DUdetector: A dual-granularity unsupervised model for network anomaly detection

Internet of Things (IoT) devices are often used as springboards for network intrusion due to the open nature of IoT protocol stacks that enable automatic inter-connection and data sharing among devices, so it is critical to develop network anomaly detection algorithms that can be deployed at importa...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Computer networks (Amsterdam, Netherlands : 1999) Ročník 257; s. 110937
Hlavní autoři: Geng, Haijun, Ma, Qi, Chi, Haotian, Zhang, Zhi, Yang, Jing, Yin, Xia
Médium: Journal Article
Jazyk:angličtina
Vydáno: Elsevier B.V 01.02.2025
Témata:
AutoEncoder
Dual-granularity
Internet of things attack
Transformer
Unsupervised anomaly detection
Transformer
Dual-granularity
Internet of things attack
AutoEncoder
Unsupervised anomaly detection
ISSN:1389-1286
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Abstract Internet of Things (IoT) devices are often used as springboards for network intrusion due to the open nature of IoT protocol stacks that enable automatic inter-connection and data sharing among devices, so it is critical to develop network anomaly detection algorithms that can be deployed at important nodes such as gateways and routers. However, existing detection algorithms based on signature rules and supervised machine learning heavily rely on known anomaly types, yielding low detection accuracy when deployed in realistic network environments with a significant number of unknown attacks. With this in mind, we propose DUdetector, an unsupervised anomaly detection algorithm by employing Transformer and Conv1d&MaxPool1d AutoEncoder with residual connection (abbr., CM&RC-AE) to realize a dual-granularity learning from the perspective of segments and points, respectively. Specifically, we perform coarse-grained segment-level anomaly detection based on an improved Transformer to detect whether there is any anomalous traffic within a time window. Then, we perform fine-grained point-level anomaly detection based on CM&RC-AE for each packet within the problematic segment output by the first step. Extensive experiments on three datasets (SSDP Flood, Mirai and IDS2017) demonstrate that our DUdetector achieves a better performance than existing work: an F1-score of 95.98% for Mirai, and over 99.2% for both SSDP Flood and IDS2017, with false positive rates less than 0.5% for all three datasets.
AbstractList Internet of Things (IoT) devices are often used as springboards for network intrusion due to the open nature of IoT protocol stacks that enable automatic inter-connection and data sharing among devices, so it is critical to develop network anomaly detection algorithms that can be deployed at important nodes such as gateways and routers. However, existing detection algorithms based on signature rules and supervised machine learning heavily rely on known anomaly types, yielding low detection accuracy when deployed in realistic network environments with a significant number of unknown attacks. With this in mind, we propose DUdetector, an unsupervised anomaly detection algorithm by employing Transformer and Conv1d&MaxPool1d AutoEncoder with residual connection (abbr., CM&RC-AE) to realize a dual-granularity learning from the perspective of segments and points, respectively. Specifically, we perform coarse-grained segment-level anomaly detection based on an improved Transformer to detect whether there is any anomalous traffic within a time window. Then, we perform fine-grained point-level anomaly detection based on CM&RC-AE for each packet within the problematic segment output by the first step. Extensive experiments on three datasets (SSDP Flood, Mirai and IDS2017) demonstrate that our DUdetector achieves a better performance than existing work: an F1-score of 95.98% for Mirai, and over 99.2% for both SSDP Flood and IDS2017, with false positive rates less than 0.5% for all three datasets.
ArticleNumber 110937
Author Ma, Qi
Geng, Haijun
Chi, Haotian
Yang, Jing
Yin, Xia
Zhang, Zhi
Author_xml – sequence: 1
  givenname: Haijun
  surname: Geng
  fullname: Geng, Haijun
  email: genghaijun@sxu.edu.cn
  organization: School of Automation and Software Engineering, Shanxi University, Taiyuan, 030006, China
– sequence: 2
  givenname: Qi
  surname: Ma
  fullname: Ma, Qi
  organization: School of Automation and Software Engineering, Shanxi University, Taiyuan, 030006, China
– sequence: 3
  givenname: Haotian
  surname: Chi
  fullname: Chi, Haotian
  organization: School of Automation and Software Engineering, Shanxi University, Taiyuan, 030006, China
– sequence: 4
  givenname: Zhi
