{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T16:02:28Z","timestamp":1780588948579,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":126,"publisher":"ACM","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/legalcode"}],"funder":[{"name":"Hilti","award":["NA"],"award-info":[{"award-number":["NA"]}]},{"name":"Belgian SPF BOSA","award":["06.40.32.33.00.10"],"award-info":[{"award-number":["06.40.32.33.00.10"]}]},{"name":"Research Foundation \u2013 Flanders","award":["V450224N"],"award-info":[{"award-number":["V450224N"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1145\/3779208.3807482","type":"proceedings-article","created":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:21:58Z","timestamp":1780586518000},"page":"1043-1059","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["\u201cWhat is the Problem Space?\u201d Defining Host-space Adversarial Perturbations against Network Intrusion Detection Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1781-900X","authenticated-orcid":false,"given":"Miel","family":"Verkerken","sequence":"first","affiliation":[{"name":"Ghent University - imec, Ghent, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5086-6361","authenticated-orcid":false,"given":"Laurens","family":"D'hooge","sequence":"additional","affiliation":[{"name":"Ghent University - imec, Ghent, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0575-5894","authenticated-orcid":false,"given":"Bruno","family":"Volckaert","sequence":"additional","affiliation":[{"name":"Ghent University - imec, Ghent, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4824-1199","authenticated-orcid":false,"given":"Filip","family":"De Turck","sequence":"additional","affiliation":[{"name":"Ghent University - imec, Ghent, Belgium"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6890-9611","authenticated-orcid":false,"given":"Giovanni","family":"Apruzzese","sequence":"additional","affiliation":[{"name":"University of Liechtenstein, Vaduz, Liechtenstein and Reykjavik University, Reykjavik, Iceland"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2026,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2014. Wfuzz. https:\/\/github.com\/xmendez\/wfuzz."},{"key":"e_1_3_2_1_2_1","unstructured":"2015. DDoS Slowloris. https:\/\/github.com\/gkbrk\/slowloris."},{"key":"e_1_3_2_1_3_1","unstructured":"2015. Medusa. https:\/\/github.com\/jmk-foofus\/medusa."},{"key":"e_1_3_2_1_4_1","unstructured":"2016. Hydra. https:\/\/github.com\/vanhauser-thc\/thc-hydra."},{"key":"e_1_3_2_1_5_1","unstructured":"2016. patator. https:\/\/github.com\/lanjelot\/patator."},{"key":"e_1_3_2_1_6_1","unstructured":"2026. Our Repo. https:\/\/github.com\/idlab-discover\/HsP."},{"key":"e_1_3_2_1_7_1","volume-title":"Gadot: Gan-based adversarial training for robust ddos attack detection","author":"Abdelaty Maged","year":"2021","unstructured":"Maged Abdelaty, Sandra Scott-Hayward, Roberto Doriguzzi-Corin, and Domenico Siracusa. 2021. Gadot: Gan-based adversarial training for robust ddos attack detection. In IEEE CNS."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/NFV-SDN47374.2019.9040101"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103251"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2925929"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-019-04557-3"},{"key":"e_1_3_2_1_12_1","volume-title":"Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations. ACM Distributed Ledger Technologies: Research and Practice","author":"Alghuried Ahod","year":"2025","unstructured":"Ahod Alghuried, Ali Alkinoon, Abdulaziz Alghamdi, Soohyeon Choi, Manar Mohaisen, and David Mohaisen. 2025. Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations. ACM Distributed Ledger Technologies: Research and Practice (2025)."},{"key":"e_1_3_2_1_13_1","unstructured":"Abdulellah Alsaheel Yuhong Nan Shiqing Ma Le Yu Gregory Walkup Z Berkay Celik Xiangyu Zhang and Dongyan Xu. 2021. ATLAS A sequence-based learning approach for attack investigation. In USENIX SEC."