{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T12:40:28Z","timestamp":1782996028178,"version":"3.54.5"},"reference-count":69,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,5,1]],"date-time":"2024-05-01T00:00:00Z","timestamp":1714521600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,5,1]],"date-time":"2024-05-01T00:00:00Z","timestamp":1714521600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The network security analyzers use intrusion detection systems (IDSes) to distinguish malicious traffic from benign ones. The deep learning-based (DL-based) IDSes are proposed to auto-extract high-level features and eliminate the time-consuming and costly signature extraction process. However, this new generation of IDSes still needs to overcome a number of challenges to be employed in practical environments. One of the main issues of an applicable IDS is facing traffic concept drift, which manifests itself as new (i.e.\u00a0, zero-day) attacks, in addition to the changing behavior of benign users\/applications. Furthermore, a practical DL-based IDS needs to be conformed to a distributed (i.e.\u00a0, multi-sensor) architecture in order to yield more accurate detections, create a collective attack knowledge based on the observations of different sensors, and also handle big data challenges for supporting high throughput networks. This paper proposes a novel multi-agent network intrusion detection framework to address the above shortcomings, considering a more practical scenario (i.e., online adaptable IDSes). This framework employs continual deep anomaly detectors for adapting each agent to the changing attack\/benign patterns in its local traffic. In addition, a federated learning approach is proposed for sharing and exchanging local knowledge between different agents. Furthermore, the proposed framework implements sequential packet labeling for each flow, which provides an attack probability score for the flow by gradually observing each flow packet and updating its estimation. We evaluate the proposed framework by employing different deep models (including CNN-based and LSTM-based) over the CIC-IDS2017 and CSE-CIC-IDS2018 datasets. Through extensive evaluations and experiments, we show that the proposed distributed framework is well adapted to the traffic concept drift. More precisely, our results indicate that the CNN-based models are well suited for continually adapting to the traffic concept drift (i.e.\u00a0, achieving an average detection rate of above 95% while needing just 128 new flows for the updating phase), and the LSTM-based models are a good candidate for sequential packet labeling in practical online IDSes (i.e.\u00a0, detecting intrusions by just observing their first 15 packets).<\/jats:p>","DOI":"10.1186\/s42400-023-00199-0","type":"journal-article","created":{"date-parts":[[2024,5,1]],"date-time":"2024-05-01T03:36:42Z","timestamp":1714534602000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":33,"title":["A multi-agent adaptive deep learning framework for online intrusion detection"],"prefix":"10.1186","volume":"7","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3492-2049","authenticated-orcid":false,"given":"Mahdi","family":"Soltani","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8270-9707","authenticated-orcid":false,"given":"Khashayar","family":"Khajavi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3860-5999","authenticated-orcid":false,"given":"Mahdi","family":"Jafari Siavoshani","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8837-0668","authenticated-orcid":false,"given":"Amir Hossein","family":"Jahangir","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2024,5,1]]},"reference":[{"key":"199_CR1","unstructured":"Abadi M et\u00a0al (2015) TensorFlow: large-scale machine learning on heterogeneous systems. http:\/\/tensorflow.org\/. Software available from tensorflow.org"},{"key":"199_CR2","doi-asserted-by":"publisher","first-page":"1164","DOI":"10.1109\/OJCOMS.2022.3188750","volume":"3","author":"Z Abou El Houda","year":"2022","unstructured":"Abou El Houda Z, Brik B, Khoukhi L (2022) \u201cwhy should i trust your ids?