  surname: Zhang
  fullname: Zhang, Zhi
  organization: School of Automation and Software Engineering, Shanxi University, Taiyuan, 030006, China
– sequence: 5
  givenname: Jing
  surname: Yang
  fullname: Yang, Jing
  organization: School of Automation and Software Engineering, Shanxi University, Taiyuan, 030006, China
– sequence: 6
  givenname: Xia
  surname: Yin
  fullname: Yin, Xia
  organization: Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, China
BookMark eNqFkL1OwzAUhT0UibbwBgx-gQT_kcQdkKoCBalSFzpbrn2DXBK7spOivj2pwsQA052-c-75ZmjigweE7ijJKaHF_SE3ofXQ5YwwkVNKJC8naEp5JTPKquIazVI6EEKEYNUUbZ92FjowXYgLvMS21032EbXvGx1dd8a9T_0R4sklsLgNFhpch4iHgq8QP7H2odXNGY8ZLvgbdFXrJsHtz52j3cvz--o122zXb6vlJjOcFF3GoeCS7gEMkcQKUfK62u9LUxouCmu4hspKYJJpoPBQVKZmopC0NIzYYRLlcyTGXBNDShFqdYyu1fGsKFEXEeqgRhHqIkKNIgZs8QszrtOXx7uoXfMf_DjCMAw7OYgqGQfegHVxWK9scH8HfAObmIGK
CitedBy_id crossref_primary_10_1016_j_compeleceng_2025_110627
Cites_doi 10.1109/COMST.2015.2494502
10.14722/ndss.2018.23204
10.3390/s24020713
10.1145/3178876.3185996
10.1145/2924715.2924719
10.1145/3336191.3371876
10.1109/JIOT.2021.3100509
10.1145/948143.948145
10.1145/342009.335388
10.1007/s11227-019-02805-w
10.1145/3395351.3399421
10.1609/aaai.v35i12.17325
10.1145/2897845.2897860
10.1145/3313391
10.1007/978-3-319-24574-4_28
10.3923/itj.2011.648.655
10.1145/948234.948236
10.1109/COMST.2018.2863942
10.4108/eai.3-12-2015.2262516
10.1109/JIOT.2020.3009180
10.1145/3133956.3134015
10.1145/3460120.3484589
10.1145/3243734.3243862
10.1109/ICCV48922.2021.00986
10.1109/ACCESS.2017.2747560
10.1145/3319535.3363226
10.1016/j.iot.2023.100851
10.1145/3460120.3484585
10.1109/SURV.2013.052213.00046
10.14722/ndss.2024.23216
10.1016/j.comnet.2019.107049
10.1109/INFOCOM41043.2020.9155278
10.1016/j.asoc.2022.108768
10.1016/j.eswa.2022.119330
10.14722/ndss.2014.23269
ContentType Journal Article
Copyright 2024 Elsevier B.V.
Copyright_xml – notice: 2024 Elsevier B.V.
DBID AAYXX
CITATION
DOI 10.1016/j.comnet.2024.110937
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
ExternalDocumentID 10_1016_j_comnet_2024_110937
S1389128624007692
GrantInformation_xml – fundername: Postgraduate Education Innovation Program of Shanxi Province
  grantid: 2024KY137
– fundername: National Natural Science Foundation of China
  grantid: 62472267; 62302282; 62406181
  funderid: http://dx.doi.org/10.13039/501100001809
– fundername: Shanxi Province Science Foundation
  grantid: 202203021222005
  funderid: http://dx.doi.org/10.13039/501100010010
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1~.
1~5
29F
4.4
457
4G.
5GY
5VS
6OB
7-5
71M
77I
77K
8P~
AABNK
AAEDT
AAEDW
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AATTM
AAXKI
AAXUO
AAYFN
AAYWO
ABBOA
ABFNM
ABJNI
ABMAC
ABXDB
ACDAQ
ACGFS
ACLOT
ACNNM
ACRLP
ACVFH
ACZNC
ADBBV
ADCNI
ADEZE
ADJOM
ADTZH
AEBSH
AECPX
AEIPS
AEKER
AENEX
AEUPX
AFJKZ
AFPUW
AFTJW
AGHFR
AGUBO
AGYEJ
AHJVU
AHZHX
AIALX
AIEXJ
AIGII
AIIUN
AIKHN
AITUG
AKBMS
AKRWK
AKYEP
ALMA_UNASSIGNED_HOLDINGS
AMRAJ
ANKPU
AOUOD
APXCP
AXJTR
BJAXD
BKOJK
BLXMC
CS3
DU5
EBS
EFJIC
EFKBS
EFLBG
EJD
EO8
EO9
EP2
EP3
F0J
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-Q
GBLVA
GBOLZ
HVGLF
HZ~
IHE
J1W
JJJVA
KOM
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
PC.
PQQKQ
Q38
R2-
ROL
RPZ
RXW
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SST
SSV
SSZ
T5K
TAE
TN5
ZMT
ZY4
~G-
~HD
9DU
AAYXX
CITATION
ID FETCH-LOGICAL-c306t-3e6391beec090d4473f8bb7c7c346dc3ae8d9e292ae1e568cf246917c20d10913
ISICitedReferencesCount 3
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001370596900001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 1389-1286
IngestDate Sat Nov 29 07:30:09 EST 2025
Tue Nov 18 21:21:48 EST 2025
Sun Oct 19 01:37:39 EDT 2025
IsPeerReviewed true
IsScholarly true
Keywords Transformer
Dual-granularity
Internet of things attack
AutoEncoder
Unsupervised anomaly detection
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c306t-3e6391beec090d4473f8bb7c7c346dc3ae8d9e292ae1e568cf246917c20d10913
ParticipantIDs crossref_primary_10_1016_j_comnet_2024_110937
crossref_citationtrail_10_1016_j_comnet_2024_110937
elsevier_sciencedirect_doi_10_1016_j_comnet_2024_110937
PublicationCentury 2000
PublicationDate February 2025
2025-02-00
PublicationDateYYYYMMDD 2025-02-01
PublicationDate_xml – month: 02
  year: 2025
  text: February 2025
PublicationDecade 2020
PublicationTitle Computer networks (Amsterdam, Netherlands : 1999)
PublicationYear 2025
Publisher Elsevier B.V
Publisher_xml – name: Elsevier B.V
References R. Wang, K. Nie, T. Wang, Y. Yang, B. Long, Deep learning for anomaly detection, in: Proceedings of the 13th International Conference on Web Search and Data Mining, 2020.
