{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T10:41:59Z","timestamp":1774435319785,"version":"3.50.1"},"reference-count":98,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T00:00:00Z","timestamp":1774396800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T00:00:00Z","timestamp":1774396800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    Accuracy remains the dominant evaluation metric in Intrusion Detection System (IDS) research, yet an IDS that detects attacks too late is functionally equivalent to one that fails\u2014particularly in Internet of Things (IoT) environments. In operational settings, the timing of detection shapes both the scope of adversarial activity and the feasibility of effective response. To the best of our knowledge, latency (the speed at which intrusions are identified) has received no systematic attention. Our analysis of published IDS papers reveals that latency is defined inconsistently\u2014often referring to inference, communication, computation time, or combinations of these-leading to incomparable performance claims. To close this gap, we formally define end-to-end latency as the sum of three measurable components:\n                    <jats:italic>Attacker-Controlled Latency<\/jats:italic>\n                    (ACL),\n                    <jats:italic>IDS-Determined Latency<\/jats:italic>\n                    (IDL), and\n                    <jats:italic>Post-Detection Latency<\/jats:italic>\n                    (PDL). The framework further decomposes IDL into environment-specific sub-components, linking network topology and detection methodology to overall responsiveness. The framework provides a systematic mechanism to parameterize and vary these components across deployment environments (edge, cloud, federated learning). Using a Cyber-Physical dataset, we demonstrate the applicability of our latency framework to an existing dataset. By providing a mechanism to quantify detection timeliness, the proposed framework enables analysts to estimate attacker dwell time, benchmark real-time responsiveness, and standardize latency reporting across IDS studies.\n                  <\/jats:p>","DOI":"10.1186\/s42400-026-00574-7","type":"journal-article","created":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T06:34:18Z","timestamp":1774420458000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Intrusion detection latency: the neglected metric"],"prefix":"10.1186","volume":"9","author":[{"given":"Sandhyarani","family":"Dash","sequence":"first","affiliation":[]},{"given":"John M.","family":"Acken","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,3,25]]},"reference":[{"key":"574_CR1","doi-asserted-by":"publisher","first-page":"153123","DOI":"10.1109\/ACCESS.2019.2947542","volume":"7","author":"KH Abdulkareem","year":"2019","unstructured":"Abdulkareem KH, Mohammed MA, Gunasekaran SS et al (2019) A review of fog computing and machine learning: concepts, applications, challenges, and open issues. IEEE Access 7:153123\u2013153140","journal-title":"IEEE Access"},{"issue":"18","key":"574_CR2","doi-asserted-by":"publisher","first-page":"18079","DOI":"10.1109\/JIOT.2022.3161838","volume":"9","author":"IH Abdulqadder","year":"2022","unstructured":"Abdulqadder IH, Zhou S (2022) SliceBlock: context-aware authentication handover and secure network slicing using DAG-BLOCKCHAIN IN EDGE-ASSISTEd SDN\/NFV-6G environment. IEEE Internet Things J 9(18):18079\u201318097","journal-title":"IEEE Internet Things J"},{"issue":"1","key":"574_CR3","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1109\/MCOMSTD.0001.2100098","volume":"6","author":"M Adhikari","year":"2022","unstructured":"Adhikari M, Hazra A (2022) 6G-enabled ultra-reliable low-latency communication in edge networks. IEEE Commun Stand Mag 6(1):67\u201374","journal-title":"IEEE Commun Stand Mag"},{"key":"574_CR4","doi-asserted-by":"crossref","unstructured":"Agarwal N, Quadir MA, Vigneswaran T, Punitha K, Sivaraman AK (2022) A robust pipeline approach for DDoS classification using machine learning. In: International conference on intelligent computing, instrumentation and control technologies (ICICICT). Kannur, India, pp 1621\u20131627","DOI":"10.1109\/ICICICT54557.2022.9917596"},{"key":"574_CR5","doi-asserted-by":"publisher","first-page":"6611","DOI":"10.1109\/OJCOMS.2024.3481965","volume":"5","author":"D Agnew","year":"2024","unstructured":"Agnew D, Rice-Bladykas A, McNair J (2024) Detection of zero-day attacks in a software-defined LEO constellation network using enhanced network metric predictions. IEEE Open J Commun Soc 5:6611\u20136634","journal-title":"IEEE Open J Commun Soc"},{"issue":"2","key":"574_CR6","doi-asserted-by":"publisher","first-page":"1495","DOI":"10.1109\/TII.2022.3205366","volume":"19","author":"I Ahmed","year":"2023","unstructured":"Ahmed I, Anisetti M, Ahmad A, Jeon G (2023) A multilayer deep learning approach for Malware classification in 5G-enabled IIoT. IEEE Trans Ind Inf 19(2):1495\u20131503","journal-title":"IEEE Trans Ind