi-asserted-by":"publisher","DOI":"10.1145\/3548636.3548649"},{"key":"ref216","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2019.8763840"},{"key":"ref217","first-page":"1","article-title":"An intrusion response scheme: Tracking the alert source using a stigmergy paradigm","volume-title":"Proc. 2nd Int. Workshop Secur. Mobile Multiagent Syst.","author":"Foukia"},{"issue":"10","key":"ref218","first-page":"62","article-title":"Network-based hybrid intrusion detection and honeysystems as active reaction schemes","volume":"7","author":"Garc\u00eda-Teodoro","year":"2007","journal-title":"Int. J. Comput. Sci. Netw. Secur."},{"key":"ref219","doi-asserted-by":"publisher","DOI":"10.21090\/ijaerd.30895"},{"key":"ref220","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2006.258818"},{"key":"ref221","first-page":"153","article-title":"Combining multiple intrusion detection and response technologies in an active networking based architecture","volume-title":"Proc. Secur., E-Learn., E-Services, DFN-Arbeitstagung \\\"Uber Kommunikationsnetze","author":"Hess"},{"key":"ref222","doi-asserted-by":"publisher","DOI":"10.1109\/ICNSC.2004.1297138"},{"key":"ref223","doi-asserted-by":"publisher","DOI":"10.1109\/ICICTA.2009.92"},{"key":"ref224","doi-asserted-by":"publisher","DOI":"10.1109\/SMCSIA.2003.1232403"},{"key":"ref225","first-page":"1","article-title":"Ontology approach to construction of response and management console subsystems for intrusion handling systems in wireless LANs","volume-title":"Proc. World Congr. Eng.","author":"Salekzamankhani"},{"issue":"5","key":"ref226","first-page":"75","article-title":"Network intrusion detection and response system for mobile ad hoc networks","volume":"2","author":"Sawant","year":"2013","journal-title":"Int. J. Adv. Trends Comput. Sci. Eng."},{"key":"ref227","doi-asserted-by":"publisher","DOI":"10.1145\/1593105.1593162"},{"key":"ref228","doi-asserted-by":"publisher","DOI":"10.1109\/SECON.2008.4494264"},{"key":"ref229","doi-asserted-by":"publisher","DOI":"10.1109\/ITCS.2010.41"},{"key":"ref230","doi-asserted-by":"publisher","DOI":"10.1002\/9781119723950.ch20"},{"issue":"1","key":"ref231","first-page":"1","article-title":"Design of an active security multi-agent intrusion detection system","volume":"3","author":"Zaki","year":"2004","journal-title":"Asian J. Inf. Technol."},{"key":"ref232","article-title":"Applying mobile agents technology to intrusion detection and response","author":"Meng","year":"2004"},{"key":"ref233","doi-asserted-by":"publisher","DOI":"10.1016\/j.softx.2022.101120"},{"key":"ref234","first-page":"110","article-title":"A methodology for using intelligent agents to provide automated intrusion response","volume-title":"Proc. IEEE Syst., Man, Cybern. Inf. Assurance Secur. Workshop","author":"Carver"},{"key":"ref235","first-page":"5","article-title":"Limiting uncertainty in intrusion response","volume-title":"Proc. IEEE Workshop Inf. Assurance Secur.","author":"Carver"},{"key":"ref236","volume-title":"Adaptive agent-based intrusion response","author":"Carver","year":"2001"},{"key":"ref237","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2005.17"},{"key":"ref238","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-31956-6_29"},{"issue":"15","key":"ref239","first-page":"30","article-title":"Risk aware intrusion detection and response mechanism for MANET","volume":"112","author":"Hajari","year":"2015","journal-title":"Int. J. Comput. Appl."},{"key":"ref240","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2023.3293413"},{"key":"ref241","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2003.1214281"},{"key":"ref242","article-title":"Neural networks applied to the learning process of automated intrusion response systems","author":"Holgado"},{"key":"ref243","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103150"},{"key":"ref244","volume-title":"ARROS: Distributed adaptive real-time network intrusion response","author":"Karunanidhi","year":"2006"},{"key":"ref245","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2010.11"},{"key":"ref246","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-16626-6_11"},{"key":"ref247","doi-asserted-by":"publisher","DOI":"10.1109\/DSC.2017.9"},{"key":"ref248","doi-asserted-by":"publisher","DOI":"10.1002\/sec.730"},{"key":"ref249","volume-title":"Distributed reinforcement learning for network intrusion