\u2019\u2019: an explainable deep learning framework for intrusion detection systems in internet of things networks. IEEE Open J Commun Soc 3:1164\u20131176","journal-title":"IEEE Open J Commun Soc"},{"issue":"105","key":"199_CR3","first-page":"116","volume":"114","author":"AMK Adawadkar","year":"2022","unstructured":"Adawadkar AMK, Kulkarni N (2022) Cyber-security and reinforcement learning-a brief survey. Eng Appl Artif Intell 114(105):116","journal-title":"Eng Appl Artif Intell"},{"key":"199_CR4","doi-asserted-by":"publisher","first-page":"14410","DOI":"10.1109\/ACCESS.2018.2807385","volume":"6","author":"N Akhtar","year":"2018","unstructured":"Akhtar N, Mian A (2018) Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6:14410\u201314430","journal-title":"IEEE Access"},{"issue":"1","key":"199_CR5","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1186\/s42400-022-00133-w","volume":"6","author":"R Alghamdi","year":"2023","unstructured":"Alghamdi R, Bellaiche M (2023) An ensemble deep learning based ids for IoT using lambda architecture. Cybersecurity 6(1):5","journal-title":"Cybersecurity"},{"key":"199_CR6","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1016\/j.future.2021.04.017","volume":"123","author":"G Andresini","year":"2021","unstructured":"Andresini G, Appice A, De Rose L, Malerba D (2021) Gan augmentation to deal with imbalance in imaging-based intrusion detection. Fut Gener Comput Syst 123:108\u2013127","journal-title":"Fut Gener Comput Syst"},{"key":"199_CR7","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1016\/j.future.2021.09.040","volume":"128","author":"MS Ansari","year":"2022","unstructured":"Ansari MS, Barto\u0161 V, Lee B (2022) Gru-based deep learning approach for network intrusion alert prediction. Fut Gener Comput Syst 128:235\u2013247","journal-title":"Fut Gener Comput Syst"},{"issue":"2","key":"199_CR8","first-page":"169","volume":"38","author":"R Bhargavi","year":"2013","unstructured":"Bhargavi R, Vaidehi V (2013) Semantic intrusion detection with multisensor data fusion using complex event processing. Sadhana 38(2):169\u2013185","journal-title":"Sadhana"},{"key":"199_CR9","unstructured":"CSE-CIC-IDS2018 (2021) https:\/\/www.unb.ca\/cic\/datasets\/ids-2018.html"},{"key":"199_CR10","doi-asserted-by":"crossref","unstructured":"Chai Z, Chen Y, Anwar A, Zhao L, Cheng Y, Rangwala H (2021) Fedat: a high-performance and communication-efficient federated learning system with asynchronous tiers. In: Proceedings of the international conference for high performance computing, networking, storage and analysis, pp 1\u201316","DOI":"10.1145\/3458817.3476211"},{"issue":"1","key":"199_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s42400-020-00055-5","volume":"3","author":"YH Choi","year":"2020","unstructured":"Choi YH, Liu P, Shang Z, Wang H, Wang Z, Zhang L, Zhou J, Zou Q (2020) Using deep learning to solve computer security challenges: a survey. Cybersecurity 3(1):1\u201332","journal-title":"Cybersecurity"},{"key":"199_CR12","unstructured":"Chollet F (2017) keras. https:\/\/github.com\/fchollet\/keras"},{"key":"199_CR13","doi-asserted-by":"crossref","unstructured":"Cretu-Ciocarlie GF, Stavrou A, Locasto ME, Stolfo SJ (2009) Adaptive anomaly detection via self-calibration and dynamic updating. In: International workshop on recent advances in intrusion detection, pp 41\u201360","DOI":"10.1007\/978-3-642-04342-0_3"},{"key":"199_CR14","doi-asserted-by":"publisher","first-page":"761","DOI":"10.1016\/j.future.2017.08.043","volume":"82","author":"AA Diro","year":"2018","unstructured":"Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things. Fut Gener Comput Syst 82:761\u2013768","journal-title":"Fut Gener Comput Syst"},{"key":"199_CR15","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1016\/j.inffus.2021.02.007","volume":"72","author":"F Folino","year":"2021","unstructured":"Folino F, Folino G, Guarascio M, Pisani F, Pontieri L (2021) On learning effective ensembles of deep neural