Inf"},{"key":"574_CR7","doi-asserted-by":"crossref","unstructured":"Akem ATJ, Gucciardo M, Fiore M (2024) Ultra-low latency user-plane cyberattack detection in SDN-based smart grids. In: 15th ACM international conference on future energy system (e-Energy \u201924). Singapore, Singapore, pp 676\u2013682","DOI":"10.1145\/3632775.3661995"},{"key":"574_CR8","doi-asserted-by":"publisher","first-page":"96615","DOI":"10.1109\/ACCESS.2023.3307018","volume":"11","author":"MA Al Ghamdi","year":"2023","unstructured":"Al Ghamdi MA (2023) A fine-grained system driven of attacks over several new representation techniques using machine learning. IEEE Access 11:96615\u201396625","journal-title":"IEEE Access"},{"key":"574_CR9","doi-asserted-by":"publisher","first-page":"11703","DOI":"10.1038\/s41598-024-62435-y","volume":"14","author":"A Aldaej","year":"2024","unstructured":"Aldaej A et al (2024) Ensemble technique of intrusion detection for IoT-edge platform. Sci Rep 14:11703","journal-title":"Sci Rep"},{"key":"574_CR10","doi-asserted-by":"publisher","first-page":"53646","DOI":"10.1109\/ACCESS.2024.3387529","volume":"12","author":"A Algarni","year":"2024","unstructured":"Algarni A, Acarer T, Ahmad Z (2024) An edge computing-based preventive framework with machine learning integration for anomaly detection and risk management in maritime wireless communications. IEEE Access 12:53646\u201353663","journal-title":"IEEE Access"},{"key":"574_CR11","doi-asserted-by":"publisher","first-page":"108561","DOI":"10.1109\/ACCESS.2023.3318176","volume":"11","author":"M Aljebreen","year":"2023","unstructured":"Aljebreen M, Alrayes FS, Maray M, Aljameel SS, Salama AS, Motwakel A (2023) Modified equilibrium optimization algorithm with deep learning-based DDoS attack classification in 5G networks. IEEE Access 11:108561\u2013108570","journal-title":"IEEE Access"},{"key":"574_CR12","doi-asserted-by":"crossref","unstructured":"Aloul F, Zualkernan I, Abdalgawad N, Hussain L, Sakhnini D (2021) Network intrusion detection on the IoT edge using adversarial autoencoders. In: International conference on information technology (ICIT). Amman, Jordan, pp 120\u2013125","DOI":"10.1109\/ICIT52682.2021.9491694"},{"issue":"20","key":"574_CR13","doi-asserted-by":"publisher","first-page":"20431","DOI":"10.1109\/JIOT.2022.3176530","volume":"9","author":"MN Aman","year":"2022","unstructured":"Aman MN, Basheer H, Wong JW, Xu J, Lim HW, Sikdar B (2022) Machine-learning-based attestation for the internet of things using memory traces. IEEE Internet Things J 9(20):20431\u201320443","journal-title":"IEEE Internet Things J"},{"issue":"4","key":"574_CR14","doi-asserted-by":"publisher","first-page":"881","DOI":"10.1109\/TCE.2023.3320282","volume":"69","author":"S Anbalagan","year":"2023","unstructured":"Anbalagan S, Raja G, Gurumoorthy S, Suresh RD, Ayyakannu K (2023) Blockchain assisted hybrid intrusion detection system in autonomous vehicles for industry 5.0. IEEE Trans Consum Electron 69(4):881\u2013889","journal-title":"IEEE Trans Consum Electron"},{"key":"574_CR15","doi-asserted-by":"crossref","unstructured":"Ao Y, Shi H, Wang N et al (2024) An accurate and lightweight intrusion detection model deployed on edge network devices. In: International joint conference on neural networks (IJCNN). Yokohama, Japan, pp 1\u20138","DOI":"10.1109\/IJCNN60899.2024.10651457"},{"issue":"1","key":"574_CR16","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1109\/TII.2022.3156642","volume":"19","author":"O Aouedi","year":"2023","unstructured":"Aouedi O, Piamrat K, Muller G, Singh K (2023) Federated semisupervised learning for attack detection in industrial internet of things. IEEE Trans Ind Inf 19(1):286\u2013295","journal-title":"IEEE Trans Ind Inf"},{"key":"574_CR17","doi-asserted-by":"crossref","unstructured":"Asulba B, Souto PF, Almeida L (2025) Bringing IoT intrusion detection to the edge. In: 8th international conference on future networks and distributed systems (ICFNDS\u201924). NY, USA, New York, pp 295\u2013304","DOI":"10.1145\/3726122.3726166"},{"key":"574_CR18","doi-asserted-by":"publisher","first-page":"113842","DOI":"10.1109\/ACCESS.2024.3443408","volume":"12","author":"M Azhar","year":"2024","unstructured":"Azhar M, Perveen S, Iqbal A, Lee B (2024) IDRandom-forest: advanced random forest for real-time intrusion detection. IEEE Access 12:113842\u2013113854","journal-title":"IEEE Access"},{"key":"574_CR19","doi-asserted-by":"publisher","first-page":"32863","DOI":"10.1109\/ACCESS.2025.3543127","volume":"13","author":"A Berguiga","year":"2025","unstructured":"Berguiga A, Harchay A, Massaoudi A (2025) HIDS-IoMT: a deep learning-based intelligent intrusion detection system for the internet of medical things. IEEE Access 13:32863\u201332882","journal-title":"IEEE Access"},{"key":"574_CR20","doi-asserted-by":"crossref","unstructured":"Borgioli N, Phan LTX, Aromolo F, Biondi A, Buttazzo G (2023) Real-time packet-based intrusion detection on edge devices. In: Cyber-physical systems and internet of things week (CPS-IoT Week\u201923). San Antonio, TX, USA, pp 