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Giovanni Apruzzese Hyrum S Anderson Savino Dambra David Freeman Fabio Pierazzi and Kevin Roundy. 2023. \u201cReal Attackers Don't Compute Gradients\u201d: Bridging the Gap Between Adversarial ML Research and Practice. In SaTML.","DOI":"10.1109\/SaTML54575.2023.00031"},{"key":"e_1_3_2_1_15_1","volume-title":"Modeling realistic adversarial attacks against network intrusion detection systems. ACM Digital Threats: Research and Practice","author":"Apruzzese Giovanni","year":"2021","unstructured":"Giovanni Apruzzese, Mauro Andreolini, Luca Ferretti, Mirco Marchetti, and Michele Colajanni. 2021. Modeling realistic adversarial attacks against network intrusion detection systems. ACM Digital Threats: Research and Practice (2021)."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2018.8548327"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3567980"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3689932.3694757"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP57164.2023.00042"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"Giovanni Apruzzese Pavel Laskov and Aliya Tastemirova. 2022. SoK: The impact of unlabelled data in cyberthreat detection. In EuroS&P.","DOI":"10.1109\/EuroSP53844.2022.00010"},{"key":"e_1_3_2_1_21_1","unstructured":"Daniel Arp Erwin Quiring Feargus Pendlebury Alexander Warnecke Fabio Pierazzi Christian Wressnegger Lorenzo Cavallaro and Konrad Rieck. 2022. Dos and don'ts of machine learning in computer security. In USENIX Security."},{"key":"e_1_3_2_1_22_1","volume-title":"Drebin: Effective and explainable detection of android malware in your pocket. In NDSS.","author":"Arp Daniel","year":"2014","unstructured":"Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, and CERT Siemens. 2014. Drebin: Effective and explainable detection of android malware in your pocket. In NDSS."},{"key":"e_1_3_2_1_23_1","volume-title":"Mohammad A Salahuddin, Noura Limam, and Raouf Boutaba.","author":"Bai Tim","year":"2019","unstructured":"Tim Bai, Haibo Bian, Abbas Abou Daya, Mohammad A Salahuddin, Noura Limam, and Raouf Boutaba. 2019. A machine learning approach for RDP-based lateral movement detection. In IEEE LCN."},{"key":"e_1_3_2_1_24_1","volume-title":"P4control: Line-rate cross-host attack prevention via in-network information flow control enabled by programmable switches and ebpf","author":"Bajaber Osama","unstructured":"Osama Bajaber, Bo Ji, and Peng Gao. 2024. P4control: Line-rate cross-host attack prevention via in-network information flow control enabled by programmable switches and ebpf. In IEEE S&P."},{"key":"e_1_3_2_1_25_1","volume-title":"Fernando MV Ramos, and Andr\u00e9 Madeira","author":"Barradas Diogo","year":"2021","unstructured":"Diogo Barradas, Nuno Santos, Lu\u00eds Rodrigues, Salvatore Signorello, Fernando MV Ramos, and Andr\u00e9 Madeira. 2021. FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications. In NDSS."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP60621.2024.00010"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"crossref","unstructured":"Battista Biggio Igino Corona Davide Maiorca Blaine Nelson Nedim \u0160rndi\u0107 Pavel Laskov Giorgio Giacinto and Fabio Roli. 2013. Evasion attacks against machine learning at test time. In ECML PKDD.","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3264418"},{"key":"e_1_3_2_1_29_1","unstructured":"Philippe Biondi. 2025. Scapy. https:\/\/scapy.readthedocs.io\/en\/latest\/."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN65610.2025.11146065"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2379616.2379619"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"Marta Catillo Antonio Pecchia Antonio Repola and Umberto Villano. 