networks for intrusion detection. Inf Fus 72:48\u201369","journal-title":"Inf Fus"},{"key":"199_CR16","doi-asserted-by":"crossref","unstructured":"Gao J, Gan L, Buschendorf F, Zhang L, Liu H, Li P, Dong X, Lu T (2019) Lstm for SCADA intrusion detection. In: 2019 IEEE pacific rim conference on communications, computers and signal processing (PACRIM), IEEE, pp 1\u20135","DOI":"10.1109\/PACRIM47961.2019.8985116"},{"key":"199_CR17","unstructured":"Gimpel K, Das D, Smith NA (2010) Distributed asynchronous online learning for natural language processing. In: Proceedings of the fourteenth conference on computational natural language learning, pp 213\u2013222"},{"key":"199_CR18","first-page":"1997","volume":"25","author":"P Gong","year":"2012","unstructured":"Gong P, Ye J, Cs Zhang (2012) Multi-stage multi-task feature learning. Adv Neural Inf Process Syst 25:1997\u20132005","journal-title":"Adv Neural Inf Process Syst"},{"issue":"102","key":"199_CR19","first-page":"499","volume":"112","author":"N Gupta","year":"2022","unstructured":"Gupta N, Jindal V, Bedi P (2022) CSE-IDS: using cost-sensitive deep learning and ensemble algorithms to handle class imbalance in network-based intrusion detection systems. Comput Secur 112(102):499","journal-title":"Comput Secur"},{"key":"199_CR20","unstructured":"Hinton G, Vinyals O, Dean J (2015) Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531"},{"issue":"8","key":"199_CR21","doi-asserted-by":"publisher","first-page":"1735","DOI":"10.1162\/neco.1997.9.8.1735","volume":"9","author":"S Hochreiter","year":"1997","unstructured":"Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural Comput 9(8):1735\u20131780","journal-title":"Neural Comput"},{"key":"199_CR22","unstructured":"Huang Z, Xu W, Yu K (2015) Bidirectional LSTM-CRF models for sequence tagging. arXiv preprint arXiv:1508.01991"},{"issue":"16","key":"199_CR23","doi-asserted-by":"publisher","first-page":"3414","DOI":"10.3390\/app9163414","volume":"9","author":"RH Hwang","year":"2019","unstructured":"Hwang RH, Peng MC, Nguyen VL, Chang YL (2019) An LSTM-based deep learning approach for classifying malicious traffic at the packet level. Appl Sci 9(16):3414","journal-title":"Appl Sci"},{"key":"199_CR24","unstructured":"Iyengar N (2020) Evaluation of network based IDS and deployment of multi-sensor IDS. arXiv preprint arXiv:2007.11654"},{"key":"199_CR25","doi-asserted-by":"publisher","DOI":"10.1109\/TCDS.2021.3075143","author":"S Jain","year":"2021","unstructured":"Jain S, Kasaei H (2021) 3D_DEN: open-ended 3D object recognition using dynamically expandable networks. IEEE Trans Cognit Dev Sys. https:\/\/doi.org\/10.1109\/TCDS.2021.3075143","journal-title":"IEEE Trans Cognit Dev Sys"},{"key":"199_CR26","unstructured":"KDD Cup 1999 (2021) http:\/\/kdd.ics.uci.edu\/databases\/kddcup 99\/kddcup99.html"},{"key":"199_CR27","doi-asserted-by":"publisher","unstructured":"Khamis RA, Shafiq MO, Matrawy A (2020) Investigating resistance of deep learning-based ids against adversaries using min-max optimization. In: ICC 2020\u20142020 IEEE international conference on communications (ICC), pp 1\u20137. https:\/\/doi.org\/10.1109\/ICC40277.2020.9149117","DOI":"10.1109\/ICC40277.2020.9149117"},{"key":"199_CR28","doi-asserted-by":"publisher","first-page":"106460","DOI":"10.1016\/j.compeleceng.2019.106460","volume":"79","author":"C Kim","year":"2019","unstructured":"Kim C, Park J (2019) Designing online network intrusion detection using deep auto-encoder q-learning. Comput. Electr. Eng. 79:106460","journal-title":"Comput. Electr. Eng."