234\u2013240","DOI":"10.1145\/3576914.3587551"},{"key":"574_CR21","doi-asserted-by":"publisher","first-page":"72235","DOI":"10.1109\/ACCESS.2025.3558623","volume":"13","author":"KC Chaganti","year":"2025","unstructured":"Chaganti KC (2025) A scalable, lightweight AI-driven security framework for IoT ecosystems: optimization and game theory approaches. IEEE Access 13:72235\u201372247","journal-title":"IEEE Access"},{"issue":"1","key":"574_CR22","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1109\/TCC.2021.3087447","volume":"11","author":"H Chang","year":"2023","unstructured":"Chang H, Kodialam M, Lakshman TV, Mukherjee S, Van der Merwe J, Zaheer Z (2023) MAGNet: machine learning guided application-aware networking for data centers. IEEE Trans Cloud Comput 11(1):291\u2013307","journal-title":"IEEE Trans Cloud Comput"},{"key":"574_CR23","doi-asserted-by":"publisher","first-page":"126646","DOI":"10.1109\/ACCESS.2021.3111053","volume":"9","author":"V Christopher","year":"2021","unstructured":"Christopher V, Aathman T, Mahendrakumaran K et al (2021) Minority resampling boosted unsupervised learning with hyperdimensional computing for threat detection at the edge of internet of things. IEEE Access 9:126646\u2013126657","journal-title":"IEEE Access"},{"key":"574_CR24","doi-asserted-by":"crossref","unstructured":"Clavijo-Herrera M, Banda-Almeida J, Iza C (2021) Performance evaluation in Misbehavior detection techniques for DoS attacks in VANETs. In: ACM symposium on performance evaluation of wireless ad hoc, sensor, and ubiquitous networks (PE-WASUN). Alicante, Spain, pp 73\u201380","DOI":"10.1145\/3479240.3488510"},{"issue":"5","key":"574_CR25","doi-asserted-by":"publisher","first-page":"8906","DOI":"10.1109\/JIOT.2023.3321299","volume":"11","author":"TN Dao","year":"2024","unstructured":"Dao TN, Lee H (2024) COOL: conservation of output links for pruning algorithms in network intrusion detection. IEEE Internet Things J 11(5):8906\u20138920","journal-title":"IEEE Internet Things J"},{"issue":"9","key":"574_CR26","doi-asserted-by":"publisher","first-page":"5728","DOI":"10.1109\/TII.2022.3155656","volume":"18","author":"S De","year":"2022","unstructured":"De S, Bermudez-Edo M, Xu H, Cai Z (2022) Deep generative models in the industrial internet of things: a survey. IEEE Trans Ind Inf 18(9):5728\u20135737","journal-title":"IEEE Trans Ind Inf"},{"issue":"4","key":"574_CR27","doi-asserted-by":"publisher","first-page":"2654","DOI":"10.1109\/COMST.2023.3317242","volume":"25","author":"MA Ferrag","year":"2023","unstructured":"Ferrag MA, Friha O, Kantarci B et al (2023) Edge learning for 6G-enabled internet of things: a comprehensive survey of vulnerabilities, datasets, and defenses. IEEE Commun Surv Tutor 25(4):2654\u20132713","journal-title":"IEEE Commun Surv Tutor"},{"key":"574_CR28","doi-asserted-by":"publisher","first-page":"134041","DOI":"10.1109\/ACCESS.2025.3592729","volume":"13","author":"NB Gaikwad","year":"2025","unstructured":"Gaikwad NB, Khare SK, Mendhe D, Mir H, Kosta S, Acharya UR (2025) FPGA SoC implementation of adaptive deep neural network-based multimodal edge intelligence for internet of medical things. IEEE Access 13:134041\u2013134056","journal-title":"IEEE Access"},{"issue":"11","key":"574_CR29","doi-asserted-by":"publisher","first-page":"8229","DOI":"10.1109\/JIOT.2022.3150363","volume":"9","author":"B Ghimire","year":"2022","unstructured":"Ghimire B, Rawat DB (2022) Recent advances on federated learning for cybersecurity and cybersecurity for federated learning for internet of things. IEEE Internet Things J 9(11):8229\u20138249","journal-title":"IEEE Internet Things J"},{"key":"574_CR30","doi-asserted-by":"publisher","first-page":"122187","DOI":"10.1109\/ACCESS.2025.3588076","volume":"13","author":"J Govea","year":"2025","unstructured":"Govea J, Gutierrez R, Villegas-Ch W, Maldonado NA (2025) Hybrid AI for predictive cyber risk assessment: federated graph-transformer architecture with explainability. IEEE Access 13:122187\u2013122206","journal-title":"IEEE Access"},{"issue":"4","key":"574_CR31","doi-asserted-by":"publisher","first-page":"4546","DOI":"10.1109\/TNSM.2022.3183216","volume":"19","author":"K Guo","year":"2022","unstructured":"Guo K, Chen J, Dong P, Liu S, Gao D (2022) FullSight: a feasible intelligent and collaborative framework for service function chains failure detection. IEEE Trans Netw Serv Manag 19(4):4546\u20134565","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"574_CR32","doi-asserted-by":"crossref","unstructured":"Hattarki R, Houji S, Dhage M (2021) Real-time intrusion detection system for IoT networks. In: International conference on convergence technology (I2CT). Maharashtra, India, pp 1\u20135","DOI":"10.1109\/I2CT51068.2021.9417815"},{"key":"574_CR33","doi-asserted-by":"publisher","first-page":"12605","DOI":"10.1109\/TEM.2022.3170519","volume":"71","author":"RF Hayat","year":"2024","unstructured":"Hayat RF, Aurangzeb S, Aleem M, Srivastava G, Lin JCW (2024) ML-DDoS: a blockchain-based multilevel DDoS mitigation mechanism for