2024. Towards realistic problem-space adversarial attacks against machine learning in network intrusion detection. In ARES.","DOI":"10.1145\/3664476.3669974"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.14722\/vehiclesec.2024.23056"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00005"},{"key":"e_1_3_2_1_35_1","volume-title":"Machine learning security against data poisoning: Are we there yet? Computer","author":"Cin\u00e0 Antonio Emanuele","year":"2024","unstructured":"Antonio Emanuele Cin\u00e0, Kathrin Grosse, Ambra Demontis, Battista Biggio, Fabio Roli, and Marcello Pelillo. 2024. Machine learning security against data poisoning: Are we there yet? Computer (2024)."},{"key":"e_1_3_2_1_36_1","unstructured":"CloudFlare. 2020. One more (Zero Trust) thing: Cloudflare Intrusion Detection System. https:\/\/blog.cloudflare.com\/one-more-zero-trust-thing-cloudflare-intrusion-detection\/."},{"key":"e_1_3_2_1_37_1","unstructured":"Cloud Flare. 2024. DDoS threat report for 2023 Q4. Technical Report. CloudFlare. https:\/\/blog.cloudflare.com\/ddos-threat-report-2023-q4\/"},{"key":"e_1_3_2_1_38_1","volume-title":"SANS 2025 SOC Survey. Technical Report. SANS Research Program. https:\/\/www.sans.org\/white-papers\/sans-2025-soc-survey","author":"Crowley Christopher","year":"2025","unstructured":"Christopher Crowley. 2025. SANS 2025 SOC Survey. Technical Report. SANS Research Program. https:\/\/www.sans.org\/white-papers\/sans-2025-soc-survey"},{"key":"e_1_3_2_1_39_1","volume-title":"SOC Report","author":"Insiders Cybersecurity","year":"2025","unstructured":"Cybersecurity Insiders. 2025. Pulse of the AI SOC Report 2025. https:\/\/www.cybersecurity-insiders.com\/pulse-of-the-ai-soc-report-2025-from-alert-fatigue-to-actionable-intelligence-how-ai-is-reshaping-detection-response-and-analyst-confidence\/."},{"key":"e_1_3_2_1_40_1","unstructured":"Darktrace. 2018. How Darktrace Finds \u2018Low and Slow\u2019 Cyber Threats. https:\/\/www.darktrace.com\/blog\/flying-under-the-radar-how-darktrace-detects-low-and-slow-cyber-attacks."},{"key":"e_1_3_2_1_41_1","volume-title":"Towards a taxonomy of intrusion-detection systems. Computer networks 31, 8","author":"Debar Herv\u00e9","year":"1999","unstructured":"Herv\u00e9 Debar, Marc Dacier, and Andreas Wespi. 1999. Towards a taxonomy of intrusion-detection systems. Computer networks 31, 8 (1999), 805\u2013822."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"crossref","unstructured":"Herv\u00e9 Debar Marc Dacier and Andreas Wespi. 2000. A revised taxonomy for intrusion-detection systems. In Annales des T\u00e9l\u00e9communications.","DOI":"10.1007\/BF02994844"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_44_1","volume-title":"Sabre: Cutting through Adversarial Noise with Adaptive Spectral Filtering and Input Reconstruction","author":"Diallo Alec F","year":"2024","unstructured":"Alec F Diallo and Paul Patras. 2024. Sabre: Cutting through Adversarial Noise with Adaptive Spectral Filtering and Input Reconstruction. In IEEE S&P."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2018.00013"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Laurens D'hooge Miel Verkerken Bruno Volckaert Tim Wauters and Filip De Turck. 2022. Establishing the contaminating effect of metadata feature inclusion in machine-learned network intrusion detection models. In DIMVA.","DOI":"10.1007\/978-3-031-09484-2_2"},{"key":"e_1_3_2_1_47_1","volume-title":"A novel perturb-ability score to mitigate evasion adversarial attacks on flow-based ML-NIDS. JISA","author":"ElShehaby Mohamed","year":"2026","unstructured":"Mohamed ElShehaby and Ashraf Matrawy. 2026. A novel perturb-ability score to mitigate evasion adversarial attacks on flow-based ML-NIDS. JISA (2026)."},{"key":"e_1_3_2_1_48_1","volume-title":"Troubleshooting an intrusion detection dataset: the CICIDS2017 case study","author":"Engelen Gints","unstructured":"Gints Engelen, Vera Rimmer, and Wouter Joosen. 2021. Troubleshooting an intrusion detection dataset: the CICIDS2017 case study. In IEEE SPW."