{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,10]],"date-time":"2025-12-10T08:55:46Z","timestamp":1765356946586,"version":"3.37.3"},"reference-count":39,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2022,3,1]],"date-time":"2022-03-01T00:00:00Z","timestamp":1646092800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,3,1]],"date-time":"2022-03-01T00:00:00Z","timestamp":1646092800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,3,1]],"date-time":"2022-03-01T00:00:00Z","timestamp":1646092800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Netw. Serv. Manage."],"published-print":{"date-parts":[[2022,3]]},"DOI":"10.1109\/tnsm.2021.3091517","type":"journal-article","created":{"date-parts":[[2021,6,22]],"date-time":"2021-06-22T19:47:41Z","timestamp":1624391261000},"page":"582-600","source":"Crossref","is-referenced-by-count":33,"title":["Practical Intrusion Detection of Emerging Threats"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2705-591X","authenticated-orcid":false,"given":"Ryan","family":"Mills","sequence":"first","affiliation":[{"name":"School of Computing and Communications, Lancaster University, Lancaster, U.K."}]},{"given":"Angelos K.","family":"Marnerides","sequence":"additional","affiliation":[{"name":"School of Computing Science, University of Glasgow, Glasgow, U.K."}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7029-6893","authenticated-orcid":false,"given":"Matthew","family":"Broadbent","sequence":"additional","affiliation":[{"name":"School of Computing and Communications, Lancaster University, Lancaster, U.K."}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6870-8078","authenticated-orcid":false,"given":"Nicholas","family":"Race","sequence":"additional","affiliation":[{"name":"School of Computing and Communications, Lancaster University, Lancaster, U.K."}]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1016\/0377-0427(87)90125-7"},{"key":"ref38","first-page":"397","article-title":"Study and evaluation of unsupervised algorithms used in network anomaly detection","author":"dromard","year":"2019","journal-title":"Proc Future Tech Conf (FTC)"},{"key":"ref33","article-title":"Clustering-based real-time anomaly detection—A breakthrough in big data technologies","author":"habeeb","year":"0","journal-title":"Trans Emerg Telecommun Technol"},{"key":"ref32","first-page":"397","author":"dromard","year":"2020","journal-title":"Study and Evaluation of Unsupervised Algorithms Used in Network Anomaly Detection"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2018.8406212"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.06.005"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.13052\/jsn2445-9739.2017.009"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.05.011"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.12.012"},{"journal-title":"Fujitsu white paper Cyber threat lab","year":"2019","author":"marnerides","key":"ref34"},{"key":"ref10","first-page":"492","article-title":"Review on efficient log analysis to evaluate multiple honeypots using ELK","volume":"2","author":"yahya","year":"2016","journal-title":"Int J Adv Res Innov Ideas Edu"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-019-0038-7"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2010.032210.00054"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2011.07.001"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/MilCIS.2015.7348942"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-017-0630-0"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.5220\/0006639801080116"},{"key":"ref17","first-page":"1","article-title":"Network intrusion detection: Half a kingdom for a good dataset","author":"ma?owidzki","year":"2015","journal-title":"Proc NATO STO SAS-139 Workshop"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.05.009"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32129-0_34"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/IWQoS.2018.8624141"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1978672.1978676"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/1401890.1401958"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1186\/s40537-015-0013-4"},{"journal-title":"Unified Host and Network Dataset","year":"2018","key":"ref6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2988691"},{"article-title":"A database of computer attacks for the evaluation of intrusion detection systems","year":"1999","author":"kendall","key":"ref5"},{"key":"ref8","first-page":"40","article-title":"Are we missing labels? a study of the availability of ground-truth in network security research","author":"abt","year":"2016","journal-title":"Proc 3rd Int Workshop Build Anal Datasets Gathering Exp Returns Security (BADGERS)"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.03.001"},{"key":"ref9","first-page":"203","article-title":"A survey on potential applications of honeypot technology in intrusion detection systems","volume":"2","author":"baykara","year":"2015","journal-title":"Int J Comput Netw Appl"},{"journal-title":"A Taxonomy and Survey of Intrusion Detection System Design Techniques Network Threats and Datasets","year":"2018","author":"hindy","key":"ref1"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/11553595_6"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/CISDA.2009.5356528"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/382912.382923"},{"key":"ref24","first-page":"39","author":"sperotto","year":"2009","journal-title":"A Labeled Data Set for Flow-Based Intrusion Detection"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/1921168.1921179"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2012.02.012"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2014.17"}],"container-title":["IEEE Transactions on Network and Service Management"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/4275028\/9732399\/09462355.pdf?arnumber=9462355","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,18]],"date-time":"2022-07-18T20:24:34Z","timestamp":1658175874000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9462355\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3]]},"references-count":39,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/tnsm.2021.3091517","relation":{},"ISSN":["1932-4537","2373-7379"],"issn-type":[{"type":"electronic","value":"1932-4537"},{"type":"electronic","value":"2373-7379"}],"subject":[],"published":{"date-parts":[[2022,3]]}}}