response","author":"Malialis","year":"2014"},{"key":"ref250","doi-asserted-by":"publisher","DOI":"10.1080\/09540091.2015.1031082"},{"key":"ref251","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2012.06.001"},{"key":"ref252","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2013.08.017"},{"key":"ref253","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS54207.2022.9789835"},{"key":"ref254","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2000.898853"},{"key":"ref255","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2022.3158468"},{"key":"ref256","doi-asserted-by":"publisher","DOI":"10.56801\/rebicte.v7i.116"},{"key":"ref257","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-87013-3_40"},{"key":"ref258","doi-asserted-by":"publisher","DOI":"10.1155\/2013\/134760"},{"key":"ref259","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-28031-8_9"},{"issue":"4","key":"ref260","first-page":"262","article-title":"Off-policy Q-learning technique for intrusion response in network security","volume":"12","author":"Stefanova","year":"2018","journal-title":"Int. J. Comput. Inf. Eng."},{"key":"ref261","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2020.3015042"},{"key":"ref262","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2006.09.006"},{"key":"ref263","article-title":"ADEPTS: Adaptive intrusion containment and response using attack graphs in an e-commerce environment","author":"Wu","year":"2003"},{"key":"ref264","article-title":"The search for optimality in online intrusion response for a distributed e-commerce system","author":"Wu","year":"2007"},{"key":"ref265","doi-asserted-by":"publisher","DOI":"10.1109\/SRDS.2008.25"},{"key":"ref266","doi-asserted-by":"publisher","DOI":"10.1109\/KAMW.2008.4810553"},{"key":"ref267","first-page":"1","article-title":"Intrusion response decision-making method based on reinforcement learning","volume-title":"Proc. Int. Conf. Commun. Netw. Artif. Intell. (CNAI)","author":"Yang"},{"key":"ref268","doi-asserted-by":"publisher","DOI":"10.1109\/CNDS.2011.5764552"},{"key":"ref269","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4020-6270-4_42"},{"key":"ref270","doi-asserted-by":"publisher","DOI":"10.1145\/3494524"},{"key":"ref271","doi-asserted-by":"publisher","DOI":"10.1145\/1082473.1082513"},{"key":"ref272","doi-asserted-by":"publisher","DOI":"10.1109\/ecrime.2010.5706699"},{"key":"ref273","doi-asserted-by":"publisher","DOI":"10.1109\/SecTech.2008.53"},{"key":"ref274","doi-asserted-by":"publisher","DOI":"10.1109\/ECUMN.2002.1002103"},{"key":"ref275","doi-asserted-by":"publisher","DOI":"10.1109\/twc.2009.070536"},{"key":"ref276","doi-asserted-by":"publisher","DOI":"10.1016\/j.anucene.2021.108725"},{"key":"ref277","doi-asserted-by":"publisher","DOI":"10.1109\/ICHIT.2008.235"},{"key":"ref278","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102939"},{"key":"ref279","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2017.2701549"},{"key":"ref280","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1153"},{"key":"ref281","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCIS48478.2019.8974523"},{"key":"ref282","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.2019.8888399"},{"key":"ref283","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74481-8_15"},{"key":"ref284","doi-asserted-by":"publisher","DOI":"10.1109\/WCNC.2004.1311303"},{"key":"ref285","doi-asserted-by":"publisher","DOI":"10.1109\/WiSPNET.2016.7566473"},{"key":"ref286","doi-asserted-by":"publisher","DOI":"10.1109\/ICN.2007.92"},{"key":"ref287","doi-asserted-by":"publisher","DOI":"10.1109\/ETCS.2009.255"},{"key":"ref288","volume-title":"RSU-based intrusion detection and autonomous intersection response systems","author":"Yurkovich","year":"2022"},{"key":"ref289","doi-asserted-by":"publisher","DOI":"10.4108\/icst.collaboratecom.2010.46"},{"key":"ref290","volume-title":"Conference Ranks: Lookup the Rank of Your Conference"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10380310\/10479510.pdf?arnumber=10479510","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,3]],"date-time":"2024-04-03T17:50:29Z","timestamp":1712166629000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10479510\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":290,"URL":"https:\/\/doi.org\/10.1109\/access.2024.3381998","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}