},{"key":"e_1_3_2_1_49_1","unstructured":"ENISA. 2023. Enisa Threat Landscape. Technical Report. ENISA. https:\/\/www.enisa.europa.eu\/topics\/cyber-threats\/threats-and-trends"},{"key":"e_1_3_2_1_50_1","volume-title":"On Practical Realization of Evasion Attacks for Industrial Control Systems. In RICSS Workshop.","author":"Erba Alessandro","year":"2023","unstructured":"Alessandro Erba, Andres F Murillo, Riccardo Taormina, Stefano Galelli, and Nils Ole Tippenhauer. 2023. On Practical Realization of Evasion Attacks for Industrial Control Systems. In RICSS Workshop."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427660"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00175"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP60621.2024.00042"},{"key":"e_1_3_2_1_54_1","unstructured":"Chuanpu Fu Qi Li Meng Shen and Ke Xu. 2021. Realtime robust malicious traffic detection via frequency domain analysis. In ACM CCS."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2096149.2096156"},{"key":"e_1_3_2_1_56_1","unstructured":"Sebasti\u00e1n Garc\u00eda Alejandro Zunino and Marcelo Campo. 2014. Survey on network-based botnet detection methods. Secur. and Commun. Netw. (2014)."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC47002.2019.00056"},{"key":"e_1_3_2_1_58_1","volume-title":"Deepaid: Interpreting and improving deep learning-based anomaly detection in security applications. In ACM CCS.","author":"Han Dongqi","year":"2021","unstructured":"Dongqi Han, Zhiliang Wang, Wenqi Chen, Ying Zhong, Su Wang, Han Zhang, Jiahai Yang, Xingang Shi, and Xia Yin. 2021. Deepaid: Interpreting and improving deep learning-based anomaly detection in security applications. In ACM CCS."},{"key":"e_1_3_2_1_59_1","volume-title":"Evaluating and improving adversarial robustness of machine learning-based network intrusion detectors. JSAC","author":"Han Dongqi","year":"2021","unstructured":"Dongqi Han, Zhiliang Wang, Ying Zhong, Wenqi Chen, Jiahai Yang, Shuqiang Lu, Xingang Shi, and Xia Yin. 2021. Evaluating and improving adversarial robustness of machine learning-based network intrusion detectors. JSAC (2021)."},{"key":"e_1_3_2_1_60_1","unstructured":"Qingying Hao Nirav Diwan Ying Yuan Giovanni Apruzzese Mauro Conti and Gang Wang. 2024. It Doesn't Look Like Anything to Me: Using Diffusion Model to Subvert Visual Phishing Detectors. In USENIX Sec."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLCN59089.2024.10624760"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046684.2046692"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00079"},{"key":"e_1_3_2_1_64_1","unstructured":"Fujiao Ji Kiho Lee Hyungjoon Koo Wenhao You Euijin Choo Hyoungshick Kim and Doowon Kim. 2025. Evaluating the effectiveness and robustness of visual similarity-based phishing detection models. In USENIX SEC."},{"key":"e_1_3_2_1_65_1","volume-title":"MAGIC: Detecting advanced persistent threats via masked graph representation learning. In USENIX SEC.","author":"Jia Zian","year":"2024","unstructured":"Zian Jia, Yun Xiong, Yuhong Nan, Yao Zhang, Jinjing Zhao, and Mi Wen. 2024. MAGIC: Detecting advanced persistent threats via masked graph representation learning. In USENIX SEC."},{"key":"e_1_3_2_1_66_1","volume-title":"Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity","author":"Khraisat Ansam","year":"2019","unstructured":"Ansam Khraisat, Iqbal Gondal, Peter Vamplew, and Joarder Kamruzzaman. 2019. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity (2019)."},{"key":"e_1_3_2_1_67_1","volume-title":"Scamdog Millionaire: Detecting E-commerce Scams in the Wild. In ACSAC.","author":"Kotzias Platon","year":"2023","unstructured":"Platon Kotzias, Kevin Roundy, Michalis Pachilakis, Iskander Sanchez-Rola, and Leyla Bilge. 2023. Scamdog Millionaire: Detecting E-commerce Scams in the Wild. In ACSAC."},{"key":"e_1_3_2_1_68_1","volume-title":"Adversarial machine learning at scale. ICLR","author":"Kurakin Alexey","year":"2017","unstructured":"Alexey Kurakin, Ian Goodfellow, and Samy Bengio. 