IoT environments. IEEE Trans Eng Manage 71:12605\u201312618","journal-title":"IEEE Trans Eng Manage"},{"key":"574_CR34","unstructured":"Hutchins EM, Cloppert MJ, Amin RM (2011) Intelligence-driven computer network defense informed by analysis of adversary Campaigns and intrusion kill chains. In: 6th international conference on information warfare and security (ICIW), pp 113\u2013125"},{"key":"574_CR35","doi-asserted-by":"publisher","first-page":"127446","DOI":"10.1109\/ACCESS.2023.3332512","volume":"11","author":"MH Jamal","year":"2023","unstructured":"Jamal MH et al (2023) A comparison of re-sampling techniques for detection of multi-step attacks on deep learning models. IEEE Access 11:127446\u2013127457","journal-title":"IEEE Access"},{"key":"574_CR36","doi-asserted-by":"publisher","first-page":"66481","DOI":"10.1109\/ACCESS.2022.3184722","volume":"10","author":"AH Janabi","year":"2022","unstructured":"Janabi AH, Kanakis T, Johnson M (2022) Overhead reduction technique for software-defined network-based intrusion detection systems. IEEE Access 10:66481\u201366491","journal-title":"IEEE Access"},{"key":"574_CR37","doi-asserted-by":"publisher","first-page":"14301","DOI":"10.1109\/ACCESS.2022.3148134","volume":"10","author":"AH Janabi","year":"2022","unstructured":"Janabi AH, Kanakis T, Johnson M (2022) Convolutional neural network based algorithm for early warning proactive system security in software defined networks. IEEE Access 10:14301\u201314310","journal-title":"IEEE Access"},{"issue":"6","key":"574_CR38","doi-asserted-by":"publisher","first-page":"5070","DOI":"10.1109\/TDSC.2023.3240315","volume":"20","author":"Y Javed","year":"2023","unstructured":"Javed Y, Khayat MA, Elghariani AA, Ghafoor A (2023) PRISM: a hierarchical intrusion detection architecture for large-scale cyber networks. IEEE Trans Depend Secure Comput 20(6):5070\u20135086","journal-title":"IEEE Trans Depend Secure Comput"},{"issue":"1","key":"574_CR39","doi-asserted-by":"publisher","first-page":"741","DOI":"10.1109\/TNSM.2022.3213370","volume":"20","author":"MA Khan","year":"2023","unstructured":"Khan MA, Kumar N, Mohsan SAH, Khan WU, Nasralla MM, Alsharif M (2023) Swarm of UAVs for network management in 6G: a technical review. IEEE Trans Netw Serv Manag 20(1):741\u2013761","journal-title":"IEEE Trans Netw Serv Manag"},{"issue":"3","key":"574_CR40","doi-asserted-by":"publisher","first-page":"1330","DOI":"10.1109\/TGCN.2022.3165692","volume":"6","author":"P Kumar","year":"2022","unstructured":"Kumar P, Kumar R, Gupta GP, Tripathi R (2022) BDEdge: blockchain and deep-learning for secure edge-envisioned green CAVs. IEEE Trans Green Commun Netw 6(3):1330\u20131339","journal-title":"IEEE Trans Green Commun Netw"},{"issue":"7","key":"574_CR41","doi-asserted-by":"publisher","first-page":"2707","DOI":"10.1109\/TITS.2019.2905415","volume":"21","author":"J Liang","year":"2020","unstructured":"Liang J, Lin Q, Chen J, Zhu Y (2020) A filter model based on hidden generalized mixture transition distribution model for intrusion detection system in vehicle ad hoc networks. IEEE Trans Intell Transp Syst 21(7):2707\u20132722","journal-title":"IEEE Trans Intell Transp Syst"},{"issue":"2","key":"574_CR42","doi-asserted-by":"publisher","first-page":"1159","DOI":"10.1109\/TNSM.2021.3122147","volume":"19","author":"Z Liao","year":"2022","unstructured":"Liao Z, Pang X, Zhang J, Xiong B, Wang J (2022) Blockchain on security and forensics management in edge computing for IoT: a comprehensive survey. IEEE Trans Netw Serv Manag 19(2):1159\u20131175","journal-title":"IEEE Trans Netw Serv Manag"},{"issue":"10","key":"574_CR43","doi-asserted-by":"publisher","first-page":"9589","DOI":"10.1109\/JIOT.2020.2986702","volume":"7","author":"A Libri","year":"2020","unstructured":"Libri A, Bartolini A, Benini L (2020) pAElla: edge AI-based real-time Malware detection in data centers. IEEE Internet Things J 7(10):9589\u20139599","journal-title":"IEEE Internet Things J"},{"key":"574_CR44","doi-asserted-by":"crossref","unstructured":"Li D, Majd NE (2023) Intrusion detection in IoT leveraged by multiaccess edge computing using machine learning. In: IEEE international performance, computing, and communications conference (IPCCC). Anaheim, CA, USA, pp 441\u2013446","DOI":"10.1109\/IPCCC59175.2023.10253831"},{"key":"574_CR45","doi-asserted-by":"crossref","unstructured":"Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall KR, McClung D et al (2000) Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. In: DARPA information survivability conference and exposition (DISCEX), vol 2. Hilton Head, SC, USA, pp 12\u201326","DOI":"10.1109\/DISCEX.2000.821506"},{"key":"574_CR46","doi-asserted-by":"publisher","first-page":"37931","DOI":"10.1109\/ACCESS.2025.3545659","volume":"13","author":"J Liu","year":"2025","unstructured":"Liu J, Wang G, Zong X, Ning B, He K (2025) EfficientTransformer: a dynamic anomaly detection model for industrial control networks. IEEE Access 13:37931\u201337945","journal-title":"IEEE