Meng, Liu, Zhu, Zhang, Pei, Liu, Chen, Zhang, Tao, Sun (b38) 2019
A. Acar, H. Fereidooni, T. Abera, A.K. Sikder, M. Miettinen, H. Aksu, M. Conti, A.-R. Sadeghi, S. Uluagac, Peek-a-boo: I see your smart home activities, even encrypted!, in: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2020.
Pervez, Farid (b56) 2014
Nguyen, Le (b22) 2023; 23
Muda, Yassin, Sulaiman, Udzir (b8) 2011; 10
Roesch (b14) 1999
B. Krishnamurthy, S. Sen, Y. Zhang, Y. Chen, Sketch-based change detection: Methods, evaluation, and applications, in: Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement, 2003.
H. Xu, W. Chen, N. Zhao, Z. Li, J. Bu, Z. Li, Y. Liu, Y. Zhao, D. Pei, Y. Feng, et al., Unsupervised anomaly detection via variational auto-encoder for seasonal kpis in web applications, in: Proceedings of the 2018 World Wide Web Conference, 2018.
Yu (b11) 2012; 4
D. Han, Z. Wang, W. Chen, Y. Zhong, S. Wang, H. Zhang, J. Yang, X. Shi, X. Yin, Deepaid: Interpreting and improving deep learning-based anomaly detection in security applications, in: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 2021.
T. Nelms, R. Perdisci, M. Antonakakis, M. Ahamad, WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths, in: 24th USENIX Security Symposium, USENIX Security 15, 2015.
H. Zhou, S. Zhang, J. Peng, S. Zhang, J. Li, H. Xiong, W. Zhang, Informer: Beyond efficient transformer for long sequence time-series forecasting, in: Proceedings of the AAAI Conference on Artificial Intelligence, 2021.
R. Child, S. Gray, A. Radford, I. Sutskever, Generating long sequences with sparse transformers, arXiv preprint
C.A. Huang, A. Vaswani, J. Uszkoreit, I. Simon, C. Hawthorne, N. Shazeer, A.M. Dai, M.D. Hoffman, M. Dinculescu, D. Eck, Music Transformer: Generating Music with Long-Term Structure, in: 7th International Conference on Learning Representations, 2019.
M. Du, Z. Chen, C. Liu, R. Oak, D. Song, Lifelong anomaly detection through unlearning, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019.
O. Ronneberger, P. Fischer, T. Brox, U-net: Convolutional networks for biomedical image segmentation, in: Medical Image Computing and Computer-Assisted Intervention–MICCAI: 18th International Conference, 2015.
J. Devlin, M. Chang, K. Lee, K. Toutanova, BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding, in: Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies(NAACL-HLT), 2019.
Zhang, Cole, Ge, Wei, Yu, Lu, Chen, Shen, Blasch, Pham (b31) 2016; 16
Waswani, Shazeer, Parmar, Uszkoreit, Jones, Gomez, Kaiser, Polosukhin (b40) 2017
Beltagy, Peters, Cohan (b54) 2020
M. Antonakakis, R. Perdisci, Y. Nadji, N. Vasiloglou, S. Abu-Nimeh, W. Lee, D. Dagon, From throw-away traffic to bots: detecting the rise of DGA-based malware, in: Proceedings of the 21st USENIX Conference on Security Symposium, 2012.
.
C. Fu, Q. Li, M. Shen, K. Xu, Realtime robust malicious traffic detection via frequency domain analysis, in: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 2021, pp. 3431–3446.
Altulaihan, Almaiah, Aljughaiman (b4) 2024; 24
(b15) 2024
Khanday, Fatima, Rakesh (b3) 2023; 215
Zhong, Chen, Wang, Chen, Wang, Li, Yin, Shi, Yang, Li (b17) 2020; 169
N. Kitaev, L. Kaiser, A. Levskaya, Reformer: The Efficient Transformer, in: 8th International Conference on Learning Representations, 2020.
Mushtaq, Zameer, Umer, Abbasi (b57) 2022; 121
M. Du, F. Li, G. Zheng, V. Srikumar, Deeplog: Anomaly detection and diagnosis from system logs through deep learning, in: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017.
J. Xu, H. Wu, J. Wang, M. Long, Anomaly Transformer: Time Series Anomaly Detection with Association Discrepancy, in: International Conference on Learning Representations, 2022.
H. Li, H. Hu, G. Gu, G.-J. Ahn, F. Zhang, vNIDS: Towards elastic security with safe and efficient virtualization of network intrusion detection systems, in: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, 2018.
Z. Liu, Y. Lin, Y. Cao, H. Hu, Y. Wei, Z. Zhang, S. Lin, B. Guo, Swin transformer: Hierarchical vision transformer using shifted windows, in: Proceedings of the IEEE/CVF International Conference on Computer Vision, 2021.
A. Javaid, Q. Niyaz, W. Sun, M. Alam, A deep learning approach for network intrusion detection system, in: Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies, 2016.