2017. Adversarial machine learning at scale. ICLR (2017)."},{"key":"e_1_3_2_1_69_1","unstructured":"Alexey N. Kuznetsov. 2014. tc(8) \u2014 Linux manual page. [Online]. Available: https:\/\/man7.org\/linux\/man-pages\/man8\/tc.8.html."},{"key":"e_1_3_2_1_70_1","volume-title":"A framework for constructing features and models for intrusion detection systems. ACM TiSSEC","author":"Lee Wenke","year":"2000","unstructured":"Wenke Lee and Salvatore J Stolfo. 2000. A framework for constructing features and models for intrusion detection systems. ACM TiSSEC (2000)."},{"key":"e_1_3_2_1_71_1","volume-title":"Ying-Chih Lin, and Kuang-Yuan Tung.","author":"Liao Hung-Jen","year":"2013","unstructured":"Hung-Jen Liao, Chun-Hung Richard Lin, Ying-Chih Lin, and Kuang-Yuan Tung. 2013. Intrusion detection system: A comprehensive review. JNCA (2013)."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS56114.2022.9947235"},{"key":"e_1_3_2_1_73_1","volume-title":"USENIX Security Symposium.","author":"Liu Ruofan","year":"2022","unstructured":"Ruofan Liu, Yun Lin, Xianglin Yang, Siang Hwee Ng, Dinil Mon Divakaran, and Jin Song Dong. 2022. Inferring phishing intention via webpage appearance and dynamics: A deep vision based approach. In USENIX Security Symposium."},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN65610.2025.11146352"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"crossref","unstructured":"Keane Lucas Weiran Lin Lujo Bauer Michael K Reiter and Mahmood Sharif. 2024. Training Robust ML-based Raw-Binary Malware Detectors in Hours not Months. In ACM CCS.","DOI":"10.1145\/3658644.3690208"},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453155"},{"key":"e_1_3_2_1_77_1","volume-title":"Everybody's got ML, tell me what else you have: Practitioners' perception of ML-based security tools and explanations","author":"Mink Jaron","unstructured":"Jaron Mink, Hadjer Benkraouda, Limin Yang, Arridhana Ciptadi, Ali Ahmadzadeh, Daniel Votipka, and Gang Wang. 2023. Everybody's got ML, tell me what else you have: Practitioners' perception of ML-based security tools and explanations. In IEEE S&P."},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"crossref","unstructured":"Yisroel Mirsky Tomer Doitshman Yuval Elovici and Asaf Shabtai.2018. Kitsune: an ensemble of autoencoders for online network intrusion detection. In NDSS.","DOI":"10.14722\/ndss.2018.23204"},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"crossref","unstructured":"Emily A Nack Morgan C McKenzie and Nathaniel D Bastian. 2024. Aci-iot-2023: A robust dataset for internet of things network security analysis. In MILCOM.","DOI":"10.1109\/MILCOM61039.2024.10773916"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/BIBE.2014.73"},{"key":"e_1_3_2_1_81_1","volume-title":"USENIX Security Symposium.","author":"Nasr Milad","year":"2021","unstructured":"Milad Nasr, Alireza Bahramali, and Amir Houmansadr. 2021. Defeating {DNN-Based} traffic analysis systems in {Real-Time} with blind adversarial perturbations. In USENIX Security Symposium."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSciTech64112.2024.00028"},{"key":"e_1_3_2_1_83_1","doi-asserted-by":"crossref","unstructured":"Satoshi Okada Houda Jmila Kunio Akashi Takuho Mitsunaga Yuji Sekiya Hideki Takase Gregory Blanc and Hiroshi Nakamura. 2024. XAI-driven adversarial attacks on network intrusion detectors. In EICC.","DOI":"10.1145\/3655693.3655714"},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2023.03.038"},{"key":"e_1_3_2_1_85_1","volume-title":"The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. BMJ 372","author":"Page Matthew J","year":"2021","unstructured":"Matthew J Page, Joanne E McKenzie, Patrick M Bossuyt, Isabelle Boutron, Tammy C Hoffmann, Cynthia D Mulrow, Larissa Shamseer, Jennifer M Tetzlaff, Elie A Akl, Sue E Brennan, et al. 2021. The PRISMA 2020 statement: an updated guideline for reporting systematic reviews. BMJ 372 (2021)."