},{"issue":"13","key":"199_CR29","doi-asserted-by":"publisher","first-page":"3521","DOI":"10.1073\/pnas.1611835114","volume":"114","author":"J Kirkpatrick","year":"2017","unstructured":"Kirkpatrick J, Pascanu R, Rabinowitz N, Veness J, Desjardins G, Rusu AA, Milan K, Quan J, Ramalho T, Grabska-Barwinska A et al (2017) Overcoming catastrophic forgetting in neural networks. Proc Natl Acad Sci 114(13):3521\u20133526","journal-title":"Proc Natl Acad Sci"},{"key":"199_CR30","unstructured":"Labonne M (2020) Anomaly-based network intrusion detection using machine learning. Ph.D. thesis, Institut Polytechnique de Paris"},{"issue":"103","key":"199_CR31","first-page":"111","volume":"187","author":"SW Lee","year":"2021","unstructured":"Lee SW, Mohammadi M, Rashidi S, Rahmani AM, Masdari M, Hosseinzadeh M et al (2021) Towards secure intrusion detection systems using deep learning techniques: comprehensive analysis and review. J Netw Comput Appl 187(103):111","journal-title":"J Netw Comput Appl"},{"key":"199_CR32","unstructured":"Liang KJ, Li C, Wang G, Carin L (2018) Generative adversarial network training is a continual learning problem. arXiv preprint arXiv:1811.11083"},{"issue":"4","key":"199_CR33","doi-asserted-by":"publisher","first-page":"579","DOI":"10.1016\/S1389-1286(00)00139-0","volume":"34","author":"R Lippmann","year":"2000","unstructured":"Lippmann R, Haines JW, Fried DJ, Korba J, Das K (2000) The 1999 DARPA off-line intrusion detection evaluation. Comput Netw 34(4):579\u2013595. https:\/\/doi.org\/10.1016\/S1389-1286(00)00139-0","journal-title":"Comput Netw"},{"key":"199_CR34","doi-asserted-by":"publisher","first-page":"18042","DOI":"10.1109\/ACCESS.2017.2747560","volume":"5","author":"M Lopez-Martin","year":"2017","unstructured":"Lopez-Martin M, Carro B, Sanchez-Esguevillas A, Lloret J (2017) Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access 5:18042\u201318050","journal-title":"IEEE Access"},{"key":"199_CR35","unstructured":"Malware Statistics in (2023) Frequency, impact, cost & more: comparitech.com. https:\/\/www.comparitech.com\/antivirus\/malware-statistics-facts\/. Accessed 12 Sept 2023"},{"key":"199_CR36","doi-asserted-by":"crossref","unstructured":"Ma X, Hovy E (2016) End-to-end sequence labeling via bi-directional LSTM-CNNs-CRF. arXiv preprint arXiv:1603.01354","DOI":"10.18653\/v1\/P16-1101"},{"key":"199_CR37","unstructured":"Madry A, Makelov A, Schmidt L, Tsipras D, Vladu A (2018) Towards deep learning models resistant to adversarial attacks. In: 6th international conference on learning representations, ICLR 2018, Vancouver, BC, Canada, April 30 \u2013May 3, 2018, Conference Track Proceedings. OpenReview.net. https:\/\/openreview.net\/forum?id=rJzIBfZAb"},{"issue":"1","key":"199_CR38","first-page":"5776","volume":"21","author":"J Martens","year":"2020","unstructured":"Martens J (2020) New insights and perspectives on the natural gradient method. J Mach Learn Res 21(1):5776\u20135851","journal-title":"J Mach Learn Res"},{"key":"199_CR39","doi-asserted-by":"crossref","unstructured":"Mirza AH, Cosan S (2018) Computer network intrusion detection using sequential lstm neural networks autoencoders. In: 2018 26th signal processing and communications applications conference (SIU), IEEE, pp 1\u20134","DOI":"10.1109\/SIU.2018.8404689"},{"key":"199_CR40","unstructured":"NIST security vulnerability trends in 2020 (2021) an analysis. https:\/\/www.redscan.com\/media\/Redscan_NIST-Vulnerability-Analysis-2020_v1.0.pdf"},{"issue":"1","key":"199_CR41","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-018-0145-4","volume":"5","author":"SM Othman","year":"2018","unstructured":"Othman SM, Ba-Alwi FM, Alsohybe NT, Al-Hashida AY (2018) Intrusion detection model using machine learning algorithm on Big Data environment. J Big Data 5(1):1\u201312","journal-title":"J Big Data"},{"key":"199_CR42","doi-asserted-by":"publisher","first-page":"13546","DOI":"10.1109\/ACCESS.2019.2893871","volume":"7","author":"D Papamartzivanos","year":"2019","unstructured":"Papamartzivanos D, M\u00e1rmol FG, Kambourakis G (2019) Introducing deep learning self-adaptive misuse network intrusion detection systems. IEEE Access 7:13546\u201313560","journal-title":"IEEE Access"},{"issue":"6","key":"199_CR43","first-page":"4951","volume":"9","author":"A Riyad","year":"2019","unstructured":"Riyad A, Ahmed MI, Khan RR (2019) An adaptive distributed intrusion detection system architecture using multi agents. Int J Electr Comput Eng 9(6):4951","journal-title":"Int J Electr Comput Eng"},{"key":"199_CR44","unstructured":"Rusu AA, Rabinowitz