Bhuyan, Bhattacharyya, Kalita (b28) 2013; 16
(b1) 2023
S. Chen, M. Xue, Z. Tang, L. Xu, H. Zhu, Stormdroid: A streaminglized machine learning-based system for detecting android malware, in: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016.
Lopez-Martin, Carro, Sanchez-Esguevillas, Lloret (b18) 2017; 5
M.M. Breunig, H.-P. Kriegel, R.T. Ng, J. Sander, LOF: identifying density-based local outliers, in: ACM SIGMOD International Conference on Management of Data, 2000.
R. Tang, Z. Yang, Z. Li, W. Meng, H. Wang, Q. Li, Y. Sun, D. Pei, T. Wei, Y. Xu, et al., Zerowall: Detecting zero-day web attacks through encoder-decoder recurrent neural networks, in: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, 2020.
Gao, Gan, Buschendorf, Zhang, Liu, Li, Dong, Lu (b58) 2020; 8
L. Invernizzi, S. Miskovic, R. Torres, C. Kruegel, S. Saha, G. Vigna, S. Lee, M. Mellia, Nazca: Detecting Malware Distribution in Large-Scale Networks, in: 21st Annual Network and Distributed System Security Symposium, NDSS, 2014.
Buczak, Guven (b36) 2016; 18
Brown, Mann, Ryder, Subbiah, Kaplan, Dhariwal, Neelakantan, Shyam, Sastry, Askell (b42) 2020; 33
Choi, Kim, Lee, Kim (b26) 2019; 75
A. Dosovitskiy, L. Beyer, A. Kolesnikov, D. Weissenborn, X. Zhai, T. Unterthiner, M. Dehghani, M. Minderer, G. Heigold, S. Gelly, J. Uszkoreit, N. Houlsby, An Image is Worth 16x16 Words: Transformers for Image Recognition at Scale, in: 9th International Conference on Learning Representations, 2021.
(b2) 2023
Y. Mirsky, T. Doitshman, Y. Elovici, A. Shabtai, Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection, in: 25th Annual Network and Distributed System Security Symposium, NDSS, 2018.
C. Fung, E. Zeng, L. Bauer, Attributions for ML-based ICS Anomaly Detection: From Theory to Practice, in: 31st Annual Network and Distributed System Security Symposium, NDSS, 2024.
W. Lee, D. Xiang, Information-theoretic measures for anomaly detection, in: Proceedings IEEE Symposium on Security and Privacy, S&P, 2000.
R. Sommer, V. Paxson, Enhancing byte-level network intrusion detection signatures with context, in: 10th ACM Conference on Computer and Communications Security, 2003.
Chen, Chen, Zhang, Yuan, Cheng (b50) 2021; 9
Onwuzurike, Mariconti, Andriotis, Cristofaro, Ross, Stringhini (b32) 2019; 22
Li, Jin, Xuan, Zhou, Chen, Wang, Yan (b44) 2019; 32
K. Borders, J. Springer, M. Burnside, Chimera: A declarative language for streaming network traffic analysis, in: 21st USENIX Security Symposium (USENIX Security), 2012.
Jing, Yan, Pedrycz (b27) 2018; 21
Wu, Xu, Wang, Long (b46) 2021; 34
Buczak, Guven (b13) 2015; 18
Muda (10.1016/j.comnet.2024.110937_b8) 2011; 10
10.1016/j.comnet.2024.110937_b34
10.1016/j.comnet.2024.110937_b33
10.1016/j.comnet.2024.110937_b35
10.1016/j.comnet.2024.110937_b30
Li (10.1016/j.comnet.2024.110937_b44) 2019; 32
Pervez (10.1016/j.comnet.2024.110937_b56) 2014
Beltagy (10.1016/j.comnet.2024.110937_b54) 2020
Altulaihan (10.1016/j.comnet.2024.110937_b4) 2024; 24
10.1016/j.comnet.2024.110937_b37
10.1016/j.comnet.2024.110937_b39
Mushtaq (10.1016/j.comnet.2024.110937_b57) 2022; 121
Jing (10.1016/j.comnet.2024.110937_b27) 2018; 21
Buczak (10.1016/j.comnet.2024.110937_b13) 2015; 18
Zhong (10.1016/j.comnet.2024.110937_b17) 2020; 169
10.1016/j.comnet.2024.110937_b23
10.1016/j.comnet.2024.110937_b25
10.1016/j.comnet.2024.110937_b24
10.1016/j.comnet.2024.110937_b21
10.1016/j.comnet.2024.110937_b20
Chen (10.1016/j.comnet.2024.110937_b50) 2021; 9
10.1016/j.comnet.2024.110937_b29
(10.1016/j.comnet.2024.110937_b1) 2023
(10.1016/j.comnet.2024.110937_b15) 2024
Lopez-Martin (10.1016/j.comnet.2024.110937_b18) 2017; 5
Waswani (10.1016/j.comnet.2024.110937_b40) 2017
Khanday (10.1016/j.comnet.2024.110937_b3) 2023; 215
10.1016/j.comnet.2024.110937_b12
10.1016/j.comnet.2024.110937_b55
10.1016/j.comnet.2024.110937_b52
Zhang (10.1016/j.comnet.2024.110937_b31) 2016; 16
10.1016/j.comnet.2024.110937_b51
10.1016/j.comnet.2024.110937_b10
Roesch (10.1016/j.comnet.2024.110937_b14) 1999
10.1016/j.comnet.2024.110937_b53
10.1016/j.comnet.2024.110937_b19
Choi (10.1016/j.comnet.2024.110937_b26) 2019; 75
Brown (10.1016/j.comnet.2024.110937_b42) 2020; 33