Access"},{"key":"574_CR47","doi-asserted-by":"publisher","first-page":"3491","DOI":"10.1109\/ACCESS.2017.2782159","volume":"6","author":"G Loukas","year":"2018","unstructured":"Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6:3491\u20133508","journal-title":"IEEE Access"},{"key":"574_CR48","doi-asserted-by":"publisher","DOI":"10.1016\/j.mex.2024.102597","volume":"12","author":"P Mahadevappa","year":"2024","unstructured":"Mahadevappa P et al (2024) A secure edge computing model using machine learning and IDS to detect and isolate intruders. MethodsX 12:102597","journal-title":"MethodsX"},{"key":"574_CR49","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TIM.2023.3284133","volume":"72","author":"SS Mahmoud","year":"2023","unstructured":"Mahmoud SS (2023) Practical aspects of perimeter intrusion detection and nuisance suppression for distributed fiber-optic sensors. IEEE Trans Instrum Meas 72:1\u201311","journal-title":"IEEE Trans Instrum Meas"},{"key":"574_CR50","unstructured":"Mandiant. M-Trends 2020: insights into today\u2019s breach detection and response. FireEye Mandiant; 2020. Available from: https:\/\/www.mandiant.com\/resources\/reports\/m-trends-2020"},{"key":"574_CR51","doi-asserted-by":"crossref","unstructured":"Marouane H, Dandoush A, Amour L, Erbad A (2023) Performance evaluation of machine learning-based misbehavior detection systems in VANETs: a comprehensive study. In: International symposium on networks, computers and communications (ISNCC). Doha, Qatar, pp 1\u20136","DOI":"10.1109\/ISNCC58260.2023.10323985"},{"key":"574_CR52","doi-asserted-by":"publisher","first-page":"94225","DOI":"10.1109\/ACCESS.2025.3572605","volume":"13","author":"N Mehta","year":"2025","unstructured":"Mehta N, Bharot N, Breslin JG, Verma P (2025) PPFL-DCS: privacy-preserving federated learning using neural transformer and leveraging dynamic client selection to accommodate data diversity. IEEE Access 13:94225\u201394238","journal-title":"IEEE Access"},{"issue":"1","key":"574_CR53","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TCSS.2016.2561200","volume":"3","author":"S Misra","year":"2016","unstructured":"Misra S, Goswami S, Taneja C (2016) Multivariate data fusion-based learning of video content and service distribution for cyber physical social systems. IEEE Trans Comput Soc Syst 3(1):1\u201312","journal-title":"IEEE Trans Comput Soc Syst"},{"key":"574_CR54","unstructured":"MITRE Corporation (2025) MITRE ATT&CK\u00ae knowledge base. Available from: https:\/\/attack.mitre.org\/"},{"issue":"2","key":"574_CR55","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1109\/TNSM.2017.2701549","volume":"14","author":"R Mohammadi","year":"2017","unstructured":"Mohammadi R, Javidan R, Conti M (2017) SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans Netw Serv Manag 14(2):487\u2013497","journal-title":"IEEE Trans Netw Serv Manag"},{"issue":"5","key":"574_CR56","doi-asserted-by":"publisher","first-page":"2978","DOI":"10.1109\/TNSE.2022.3161479","volume":"9","author":"H Moudoud","year":"2022","unstructured":"Moudoud H, Mlika Z, Khoukhi L, Cherkaoui S (2022) Detection and prediction of FDI attacks in IoT systems via hidden Markov model. IEEE Trans Netw Sci Eng 9(5):2978\u20132990","journal-title":"IEEE Trans Netw Sci Eng"},{"key":"574_CR57","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1109\/OJCOMS.2022.3143098","volume":"3","author":"DP Moya Osorio","year":"2022","unstructured":"Moya Osorio DP, Ahmad I, S\u00e1nchez JDV, Gurtov A, Scholliers J, Kutila M (2022) Towards 6G-enabled internet of vehicles: security and privacy. IEEE Open J Commun Soc 3:82\u2013105","journal-title":"IEEE Open J Commun Soc"},{"issue":"6","key":"574_CR58","doi-asserted-by":"publisher","first-page":"6670","DOI":"10.1109\/TNSM.2024.3446178","volume":"21","author":"A Mudgal","year":"2024","unstructured":"Mudgal A, Verma A, Singh M, Sahoo KS, Elmroth E, Bhuyan M (2024) FloRa: flow table low-rate overflow reconnaissance and detection in SDN. IEEE Trans Netw Serv Manag 21(6):6670\u20136683","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"574_CR59","doi-asserted-by":"publisher","first-page":"113544","DOI":"10.1109\/ACCESS.2025.3584373","volume":"13","author":"MB Musthafa","year":"2025","unstructured":"Musthafa MB, Huda S, Nguyen TT, Kodera Y, Nogami Y (2025) Optimized ensemble deep learning for real-time intrusion detection on resource-constrained raspberry Pi devices. IEEE Access 13:113544\u2013113556","journal-title":"IEEE Access"},{"issue":"15","key":"574_CR60","doi-asserted-by":"publisher","first-page":"13333","DOI":"10.1109\/JIOT.2023.3262822","volume":"10","author":"DDN Nguyen","year":"2023","unstructured":"Nguyen DDN, Sood K, Xiang Y, Gao L, Chi L, Yu S (2023) Toward IoT node authentication mechanism in next generation networks. IEEE Internet Things J 10(15):13333\u201313341","journal-title":"IEEE Internet Things J"},{"key":"574_CR61","doi-asserted-by":"publisher","first-page":"1023","DOI":"10.1109\/ACCESS.2022.3233775","volume":"11","author":"OD Okey","year":"2023","unstructured":"Okey OD, Melgarejo DC, Saadi M, Rosa