NC, Desjardins G, Soyer H, Kirkpatrick J, Kavukcuoglu K, Pascanu R, Hadsell R (2016) Progressive neural networks. arXiv preprint arXiv:1606.04671"},{"issue":"107","key":"199_CR45","first-page":"810","volume":"99","author":"T Saba","year":"2022","unstructured":"Saba T, Rehman A, Sadad T, Kolivand H, Bahaj SA (2022) Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput Electr Eng 99(107):810","journal-title":"Comput Electr Eng"},{"key":"199_CR46","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1016\/j.neucom.2017.02.029","volume":"241","author":"S Scardapane","year":"2017","unstructured":"Scardapane S, Comminiello D, Hussain A, Uncini A (2017) Group sparse regularization for deep neural networks. Neurocomputing 241:81\u201389","journal-title":"Neurocomputing"},{"key":"199_CR47","unstructured":"Schwarz J, Czarnecki W, Luketina J, Grabska-Barwinska A, Teh YW, Pascanu R, Hadsell R (2018) Progress & compress: A scalable framework for continual learning. In: International conference on machine learning, PMLR, pp 4528\u20134537"},{"key":"199_CR48","unstructured":"Seff A, Beatson A, Suo D, Liu H (2017) Continual learning in generative adversarial nets. arXiv preprint arXiv:1705.08395"},{"key":"199_CR49","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1016\/j.engappai.2014.06.022","volume":"35","author":"NA Seresht","year":"2014","unstructured":"Seresht NA, Azmi R (2014) Mais-ids: a distributed intrusion detection system using multi-agent ais approach. Eng Appl Artif Intell 35:286\u2013298","journal-title":"Eng Appl Artif Intell"},{"key":"199_CR50","doi-asserted-by":"publisher","unstructured":"Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Mori P, Furnell S, Camp O (eds) Proceedings of the 4th international conference on information systems security and privacy, ICISSP 2018, Funchal, Madeira - Portugal, January 22\u201324, 2018, pp 108\u2013116. SciTePress. https:\/\/doi.org\/10.5220\/0006639801080116","DOI":"10.5220\/0006639801080116"},{"issue":"103","key":"199_CR51","first-page":"516","volume":"76","author":"M Soltani","year":"2023","unstructured":"Soltani M, Ousat B, Siavoshani MJ, Jahangir AH (2023) An adaptable deep learning-based intrusion detection system to zero-day attacks. J Inf Secur Appl 76(103):516","journal-title":"J Inf Secur Appl"},{"key":"199_CR52","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-021-00567-2","author":"M Soltani","year":"2022","unstructured":"Soltani M, Siavoshani MJ, Jahangir AH (2022) A content-based deep intrusion detection system. Int J Inf Secur. https:\/\/doi.org\/10.1007\/s10207-021-00567-2","journal-title":"Int J Inf Secur"},{"key":"199_CR53","unstructured":"Sutton RS, McAllester DA, Singh SP, Mansour Y (2000) Policy gradient methods for reinforcement learning with function approximation. In: Advances in neural information processing systems, pp 1057\u20131063"},{"key":"199_CR54","doi-asserted-by":"publisher","unstructured":"Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD CUP 99 data set. In: 2009 ieee symposium on computational intelligence for security and defense applications, CISDA 2009, Ottawa, July 8\u201310, 2009, IEEE, pp 1\u20136. https:\/\/doi.org\/10.1109\/CISDA.2009.5356528","DOI":"10.1109\/CISDA.2009.5356528"},{"issue":"4","key":"199_CR55","doi-asserted-by":"publisher","first-page":"3211","DOI":"10.1007\/s11831-020-09496-0","volume":"28","author":"A Thakkar","year":"2021","unstructured":"Thakkar A, Lohiya R (2021) A review on machine learning and deep learning perspectives of ids for IoT: recent updates, security issues, and challenges. Arch Comput Methods Eng 28(4):3211\u20133243","journal-title":"Arch Comput Methods Eng"},{"issue":"107","key":"199_CR56","first-page":"044","volume":"91","author":"S Thakur","year":"2021","unstructured":"Thakur S, Chakraborty A, De R, Kumar N, Sarkar R (2021) Intrusion detection in cyber-physical systems using a generic and domain specific deep autoencoder model. Comput Electr Eng 91(107):044","journal-title":"Comput Electr Eng"},{"key":"199_CR57","first-page":"15175","volume":"34","author":"S