10.1016/j.comnet.2024.110937_b16
Yu (10.1016/j.comnet.2024.110937_b11) 2012; 4
Wu (10.1016/j.comnet.2024.110937_b46) 2021; 34
(10.1016/j.comnet.2024.110937_b2) 2023
Bhuyan (10.1016/j.comnet.2024.110937_b28) 2013; 16
Nguyen (10.1016/j.comnet.2024.110937_b22) 2023; 23
Buczak (10.1016/j.comnet.2024.110937_b36) 2016; 18
10.1016/j.comnet.2024.110937_b5
10.1016/j.comnet.2024.110937_b45
10.1016/j.comnet.2024.110937_b7
10.1016/j.comnet.2024.110937_b47
10.1016/j.comnet.2024.110937_b6
10.1016/j.comnet.2024.110937_b9
10.1016/j.comnet.2024.110937_b41
10.1016/j.comnet.2024.110937_b43
Gao (10.1016/j.comnet.2024.110937_b58) 2020; 8
10.1016/j.comnet.2024.110937_b49
10.1016/j.comnet.2024.110937_b48
Onwuzurike (10.1016/j.comnet.2024.110937_b32) 2019; 22
Meng (10.1016/j.comnet.2024.110937_b38) 2019
References_xml – reference: T. Nelms, R. Perdisci, M. Antonakakis, M. Ahamad, WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths, in: 24th USENIX Security Symposium, USENIX Security 15, 2015.
– reference: H. Xu, W. Chen, N. Zhao, Z. Li, J. Bu, Z. Li, Y. Liu, Y. Zhao, D. Pei, Y. Feng, et al., Unsupervised anomaly detection via variational auto-encoder for seasonal kpis in web applications, in: Proceedings of the 2018 World Wide Web Conference, 2018.
– volume: 24
  start-page: 713
  year: 2024
  ident: b4
  article-title: Anomaly detection IDS for detecting DoS attacks in IoT networks based on machine learning algorithms
  publication-title: Sensors
– year: 2019
  ident: b38
  article-title: Loganomaly: Unsupervised detection of sequential and quantitative anomalies in unstructured logs
  publication-title: IJCAI
– reference: O. Ronneberger, P. Fischer, T. Brox, U-net: Convolutional networks for biomedical image segmentation, in: Medical Image Computing and Computer-Assisted Intervention–MICCAI: 18th International Conference, 2015.
– volume: 4
  start-page: 280
  year: 2012
  end-page: 288
  ident: b11
  article-title: A nonparametric adaptive CUSUM method and its application in network anomaly detection
  publication-title: Int. J. Adv. Comput. Technol
– reference: R. Wang, K. Nie, T. Wang, Y. Yang, B. Long, Deep learning for anomaly detection, in: Proceedings of the 13th International Conference on Web Search and Data Mining, 2020.
– year: 2017
  ident: b40
  article-title: Attention is all you need
  publication-title: NIPS
– volume: 5
  start-page: 18042
  year: 2017
  end-page: 18050
  ident: b18
  article-title: Network traffic classifier with convolutional and recurrent neural networks for internet of things
  publication-title: IEEE Access
– reference: A. Dosovitskiy, L. Beyer, A. Kolesnikov, D. Weissenborn, X. Zhai, T. Unterthiner, M. Dehghani, M. Minderer, G. Heigold, S. Gelly, J. Uszkoreit, N. Houlsby, An Image is Worth 16x16 Words: Transformers for Image Recognition at Scale, in: 9th International Conference on Learning Representations, 2021.
– reference: R. Tang, Z. Yang, Z. Li, W. Meng, H. Wang, Q. Li, Y. Sun, D. Pei, T. Wei, Y. Xu, et al., Zerowall: Detecting zero-day web attacks through encoder-decoder recurrent neural networks, in: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, 2020.
– reference: R. Sommer, V. Paxson, Enhancing byte-level network intrusion detection signatures with context, in: 10th ACM Conference on Computer and Communications Security, 2003.
– year: 2020
  ident: b54
  article-title: Longformer: The long-document transformer
– volume: 9
  start-page: 9179
  year: 2021
  end-page: 9189
  ident: b50
  article-title: Learning graph structures with transformer for multivariate time-series anomaly detection in IoT
  publication-title: IEEE Internet Things J.
– year: 2023
  ident: b2
  article-title: The state of IoT security
– volume: 22
  start-page: 1
  year: 2019
  end-page: 34
  ident: b32
  article-title: Mamadroid: Detecting android malware by building markov chains of behavioral models (extended version)
  publication-title: ACM Trans. Priv. Secur.
– reference: Y. Mirsky, T. Doitshman, Y. Elovici, A. Shabtai, Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection, in: 25th Annual Network and Distributed System Security Symposium, NDSS, 2018.