RL, Kleinschmidt JH, Rodr\u00edguez DZ (2023) Transfer learning approach to IDS on cloud IoT devices using optimized CNN. IEEE Access 11:1023\u20131038","journal-title":"IEEE Access"},{"key":"574_CR62","doi-asserted-by":"publisher","first-page":"3556","DOI":"10.1109\/OJCOMS.2024.3411071","volume":"5","author":"E Paolini","year":"2024","unstructured":"Paolini E, de Marinis L, Scano D, Paolucci F (2024) In-line any-depth deep neural networks using P4 switches. IEEE Open J Commun Soc 5:3556\u20133567","journal-title":"IEEE Open J Commun Soc"},{"key":"574_CR63","doi-asserted-by":"crossref","unstructured":"Puccetti T, Ceccarelli A (2024) Detection latencies of anomaly detectors: an overlooked perspective. In: IEEE international symposium on software reliability engineering (ISSRE), pp 304\u2013310","DOI":"10.1109\/ISSRE62328.2024.00015"},{"key":"574_CR64","doi-asserted-by":"crossref","unstructured":"Puccetti T, Ceccarelli A, Catrical\u00e0 M, Marchetti M, Pappalardo A, Vecchio M et\u00a0al (2024) ROSPaCe: intrusion detection dataset for a ROS2-based cyber-physical system and IoT networks. Sci Data 11(311)","DOI":"10.1038\/s41597-024-03311-2"},{"key":"574_CR65","doi-asserted-by":"crossref","unstructured":"Radhakrishna T, Majd NE (2024) Edge computing ransomware detection in IoT using machine learning. In: International conference on computing, networking and communications (ICNC). Big Island, HI, USA, pp 244\u2013248","DOI":"10.1109\/ICNC59896.2024.10556351"},{"key":"574_CR66","doi-asserted-by":"crossref","unstructured":"Ramkumar G, Prabu AGRT, Nirmala P, Ramya G (2022) Strong and stable data communication using artificial intelligence method in mobile Ad-Hoc networks. In: International conference on innovative computing, intelligent communication and smart electrical systems (ICSES), pp 1\u201310","DOI":"10.1109\/ICSES55317.2022.9914192"},{"issue":"3","key":"574_CR67","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1109\/JETCAS.2021.3097699","volume":"11","author":"M Ricci","year":"2021","unstructured":"Ricci M, \u0160titi\u0107 B, Urbinati L, De Guglielmo G, Vasquez JAT, Carloni LP et al (2021) Machine-learning-based microwave sensing: a case study for the food industry. IEEE J Emerging Sel Topics Circuits Syst 11(3):503\u2013514","journal-title":"IEEE J Emerging Sel Topics Circuits Syst"},{"issue":"14","key":"574_CR68","doi-asserted-by":"publisher","first-page":"28521","DOI":"10.1109\/JIOT.2025.3566962","volume":"12","author":"SS Sahoo","year":"2025","unstructured":"Sahoo SS, Das D (2025) Design of key agreement authentication scheme with IDS using OS-RVFL neural network for secure fog computing. IEEE Internet Things J 12(14):28521\u201328530","journal-title":"IEEE Internet Things J"},{"key":"574_CR69","doi-asserted-by":"publisher","first-page":"105887","DOI":"10.1109\/ACCESS.2024.3435920","volume":"12","author":"S Sakraoui","year":"2024","unstructured":"Sakraoui S, Ahmim A, Derdour M, Ahmim M, Namane S, Ben DI (2024) FBMP-IDS: FL-based blockchain-powered lightweight MPC-secured IDS for 6G networks. IEEE Access 12:105887\u2013105905","journal-title":"IEEE Access"},{"issue":"4","key":"574_CR70","doi-asserted-by":"publisher","first-page":"1862","DOI":"10.1109\/TCCN.2022.3186331","volume":"8","author":"MSE Sayed","year":"2022","unstructured":"Sayed MSE, Le-Khac NA, Azer MA, Jurcut AD (2022) A flow-based anomaly detection approach with feature selection method against DDoS attacks in SDNs. IEEE Trans Cognit Commun Netw 8(4):1862\u20131880","journal-title":"IEEE Trans Cognit Commun Netw"},{"key":"574_CR71","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/TIFS.2021.3131026","volume":"17","author":"G Shan","year":"2022","unstructured":"Shan G, Zhao B, Clavin JR, Zhang H, Duan S (2022) Poligraph: intrusion-tolerant and distributed fake news detection system. IEEE Trans Inf Forens Secur 17:28\u201341","journal-title":"IEEE Trans Inf Forens Secur"},{"issue":"16","key":"574_CR72","doi-asserted-by":"publisher","first-page":"12569","DOI":"10.1109\/JIOT.2020.3029248","volume":"8","author":"P Singh","year":"2021","unstructured":"Singh P, Kaur A, Aujla GS, Batth RS, Kanhere S (2021) DaaS: dew computing as a service for intelligent intrusion detection in edge-of-things ecosystem. IEEE Internet Things J 8(16):12569\u201312577","journal-title":"IEEE Internet Things J"},{"issue":"1","key":"574_CR73","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1109\/JIOT.2021.3098051","volume":"9","author":"S Singh","year":"2022","unstructured":"Singh S, Sulthana R, Shewale T, Chamola V, Benslimane A, Sikdar B (2022) Machine-learning-assisted security and privacy provisioning for edge computing: a survey. IEEE Internet Things J 9(1):236\u2013260","journal-title":"IEEE Internet Things J"},{"key":"574_CR74","doi-asserted-by":"crossref","unstructured":"Sommer R, Paxson V (2010) Outside the closed world: on using machine learning for network intrusion detection. In: IEEE symposium on security and privacy. Oakland, CA, USA, pp 