},{"key":"e_1_3_2_1_86_1","volume-title":"Sok: Security and privacy in machine learning","author":"Papernot Nicolas","year":"2018","unstructured":"Nicolas Papernot, Patrick McDaniel, Arunesh Sinha, and Michael P Wellman. 2018. Sok: Security and privacy in machine learning. In IEEE EuroS&P."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00073"},{"key":"e_1_3_2_1_88_1","volume-title":"Freddie Barr-Smith, Luigi Mancini, and Ivan Martinovic.","author":"Piskozub Michal","year":"2021","unstructured":"Michal Piskozub, Fabio De Gaspari, Freddie Barr-Smith, Luigi Mancini, and Ivan Martinovic. 2021. Malphase: Fine-grained malware detection using network flow data. In ACM AsiaCCS."},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2024.3414267"},{"key":"e_1_3_2_1_90_1","volume-title":"Adversarial network traffic: Towards evaluating the robustness of deep-learning-based network traffic classification","author":"Sadeghzadeh Amir Mahdi","year":"2021","unstructured":"Amir Mahdi Sadeghzadeh, Saeed Shiravi, and Rasool Jalili. 2021. Adversarial network traffic: Towards evaluating the robustness of deep-learning-based network traffic classification. IEEE TNSM (2021)."},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12243-022-00909-8"},{"key":"e_1_3_2_1_92_1","volume-title":"G\u00e9r\u00f4me Bovet, and Gregorio Mart\u00ednez P\u00e9rez.","author":"S\u00e1nchez S\u00e1nchez Pedro Miguel","year":"2024","unstructured":"Pedro Miguel S\u00e1nchez S\u00e1nchez, Alberto Huertas Celdr\u00e1n, G\u00e9r\u00f4me Bovet, and Gregorio Mart\u00ednez P\u00e9rez. 2024. Adversarial attacks and defenses on ML-and hardware-based IoT device fingerprinting and identification. FGCS (2024)."},{"key":"e_1_3_2_1_93_1","volume-title":"Rongxing Lu, Pulei Xiong, and Shahrear Iqbal.","author":"Sasi Tinshu","year":"2024","unstructured":"Tinshu Sasi, Arash Habibi Lashkari, Rongxing Lu, Pulei Xiong, and Shahrear Iqbal. 2024. An efficient self attention-based 1D-CNN-LSTM network for IoT attack detection and identification using network traffic. JIT (2024)."},{"key":"e_1_3_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData52589.2021.9671580"},{"key":"e_1_3_2_1_95_1","volume-title":"Aurore Fass, Ben Nassi, Vera Rimmer, Fabio Roli, et al.","author":"Schr\u00f6er Saskia Laura","year":"2025","unstructured":"Saskia Laura Schr\u00f6er, Giovanni Apruzzese, Soheil Human, Pavel Laskov, Hyrum S Anderson, Edward WN Bernroider, Aurore Fass, Ben Nassi, Vera Rimmer, Fabio Roli, et al. 2025. SoK: On the offensive potential of AI. In SaTML."},{"key":"e_1_3_2_1_96_1","doi-asserted-by":"crossref","unstructured":"Christoph Sendner Jasper Stang Alexandra Dmitrienko Raveen Wijewickrama and Murtuza Jadliwala. 2024. Mirageflow: a new bandwidth inflation attack on tor. NDSS.","DOI":"10.14722\/ndss.2024.241133"},{"key":"e_1_3_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.1145\/3627106.3627123"},{"key":"e_1_3_2_1_98_1","volume-title":"Zheng Xu, John Dickerson, Christoph Studer, Larry S Davis, Gavin Taylor, and Tom Goldstein.","author":"Shafahi Ali","year":"2019","unstructured":"Ali Shafahi, Mahyar Najibi, Mohammad Amin Ghiasi, Zheng Xu, John Dickerson, Christoph Studer, Larry S Davis, Gavin Taylor, and Tom Goldstein. 2019. Adversarial training for free! NeurIPS."},{"key":"e_1_3_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.14722\/vehiclesec.2023.23090"},{"key":"e_1_3_2_1_100_1","volume-title":"Ali A Ghorbani, et al.","author":"Sharafaldin Iman","year":"2018","unstructured":"Iman Sharafaldin, Arash Habibi Lashkari, Ali A Ghorbani, et al. 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp (2018)."},{"key":"e_1_3_2_1_101_1","doi-asserted-by":"crossref","unstructured":"Ryan Sheatsley Blaine Hoak Eric Pauley Yohan Beugin Michael J Weisman and Patrick McDaniel. 