– reference: M. Du, Z. Chen, C. Liu, R. Oak, D. Song, Lifelong anomaly detection through unlearning, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019.
– volume: 16
  start-page: 303
  year: 2013
  end-page: 336
  ident: b28
  article-title: Network anomaly detection: methods, systems and tools
  publication-title: IEEE Commun. Surv. Tutor.
– volume: 10
  start-page: 648
  year: 2011
  end-page: 655
  ident: b8
  article-title: A K-means and naive Bayes learning approach for better intrusion detection
  publication-title: Inf. Technol. J.
– reference: A. Acar, H. Fereidooni, T. Abera, A.K. Sikder, M. Miettinen, H. Aksu, M. Conti, A.-R. Sadeghi, S. Uluagac, Peek-a-boo: I see your smart home activities, even encrypted!, in: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2020.
– reference: J. Xu, H. Wu, J. Wang, M. Long, Anomaly Transformer: Time Series Anomaly Detection with Association Discrepancy, in: International Conference on Learning Representations, 2022.
– reference: C. Fung, E. Zeng, L. Bauer, Attributions for ML-based ICS Anomaly Detection: From Theory to Practice, in: 31st Annual Network and Distributed System Security Symposium, NDSS, 2024.
– reference: L. Invernizzi, S. Miskovic, R. Torres, C. Kruegel, S. Saha, G. Vigna, S. Lee, M. Mellia, Nazca: Detecting Malware Distribution in Large-Scale Networks, in: 21st Annual Network and Distributed System Security Symposium, NDSS, 2014.
– volume: 18
  start-page: 1153
  year: 2015
  end-page: 1176
  ident: b13
  article-title: A survey of data mining and machine learning methods for cyber security intrusion detection
  publication-title: IEEE Commun. Surv. Tutor.
– reference: R. Child, S. Gray, A. Radford, I. Sutskever, Generating long sequences with sparse transformers, arXiv preprint
– year: 2023
  ident: b1
  article-title: The state of IoT
– year: 2024
  ident: b15
  article-title: Suricata: An open source threat detection engine
– reference: K. Borders, J. Springer, M. Burnside, Chimera: A declarative language for streaming network traffic analysis, in: 21st USENIX Security Symposium (USENIX Security), 2012.
– volume: 33
  start-page: 1877
  year: 2020
  end-page: 1901
  ident: b42
  article-title: Language models are few-shot learners
  publication-title: Adv. Neural Inf. Process. Syst.
– volume: 34
  start-page: 22419
  year: 2021
  end-page: 22430
  ident: b46
  article-title: Autoformer: Decomposition transformers with auto-correlation for long-term series forecasting
  publication-title: Adv. Neural Inf. Process. Syst.
– year: 2014
  ident: b56
  article-title: Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs
  publication-title: The 8th International Conference on Software, Knowledge, Information Management and Applications
– reference: C.A. Huang, A. Vaswani, J. Uszkoreit, I. Simon, C. Hawthorne, N. Shazeer, A.M. Dai, M.D. Hoffman, M. Dinculescu, D. Eck, Music Transformer: Generating Music with Long-Term Structure, in: 7th International Conference on Learning Representations, 2019.
– reference: M. Du, F. Li, G. Zheng, V. Srikumar, Deeplog: Anomaly detection and diagnosis from system logs through deep learning, in: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017.
– reference: A. Javaid, Q. Niyaz, W. Sun, M. Alam, A deep learning approach for network intrusion detection system, in: Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies, 2016.
– reference: M. Antonakakis, R. Perdisci, Y. Nadji, N. Vasiloglou, S. Abu-Nimeh, W. Lee, D. Dagon, From throw-away traffic to bots: detecting the rise of DGA-based malware, in: Proceedings of the 21st USENIX Conference on Security Symposium, 2012.
– volume: 8
  start-page: 951
  year: 2020
  end-page: 961
  ident: b58
  article-title: Omni SCADA intrusion detection using deep learning algorithms
  publication-title: IEEE Internet Things J.
– reference: H. Li, H. Hu, G. Gu, G.-J. Ahn, F. Zhang, vNIDS: Towards elastic security with safe and efficient virtualization of network intrusion detection systems, in: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, 2018.
– reference: B. Krishnamurthy, S. Sen, Y. Zhang, Y. Chen, Sketch-based change detection: Methods, evaluation, and applications, in: Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement, 2003.
– reference: H. Zhou, S. Zhang, J. Peng, S. Zhang, J. Li, H. Xiong, W. Zhang, Informer: Beyond efficient transformer for long sequence time-series forecasting, in: Proceedings of the AAAI Conference on Artificial Intelligence, 2021.
– volume: 121
  year: 2022
  ident: b57
  article-title: A two-stage intrusion detection system with auto-encoder and LSTMs
  publication-title: Appl. Soft Comput.
– reference: S. Chen, M. Xue, Z. Tang, L. Xu, H. Zhu, Stormdroid: A streaminglized machine learning-based system for detecting android malware, in: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016.
– volume: 169
  year: 2020
  ident: b17
  article-title: HELAD: A novel network anomaly detection model based on heterogeneous ensemble learning
  publication-title: Comput. Netw.