305\u2013316","DOI":"10.1109\/SP.2010.25"},{"key":"574_CR75","doi-asserted-by":"publisher","first-page":"14260","DOI":"10.1109\/ACCESS.2022.3144679","volume":"10","author":"U Srilakshmi","year":"2022","unstructured":"Srilakshmi U, Alghamdi SA, Vuyyuru VA, Veeraiah N, Alotaibi Y (2022) A secure optimization routing algorithm for mobile ad hoc networks. IEEE Access 10:14260\u201314269","journal-title":"IEEE Access"},{"issue":"4","key":"574_CR76","doi-asserted-by":"publisher","first-page":"1023","DOI":"10.1109\/TCE.2023.3318150","volume":"69","author":"JH Syu","year":"2023","unstructured":"Syu JH, Lin JCW, Srivastava G, Yu K (2023) A comprehensive survey on artificial intelligence empowered edge computing on consumer electronics. IEEE Trans Consum Electron 69(4):1023\u20131034","journal-title":"IEEE Trans Consum Electron"},{"key":"574_CR77","doi-asserted-by":"publisher","first-page":"23096","DOI":"10.1109\/ACCESS.2024.3362803","volume":"12","author":"M Thankappan","year":"2024","unstructured":"Thankappan M, Rif\u00e0-Pous H, Garrigues C (2024) A signature-based wireless intrusion detection system framework for multi-channel man-in-the-middle attacks against protected Wi-Fi networks. IEEE Access 12:23096\u201323121","journal-title":"IEEE Access"},{"issue":"3","key":"574_CR78","doi-asserted-by":"publisher","first-page":"1963","DOI":"10.1109\/TII.2019.2938778","volume":"16","author":"Z Tian","year":"2020","unstructured":"Tian Z, Luo C, Qiu J, Du X, Guizani M (2020) A distributed deep learning system for web attack detection on edge devices. IEEE Trans Ind Inf 16(3):1963\u20131971","journal-title":"IEEE Trans Ind Inf"},{"key":"574_CR79","doi-asserted-by":"crossref","unstructured":"Tripathy AK, Mishra AK, Panda R (2024) Performance comparison and analysis of machine learning and deep learning models for network intrusion detection in IoT-edge frameworks. In: International conference on emerging trends in information technology and engineering (ICETITE). Vellore, India, pp 1\u20136","DOI":"10.1109\/ic-ETITE58242.2024.10493276"},{"key":"574_CR80","doi-asserted-by":"publisher","first-page":"424","DOI":"10.1109\/JRFID.2023.3279329","volume":"7","author":"R Uddin","year":"2023","unstructured":"Uddin R, Kumar SAP (2023) SDN-based federated learning approach for satellite-IoT framework to enhance data security and privacy in space communication. IEEE J Radio Frequency Identif 7:424\u2013440","journal-title":"IEEE J Radio Frequency Identif"},{"key":"574_CR81","unstructured":"Usman Y, Upadhyay A, Gyawali P, Chataut R (2024) Is generative AI the next tactical cyber weapon for threat actors? A deep dive into GenAI-enabled offensive capabilities. arXiv preprint arXiv:2408.12806"},{"issue":"4","key":"574_CR82","doi-asserted-by":"publisher","first-page":"2386","DOI":"10.1109\/TII.2021.3104003","volume":"18","author":"Y Wang","year":"2022","unstructured":"Wang Y, Yang S, Ren X, Zhao P, Zhao C, Yang X (2022) IndustEdge: a time-sensitive networking enabled edge-cloud collaborative intelligent platform for smart industry. IEEE Trans Ind Inf 18(4):2386\u20132398","journal-title":"IEEE Trans Ind Inf"},{"issue":"24","key":"574_CR83","doi-asserted-by":"publisher","first-page":"22008","DOI":"10.1109\/JIOT.2023.3304318","volume":"10","author":"C Wang","year":"2023","unstructured":"Wang C, Yuan Z, Zhou P, Xu Z, Li R, Wu DO (2023) The security and privacy of mobile-edge computing: an artificial intelligence perspective. IEEE Internet Things J 10(24):22008\u201322032","journal-title":"IEEE Internet Things J"},{"issue":"8","key":"574_CR84","doi-asserted-by":"publisher","first-page":"1262","DOI":"10.1093\/comjnl\/bxt079","volume":"57","author":"C Widanapathirana","year":"2014","unstructured":"Widanapathirana C, Li JC, Ivanovich MV, Fitzpatrick PG (2014) Adaptive statistical signatures of network soft-failures in user devices. Comput J 57(8):1262\u20131278","journal-title":"Comput J"},{"issue":"2","key":"574_CR85","doi-asserted-by":"publisher","first-page":"1624","DOI":"10.1109\/TDSC.2022.3160879","volume":"20","author":"Y Wu","year":"2023","unstructured":"Wu Y et al (2023) Paradise: real-time, generalized, and distributed provenance-based intrusion detection. IEEE Trans Depend Secure Comput 20(2):1624\u20131640","journal-title":"IEEE Trans Depend Secure Comput"},{"key":"574_CR86","doi-asserted-by":"publisher","first-page":"416","DOI":"10.1109\/ACCESS.2016.2517321","volume":"4","author":"J Wu","year":"2016","unstructured":"Wu J, Ota K, Dong M, Li C (2016) A hierarchical security framework for defending against sophisticated attacks on wireless sensor networks in smart cities. IEEE Access 4:416\u2013424","journal-title":"IEEE Access"},{"issue":"4","key":"574_CR87","doi-asserted-by":"publisher","first-page":"3094","DOI":"10.1109\/JIOT.2021.3112159","volume":"10","author":"Y Wu","year":"2023","unstructured":"Wu Y, Nie L, Wang S, Ning Z, Li S (2023) Intelligent intrusion detection for internet of things security: a deep convolutional generative adversarial network-enabled approach. IEEE Internet Things J 10(4):3094\u20133106","journal-title":"IEEE Internet Things