2021. On the robustness of domain constraints. In CCS.","DOI":"10.1145\/3460120.3484570"},{"key":"e_1_3_2_1_102_1","volume-title":"USENIX Security Symposium.","author":"Sheatsley Ryan","year":"2023","unstructured":"Ryan Sheatsley, Blaine Hoak, Eric Pauley, and Patrick McDaniel. 2023. The space of adversarial strategies. In USENIX Security Symposium."},{"key":"e_1_3_2_1_103_1","volume-title":"Vu Dinh Phai, and Qi Shi.","author":"Shone Nathan","year":"2018","unstructured":"Nathan Shone, Tran Nguyen Ngoc, Vu Dinh Phai, and Qi Shi. 2018. A deep learning approach to network intrusion detection. IEEE TETCI (2018)."},{"key":"e_1_3_2_1_104_1","volume-title":"GonoGo-Assessing the Confidence Level of Distribute Intrusion Detection Systems Alarms Based on BGP","author":"Silva Renato S","year":"2024","unstructured":"Renato S Silva and Lu\u00eds M Felipe de Moraes. 2024. GonoGo-Assessing the Confidence Level of Distribute Intrusion Detection Systems Alarms Based on BGP. IEEE TNSM (2024)."},{"key":"e_1_3_2_1_105_1","unstructured":"Software Analyst Cyber Research. 2024. Revolutionizing Security Operations: The Path Toward AI-Augmented SOCs. https:\/\/softwareanalyst.substack.com\/p\/revolutionizing-secuity-operations."},{"key":"e_1_3_2_1_106_1","volume-title":"Outside the closed world: On using machine learning for network intrusion detection","author":"Sommer Robin","unstructured":"Robin Sommer and Vern Paxson. 2010. Outside the closed world: On using machine learning for network intrusion detection. In IEEE S&P."},{"key":"e_1_3_2_1_107_1","volume-title":"Hyungsub Kim, Raymond Muller, Z Berkay Celik, and Antonio Bianchi.","author":"Song Ruoyu","year":"2023","unstructured":"Ruoyu Song, Muslum Ozgur Ozmen, Hyungsub Kim, Raymond Muller, Z Berkay Celik, and Antonio Bianchi. 2023. Discovering adversarial driving maneuvers against autonomous vehicles. In USENIX SEC."},{"key":"e_1_3_2_1_108_1","volume-title":"A software deep packet inspection system for network traffic analysis and anomaly detection. Sensors","author":"Song Wenguang","year":"2020","unstructured":"Wenguang Song, Mykola Beshley, Krzysztof Przystupa, Halyna Beshley, Orest Kochan, Andrii Pryslupskyi, Daniel Pieniak, and Jun Su. 2020. A software deep packet inspection system for network traffic analysis and anomaly detection. Sensors (2020)."},{"key":"e_1_3_2_1_109_1","volume-title":"Madeline: Continuous and low-cost monitoring with graph-free representations to combat cyber threats. In ACSAC.","author":"Song Wenjia","year":"2024","unstructured":"Wenjia Song, Hailun Ding, Na Meng, Peng Gao, and Danfeng Yao. 2024. Madeline: Continuous and low-cost monitoring with graph-free representations to combat cyber threats. In ACSAC."},{"key":"e_1_3_2_1_110_1","volume-title":"Danilo Vasconcellos Vargas, and Kouichi Sakurai","author":"Su Jiawei","year":"2019","unstructured":"Jiawei Su, Danilo Vasconcellos Vargas, and Kouichi Sakurai. 2019. One pixel attack for fooling deep neural networks. IEEE TEC (2019)."},{"key":"e_1_3_2_1_111_1","volume-title":"Sok: Pitfalls in evaluating black-box attacks","author":"Suya Fnu","year":"2024","unstructured":"Fnu Suya, Anshuman Suri, Tingwei Zhang, Jingtao Hong, Yuan Tian, and David Evans. 2024. Sok: Pitfalls in evaluating black-box attacks. In IEEE SaTML."},{"key":"e_1_3_2_1_112_1","unstructured":"Chih-Fong Tsai Yu-Feng Hsu Chia-Ying Lin and Wei-Yang Lin. 2009. Intrusion detection by machine learning: A review. Exp. Syst. Appl. (2009)."},{"key":"e_1_3_2_1_113_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833671"},{"key":"e_1_3_2_1_114_1","volume-title":"Taxonomy and survey of collaborative intrusion detection. ACM computing surveys (CSUR) 47, 4","author":"Vasilomanolakis Emmanouil","year":"2015","unstructured":"Emmanouil Vasilomanolakis, Shankar Karuppayah, Max M\u00fchlh\u00e4user, and Mathias Fischer. 2015. Taxonomy and survey of collaborative intrusion detection. ACM computing surveys (CSUR) 47, 4 (2015), 1\u201333."},{"key":"e_1_3_2_1_115_1","doi-asserted-by":"crossref","unstructured":"Andrea Venturi Matteo Ferrari Mirco Marchetti and Michele Colajanni. 