– reference: C. Fu, Q. Li, M. Shen, K. Xu, Realtime robust malicious traffic detection via frequency domain analysis, in: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 2021, pp. 3431–3446.
– reference: W. Lee, D. Xiang, Information-theoretic measures for anomaly detection, in: Proceedings IEEE Symposium on Security and Privacy, S&P, 2000.
– reference: N. Kitaev, L. Kaiser, A. Levskaya, Reformer: The Efficient Transformer, in: 8th International Conference on Learning Representations, 2020.
– volume: 18
  start-page: 1153
  year: 2016
  end-page: 1176
  ident: b36
  article-title: A survey of data mining and machine learning methods for cyber security intrusion detection
  publication-title: IEEE Commun. Surv. Tutor.
– reference: M.M. Breunig, H.-P. Kriegel, R.T. Ng, J. Sander, LOF: identifying density-based local outliers, in: ACM SIGMOD International Conference on Management of Data, 2000.
– volume: 16
  start-page: 36
  year: 2016
  end-page: 49
  ident: b31
  article-title: ScanMe mobile: a cloud-based android malware analysis service
  publication-title: ACM SIGAPP Appl. Comput. Rev.
– volume: 215
  year: 2023
  ident: b3
  article-title: Implementation of intrusion detection model for ddos attacks in lightweight IoT networks
  publication-title: Expert Syst. Appl.
– reference: Z. Liu, Y. Lin, Y. Cao, H. Hu, Y. Wei, Z. Zhang, S. Lin, B. Guo, Swin transformer: Hierarchical vision transformer using shifted windows, in: Proceedings of the IEEE/CVF International Conference on Computer Vision, 2021.
– volume: 75
  start-page: 5597
  year: 2019
  end-page: 5621
  ident: b26
  article-title: Unsupervised learning approach for network intrusion detection system using autoencoders
  publication-title: J. Supercomput.
– reference: .
– year: 1999
  ident: b14
  article-title: Snort: Lightweight intrusion detection for networks.
  publication-title: Lisa
– reference: J. Devlin, M. Chang, K. Lee, K. Toutanova, BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding, in: Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies(NAACL-HLT), 2019.
– volume: 21
  start-page: 586
  year: 2018
  end-page: 618
  ident: b27
  article-title: Security data collection and data analytics in the internet: A survey
  publication-title: IEEE Commun. Surv. Tutor.
– reference: D. Han, Z. Wang, W. Chen, Y. Zhong, S. Wang, H. Zhang, J. Yang, X. Shi, X. Yin, Deepaid: Interpreting and improving deep learning-based anomaly detection in security applications, in: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, 2021.
– volume: 32
  year: 2019
  ident: b44
  article-title: Enhancing the locality and breaking the memory bottleneck of transformer on time series forecasting
  publication-title: Adv. Neural Inf. Process. Syst.
– volume: 23
  year: 2023
  ident: b22
  article-title: Robust detection of unknown dos/ddos attacks in IoT networks using a hybrid learning model
  publication-title: Internet Things
– ident: 10.1016/j.comnet.2024.110937_b9
– ident: 10.1016/j.comnet.2024.110937_b34
– ident: 10.1016/j.comnet.2024.110937_b30
– year: 2019
  ident: 10.1016/j.comnet.2024.110937_b38
  article-title: Loganomaly: Unsupervised detection of sequential and quantitative anomalies in unstructured logs
– volume: 18
  start-page: 1153
  issue: 2
  year: 2016
  ident: 10.1016/j.comnet.2024.110937_b36
  article-title: A survey of data mining and machine learning methods for cyber security intrusion detection
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/COMST.2015.2494502
– volume: 4
  start-page: 280
  issue: 1
  year: 2012
  ident: 10.1016/j.comnet.2024.110937_b11
  article-title: A nonparametric adaptive CUSUM method and its application in network anomaly detection
  publication-title: Int. J. Adv. Comput. Technol
– ident: 10.1016/j.comnet.2024.110937_b25
  doi: 10.14722/ndss.2018.23204
– year: 2014
  ident: 10.1016/j.comnet.2024.110937_b56
  article-title: Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs
– volume: 24
  start-page: 713
  issue: 2
  year: 2024
  ident: 10.1016/j.comnet.2024.110937_b4
  article-title: Anomaly detection IDS for detecting DoS attacks in IoT networks based on machine learning algorithms
  publication-title: Sensors
  doi: 10.3390/s24020713
– ident: 10.1016/j.comnet.2024.110937_b39
  doi: 10.1145/3178876.3185996
– ident: 10.1016/j.comnet.2024.110937_b47
– volume: 16
  start-page: 36
  issue: 1
  year: 2016
  ident: 10.1016/j.comnet.2024.110937_b31
  article-title: ScanMe mobile: a cloud-based android malware analysis service
  publication-title: ACM SIGAPP Appl. Comput. Rev.
  doi: 10.1145/2924715.2924719
– ident: 10.1016/j.comnet.2024.110937_b6
  doi: 10.1145/3336191.3371876
– volume: 9
  start-page: 9179
  issue: 12
  year: 2021
  ident: 10.1016/j.comnet.2024.110937_b50
  article-title: Learning graph structures with transformer for multivariate time-series anomaly detection in IoT
  publication-title: IEEE Internet Things J.
  doi: 10.1109/JIOT.2021.3100509
– ident: 10.1016/j.comnet.2024.110937_b16
  doi: 10.1145/948143.948145
– volume: 32
  year: 2019
  ident: 10.1016/j.comnet.2024.110937_b44
  article-title: Enhancing the locality and breaking the memory bottleneck of transformer on time series forecasting
  publication-title: Adv. Neural Inf. Process. Syst.
