{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T06:20:11Z","timestamp":1763533211353,"version":"3.45.0"},"reference-count":90,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"11","license":[{"start":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T00:00:00Z","timestamp":1761955200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T00:00:00Z","timestamp":1761955200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T00:00:00Z","timestamp":1761955200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001602","name":"Science Foundation Ireland","doi-asserted-by":"publisher","award":["13\/RC\/2094 P2"],"award-info":[{"award-number":["13\/RC\/2094 P2"]}],"id":[{"id":"10.13039\/501100001602","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2025,11]]},"DOI":"10.1109\/tse.2025.3610540","type":"journal-article","created":{"date-parts":[[2025,9,18]],"date-time":"2025-09-18T17:46:01Z","timestamp":1758217561000},"page":"3117-3137","source":"Crossref","is-referenced-by-count":0,"title":["Diagnosing Unknown Attacks in Smart Homes Using Abductive Reasoning"],"prefix":"10.1109","volume":"51","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5542-5055","authenticated-orcid":false,"given":"Kushal","family":"Ramkumar","sequence":"first","affiliation":[{"name":"Lero—the Science Foundation Ireland Research Centre for Software, University College Dublin, Dublin, Ireland"}]},{"given":"Wanling","family":"Cai","sequence":"additional","affiliation":[{"name":"Lero—the Science Foundation Ireland Research Centre for Software, Trinity College Dublin, Dublin, Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2878-1921","authenticated-orcid":false,"given":"John","family":"McCarthy","sequence":"additional","affiliation":[{"name":"Lero—the Science Foundation Ireland Research Centre for Software, University College Cork, Cork, Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9617-7008","authenticated-orcid":false,"given":"Gavin","family":"Doherty","sequence":"additional","affiliation":[{"name":"Lero—the Science Foundation Ireland Research Centre for Software, Trinity College Dublin, Dublin, Ireland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3476-053X","authenticated-orcid":false,"given":"Bashar","family":"Nuseibeh","sequence":"additional","affiliation":[{"name":"The Open University, Milton Keynes, U.K."}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9673-3054","authenticated-orcid":false,"given":"Liliana","family":"Pasquale","sequence":"additional","affiliation":[{"name":"Lero—the Science Foundation Ireland Research Centre for Software, University College Dublin, Dublin, Ireland"}]}],"member":"263","reference":[{"year":"2022","key":"ref1","article-title":"Check Point 2022 Security Report"},{"article-title":"Google Project Zero, \u201cThe More You Know, The More You Know You Don\u2019t Know","year":"2022","author":"Stone","key":"ref2"},{"article-title":"Zero Tolerance: More Zero-Days Exploited in 2021 Than Ever Before","year":"2022","author":"Sadowski","key":"ref3"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2994475.2994484"},{"article-title":"Sustainable adaptive security","year":"2023","author":"Pasquale","key":"ref5"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2542049"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2012.01.016"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103309"},{"year":"2025","key":"ref9","article-title":"A new threat detection model that closes the cybersecurity gap"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/BF00849080"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45619-8_3"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-61033-7_6"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/s10489-018-1171-9"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-023-10437-z"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TPSISA52974.2021.00030"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOMW.2017.8116427"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.3390\/s23135941"},{"article-title":"IoT-23: A labeled dataset with malicious and benign IoT network traffic (Version 1.0.0)","year":"2020","author":"Garcia","key":"ref18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3204171"},{"key":"ref20","first-page":"65","article-title":"End user security and privacy concerns with smart homes","volume-title":"Proc. 13th Symp. Usable Privacy Secur. (SOUPS)","author":"Zeng","year":"2017"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.07.011"},{"key":"ref22","article-title":"Security and resilience of smart home environments: Good practices and recommendations","author":"L\u00e9vy-Bencheton","year":"2015","journal-title":"Publications Office Eur. Union"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"year":"2021","key":"ref24","article-title":"Cisco Security Advisory"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/CDC.2014.7039487"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/TIE.2017.2772190"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/TASE.2021.3073396"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2017.36"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3024800"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/TSUSC.2019.2906657"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3100755"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.3047675"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-019-0084-4"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346821"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/s10115-017-1058-9"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/3230833.3230835"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM41043.2020.9155278"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103196"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom\/BigDataSE.2018.00086"},{"key":"ref40","first-page":"4301","article-title":"Argus:context-based detection of stealthy IoT infiltration attacks","volume-title":"Proc. 32nd USENIX Secur. Symp. (USENIX Secur.)","author":"Rieger","year":"2023"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382284"},{"year":"2023","key":"ref42","article-title":"Guide to Operational Technology (OT) Security"},{"year":"2024","key":"ref43","article-title":"Diving deep into data analytics and its importance in cybersecurity"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2019.2939192"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10161914"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2019.2943304"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2022.3194813"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3042049"},{"year":"2012","key":"ref49","article-title":"Guide for conducting risk assessments, special publication 800-30"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/HPCC-DSS-SmartCity-DependSys53884.2021.00244"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.3390\/s22031154"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2022.06.039"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.3390\/s22072798"},{"key":"ref54","article-title":"Detection of adversarial attacks in AI-based intrusion detection systems using explainable AI","volume":"11","author":"Tcydenova","year":"2021","journal-title":"Human-Centric Comput Inform Sci."},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/WETICE53228.2021.00030"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/3374664.3375730"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/2043174.2043195"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106308"},{"year":"2023","key":"ref59","article-title":"What is Root Cause Analysis (RCA)?"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/3317549.3323409"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-015-0229-z"},{"article-title":"Threat modeling process","year":"2024","author":"Conklin","key":"ref62"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2012.6345794"},{"volume-title":"Security in Computing","year":"2015","author":"Margulies","key":"ref64"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70754"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.5555\/1953048.2078195"},{"article-title":"How to Select Support Vector Machine Kernels","year":"2016","author":"Raschka","key":"ref67"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/342009.335388"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1145\/3371425.3371427"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-25465-X_7"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.2307\/2290763"},{"article-title":"Measures of variability and z-scores. Why, when and how to use them?","year":"2020","author":"Spanache","key":"ref72"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2017.2694426"},{"year":"2024","key":"ref74","article-title":"IP\/domain reputation check"},{"article-title":"The Cyber Kill Chain","year":"2024","author":"Martin","key":"ref75"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.2997779"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM41043.2020.9155483"},{"year":"2024","key":"ref78","article-title":"Ways to Build Local Home SDK"},{"year":"2024","key":"ref79","article-title":"Alexa Commissionable Interface"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103283"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1109\/MilCIS.2015.7348942"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3165809"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.3390\/s20226600"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1016\/j.ipm.2009.03.002"},{"article-title":"A Gentle Introduction to k-fold Cross-Validation","year":"2023","author":"Brownlee","key":"ref85"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/TAI.2021.3133846"},{"key":"ref87","first-page":"505","article-title":"How risky are real users\u2019 $\\{${IFTTT$\\}$} applets?","volume-title":"Proc. 16th Symp. Usable Privacy Secur. (SOUPS)","author":"Cobb","year":"2020"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1007\/s00779-023-01774-5"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1007\/s10111-005-0011-y"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2024.3429888"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/32\/11251265\/11170413.pdf?arnumber=11170413","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T06:15:58Z","timestamp":1763532958000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11170413\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11]]},"references-count":90,"journal-issue":{"issue":"11"},"URL":"https:\/\/doi.org\/10.1109\/tse.2025.3610540","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"type":"print","value":"0098-5589"},{"type":"electronic","value":"1939-3520"},{"type":"electronic","value":"2326-3881"}],"subject":[],"published":{"date-parts":[[2025,11]]}}}