2023. ARGANIDS: a novel network intrusion detection system based on adversarially regularized graph autoencoder. In ACM SAC.","DOI":"10.1145\/3555776.3577651"},{"key":"e_1_3_2_1_116_1","volume-title":"RustiFlow: Bridging the Gap Between Security Research and Practice using eBPF-based Network Flow Extraction","author":"Verkerken Miel","unstructured":"Miel Verkerken, Matisse Callewaert, Laurens D'hooge, Tim Wauters, Bruno Volckaert, and Filip De Turck. 2025. RustiFlow: Bridging the Gap Between Security Research and Practice using eBPF-based Network Flow Extraction. In WTMC (IEEE EuroS&P)."},{"key":"e_1_3_2_1_117_1","volume-title":"Filip De Turck, and Giovanni Apruzzese","author":"Verkerken Miel","year":"2026","unstructured":"Miel Verkerken, Laurens D'hooge, Bruno Volckaert, Filip De Turck, and Giovanni Apruzzese. 2026. ConCap: Practical Network Traffic Generation for (ML- and) Flow-based Intrusion Detection Systems. In IEEE SaTML."},{"key":"e_1_3_2_1_118_1","volume-title":"Linh Le Thi Trang, and Shone Nathan.","author":"Viet Hung Nguyen","year":"2018","unstructured":"Hung Nguyen Viet, Quan Nguyen Van, Linh Le Thi Trang, and Shone Nathan. 2018. Using deep learning model for network scanning detection. In ICFET."},{"key":"e_1_3_2_1_119_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2020.2989695"},{"key":"e_1_3_2_1_120_1","volume-title":"Manda: On adversarial example detection for network intrusion detection system","author":"Wang Ning","year":"2022","unstructured":"Ning Wang, Yimin Chen, Yang Xiao, Yang Hu, Wenjing Lou, and Y Thomas Hou. 2022. Manda: On adversarial example detection for network intrusion detection system. IEEE TDSC (2022)."},{"key":"e_1_3_2_1_121_1","volume-title":"Enidrift: A fast and adaptive ensemble system for network intrusion detection under real-world drift. In ACSAC.","author":"Wang Xian","year":"2022","unstructured":"Xian Wang. 2022. Enidrift: A fast and adaptive ensemble system for network intrusion detection under real-world drift. In ACSAC."},{"key":"e_1_3_2_1_122_1","unstructured":"Feng Wei Hongda Li Ziming Zhao and Hongxin Hu. 2023. {xNIDS } : Explaining deep learning-based network intrusion detection systems for active intrusion responses. In USENIX Sec."},{"key":"e_1_3_2_1_123_1","doi-asserted-by":"crossref","unstructured":"Claes Wohlin. 2014. Guidelines for snowballing in systematic literature studies and a replication in software engineering. In EASE.","DOI":"10.1145\/2601248.2601268"},{"key":"e_1_3_2_1_124_1","doi-asserted-by":"crossref","unstructured":"Fabian Woitschek and Georg Schneider. 2021. Physical adversarial attacks on deep neural networks for traffic sign recognition: A feasibility study. In IV.","DOI":"10.1109\/IV48863.2021.9575935"},{"key":"e_1_3_2_1_125_1","volume-title":"Automatic evasion of machine learning-based network intrusion detection systems","author":"Yan Haonan","year":"2023","unstructured":"Haonan Yan, Xiaoguang Li, Wenjing Zhang, Rui Wang, Hui Li, Xingwen Zhao, Fenghua Li, and Xiaodong Lin. 2023. Automatic evasion of machine learning-based network intrusion detection systems. IEEE TDSC (2023)."},{"key":"e_1_3_2_1_126_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2762418"}],"event":{"name":"ASIA CCS '26: ACM Asia Conference on Computer and Communications Security","location":"Bangalore India","acronym":"ASIA CCS '26","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779208.3807482","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:26:34Z","timestamp":1780586794000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3779208.3807482"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":126,"alternative-id":["10.1145\/3779208.3807482","10.1145\/3779208"],"URL":"https:\/\/doi.org\/10.1145\/3779208.3807482","relation":{},"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"2026-06-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}