J"},{"issue":"4","key":"574_CR88","doi-asserted-by":"publisher","first-page":"3094","DOI":"10.1109\/JIOT.2021.3112159","volume":"10","author":"Y Wu","year":"2023","unstructured":"Wu Y, Nie L, Wang S, Ning Z, Li S (2023) Intelligent intrusion detection for internet of things security: a deep convolutional generative adversarial network-enabled approach. IEEE Internet Things J 10(4):3094\u20133106","journal-title":"IEEE Internet Things J"},{"issue":"20","key":"574_CR89","doi-asserted-by":"publisher","first-page":"17620","DOI":"10.1109\/JIOT.2023.3277541","volume":"10","author":"G Wu","year":"2023","unstructured":"Wu G, Wang H, Zhang H, Zhao Y, Yu S, Shen S (2023) Computation offloading method using stochastic games for software-defined-network-based multiagent mobile edge computing. IEEE Internet Things J 10(20):17620\u201317634","journal-title":"IEEE Internet Things J"},{"key":"574_CR90","unstructured":"Xu H, Wu D, Lu Y, Lu J, Zeng H (2024) Models on the move: towards feasible embedded AI for intrusion detection on vehicular can bus. In: USENIX annual technical conference (USENIX ATC 24). Santa Clara CA USA, pp 1049\u20131063"},{"key":"574_CR91","doi-asserted-by":"crossref","unstructured":"Yagiz MA, MohajerAnsari P, Pes\u00e9 MD, Goktas P (2024) Transforming in-vehicle network intrusion detection: VAE-based knowledge distillation meets explainable AI. In: 6th workshop on CPS&IoT security and privacy (CPSIoTSec\u201924). Salt Lake City, UT, USA, pp 93\u2013103","DOI":"10.1145\/3690134.3694819"},{"key":"574_CR92","doi-asserted-by":"publisher","first-page":"24168","DOI":"10.1109\/ACCESS.2021.3056149","volume":"9","author":"A Yahyaoui","year":"2021","unstructured":"Yahyaoui A, Abdellatif T, Yangui S, Attia R (2021) READ-IoT: reliable event and anomaly detection framework for the internet of things. IEEE Access 9:24168\u201324186","journal-title":"IEEE Access"},{"issue":"3","key":"574_CR93","doi-asserted-by":"publisher","first-page":"2269","DOI":"10.1109\/TNSM.2022.3175710","volume":"19","author":"L Yang","year":"2022","unstructured":"Yang L, Song Y, Gao S, Hu A, Xiao B (2022) Griffin: real-time network intrusion detection system via ensemble of autoencoder in SDN. IEEE Trans Netw Serv Manag 19(3):2269\u20132281","journal-title":"IEEE Trans Netw Serv Manag"},{"issue":"10","key":"574_CR94","doi-asserted-by":"publisher","first-page":"8491","DOI":"10.1109\/JIOT.2022.3196942","volume":"10","author":"A Zainudin","year":"2023","unstructured":"Zainudin A, Ahakonye LAC, Akter R, Kim DS, Lee JM (2023) An efficient hybrid-DNN for DDoS detection and classification in software-defined IIoT networks. IEEE Internet Things J 10(10):8491\u20138504","journal-title":"IEEE Internet Things J"},{"key":"574_CR95","doi-asserted-by":"publisher","first-page":"123505","DOI":"10.1109\/ACCESS.2022.3208091","volume":"10","author":"L Zhang","year":"2022","unstructured":"Zhang L, Yan X, Ma D (2022) A binarized neural network approach to accelerate in-vehicle network intrusion detection. IEEE Access 10:123505\u2013123520","journal-title":"IEEE Access"},{"key":"574_CR96","doi-asserted-by":"crossref","unstructured":"Zhang B, Wang Z, Miao W (2025) Real-time intrusion detection method based on frequency domain simplified dual-PINN. In: 8th international conference on electronic information technology and computer engineering (EITCE\u201924). NY, USA, New York, pp 292\u2013299","DOI":"10.1145\/3711129.3711181"},{"issue":"11","key":"574_CR97","doi-asserted-by":"publisher","first-page":"8119","DOI":"10.1109\/JIOT.2021.3097156","volume":"9","author":"L Zhu","year":"2022","unstructured":"Zhu L, Liang H, Wang H, Ning B, Tang T (2022) Joint security and train control design in blockchain-empowered CBTC system. IEEE Internet Things J 9(11):8119\u20138129","journal-title":"IEEE Internet Things J"},{"key":"574_CR98","doi-asserted-by":"publisher","first-page":"132","DOI":"10.1109\/OJITS.2023.3347484","volume":"5","author":"S Zidi","year":"2024","unstructured":"Zidi S, Alaya B, Moulahi T, Al-Shargabi A, Khediri SE (2024) Fault prediction and recovery using machine learning techniques and the HTM algorithm in vehicular network environment. IEEE Open J Intell Transp Syst 5:132\u2013145","journal-title":"IEEE Open J Intell Transp Syst"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-026-00574-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-026-00574-7","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-026-00574-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T08:03:05Z","timestamp":1774425785000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-026-00574-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,25]]},"references-count":98,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["574"],"URL":"https:\/\/doi.org\/10.1186\/s42400-026-00574-7","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,25]]},"assertion":[{"value":"24 November 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 March 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 March 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"144"}}