Varshney","year":"2021","unstructured":"Varshney S, Verma VK, Srijith P, Carin L, Rai P (2021) Cam-gan: continual adaptation modules for generative adversarial networks. Adv Neural Inf Process Syst 34:15175\u201315187","journal-title":"Adv Neural Inf Process Syst"},{"key":"199_CR58","unstructured":"Van\u00a0de Ven GM, Tolias AS (2019) Three scenarios for continual learning. arXiv preprint arXiv:1904.07734"},{"key":"199_CR59","doi-asserted-by":"crossref","unstructured":"Vinayakumar R, Soman K, Poornachandran P (2017) Applying convolutional neural network for network intrusion detection. In: 2017 International conference on advances in computing, communications and informatics (ICACCI), IEEE, pp 1222\u20131228","DOI":"10.1109\/ICACCI.2017.8126009"},{"issue":"102","key":"199_CR60","first-page":"542","volume":"113","author":"Z Wang","year":"2022","unstructured":"Wang Z, Fok KW, Thing VL (2022) Machine learning for encrypted malicious traffic detection: approaches, datasets and comparative study. Comput Secur 113(102):542","journal-title":"Comput Secur"},{"key":"199_CR61","doi-asserted-by":"publisher","first-page":"102177","DOI":"10.1016\/j.cose.2021.102177","volume":"103","author":"Z Wang","year":"2021","unstructured":"Wang Z, Liu Y, He D, Chan S (2021) Intrusion detection methods based on integrated deep learning model. Comput Secur 103:102177","journal-title":"Comput Secur"},{"key":"199_CR62","unstructured":"Xie C, Koyejo S, Gupta I (2019) Asynchronous federated optimization. arXiv preprint arXiv:1903.03934"},{"key":"199_CR63","unstructured":"Xu J, Zhu Z (2018) Reinforced continual learning. arXiv preprint arXiv:1805.12369"},{"key":"199_CR64","doi-asserted-by":"crossref","unstructured":"Yi S, Li C, Li Q (2015) A survey of fog computing: concepts, applications and issues. In: Proceedings of the 2015 workshop on mobile big data, pp 37\u201342","DOI":"10.1145\/2757384.2757397"},{"key":"199_CR65","doi-asserted-by":"publisher","first-page":"21954","DOI":"10.1109\/ACCESS.2017.2762418","volume":"5","author":"C Yin","year":"2017","unstructured":"Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21954\u201321961","journal-title":"IEEE Access"},{"key":"199_CR66","unstructured":"Yoon J, Yang E, Lee J, Hwang SJ (2017) Lifelong learning with dynamically expandable networks. arXiv preprint arXiv:1708.01547"},{"key":"199_CR67","unstructured":"Yosinski J, Clune J, Bengio Y, Lipson H (2014) How transferable are features in deep neural networks? arXiv preprint arXiv:1411.1792"},{"key":"199_CR68","unstructured":"Zenke F, Poole B, Ganguli S (2017) Continual learning through synaptic intelligence. In: International conference on machine learning, PMLR, pp 3987\u20133995"},{"key":"199_CR69","doi-asserted-by":"crossref","unstructured":"Zhang J, Zhang J, Ghosh S, Li D, Zhu J, Zhang H, Wang Y (2020) Regularize, expand and compress: Nonexpansive continual learning. In: Proceedings of the IEEE\/CVF winter conference on applications of computer vision, pp 854\u2013862","DOI":"10.1109\/WACV45572.2020.9093585"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-023-00199-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-023-00199-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-023-00199-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,1]],"date-time":"2024-05-01T03:37:16Z","timestamp":1714534636000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-023-00199-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,1]]},"references-count":69,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["199"],"URL":"https:\/\/doi.org\/10.1186\/s42400-023-00199-0","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,1]]},"assertion":[{"value":"5 April 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 December 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 May 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval and consent to participate"}},{"value":"The authors have no conflicts of interest to declare that are relevant to the content of this article.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"9"}}