– ident: 10.1016/j.comnet.2024.110937_b7
  doi: 10.1145/342009.335388
– volume: 75
  start-page: 5597
  year: 2019
  ident: 10.1016/j.comnet.2024.110937_b26
  article-title: Unsupervised learning approach for network intrusion detection system using autoencoders
  publication-title: J. Supercomput.
  doi: 10.1007/s11227-019-02805-w
– ident: 10.1016/j.comnet.2024.110937_b52
  doi: 10.1145/3395351.3399421
– volume: 33
  start-page: 1877
  year: 2020
  ident: 10.1016/j.comnet.2024.110937_b42
  article-title: Language models are few-shot learners
  publication-title: Adv. Neural Inf. Process. Syst.
– ident: 10.1016/j.comnet.2024.110937_b45
  doi: 10.1609/aaai.v35i12.17325
– year: 2020
  ident: 10.1016/j.comnet.2024.110937_b54
– ident: 10.1016/j.comnet.2024.110937_b12
  doi: 10.1145/2897845.2897860
– volume: 22
  start-page: 1
  issue: 2
  year: 2019
  ident: 10.1016/j.comnet.2024.110937_b32
  article-title: Mamadroid: Detecting android malware by building markov chains of behavioral models (extended version)
  publication-title: ACM Trans. Priv. Secur.
  doi: 10.1145/3313391
– ident: 10.1016/j.comnet.2024.110937_b55
  doi: 10.1007/978-3-319-24574-4_28
– ident: 10.1016/j.comnet.2024.110937_b41
– year: 2023
  ident: 10.1016/j.comnet.2024.110937_b1
– volume: 10
  start-page: 648
  issue: 3
  year: 2011
  ident: 10.1016/j.comnet.2024.110937_b8
  article-title: A K-means and naive Bayes learning approach for better intrusion detection
  publication-title: Inf. Technol. J.
  doi: 10.3923/itj.2011.648.655
– ident: 10.1016/j.comnet.2024.110937_b48
– ident: 10.1016/j.comnet.2024.110937_b10
  doi: 10.1145/948234.948236
– ident: 10.1016/j.comnet.2024.110937_b51
– volume: 21
  start-page: 586
  issue: 1
  year: 2018
  ident: 10.1016/j.comnet.2024.110937_b27
  article-title: Security data collection and data analytics in the internet: A survey
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/COMST.2018.2863942
– year: 2023
  ident: 10.1016/j.comnet.2024.110937_b2
– volume: 34
  start-page: 22419
  year: 2021
  ident: 10.1016/j.comnet.2024.110937_b46
  article-title: Autoformer: Decomposition transformers with auto-correlation for long-term series forecasting
  publication-title: Adv. Neural Inf. Process. Syst.
– ident: 10.1016/j.comnet.2024.110937_b20
  doi: 10.4108/eai.3-12-2015.2262516
– volume: 8
  start-page: 951
  issue: 2
  year: 2020
  ident: 10.1016/j.comnet.2024.110937_b58
  article-title: Omni SCADA intrusion detection using deep learning algorithms
  publication-title: IEEE Internet Things J.
  doi: 10.1109/JIOT.2020.3009180
– ident: 10.1016/j.comnet.2024.110937_b19
  doi: 10.1145/3133956.3134015
– ident: 10.1016/j.comnet.2024.110937_b23
  doi: 10.1145/3460120.3484589
– year: 2017
  ident: 10.1016/j.comnet.2024.110937_b40
  article-title: Attention is all you need
– ident: 10.1016/j.comnet.2024.110937_b29
  doi: 10.1145/3243734.3243862
– year: 1999
  ident: 10.1016/j.comnet.2024.110937_b14
  article-title: Snort: Lightweight intrusion detection for networks.
– ident: 10.1016/j.comnet.2024.110937_b49
  doi: 10.1109/ICCV48922.2021.00986
– volume: 5
  start-page: 18042
  year: 2017
  ident: 10.1016/j.comnet.2024.110937_b18
  article-title: Network traffic classifier with convolutional and recurrent neural networks for internet of things
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2017.2747560
– volume: 18
  start-page: 1153
  issue: 2
  year: 2015
  ident: 10.1016/j.comnet.2024.110937_b13
  article-title: A survey of data mining and machine learning methods for cyber security intrusion detection
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/COMST.2015.2494502
– ident: 10.1016/j.comnet.2024.110937_b21
  doi: 10.1145/3319535.3363226
– volume: 23
  year: 2023
  ident: 10.1016/j.comnet.2024.110937_b22
  article-title: Robust detection of unknown dos/ddos attacks in IoT networks using a hybrid learning model
  publication-title: Internet Things
  doi: 10.1016/j.iot.2023.100851
– ident: 10.1016/j.comnet.2024.110937_b33
– ident: 10.1016/j.comnet.2024.110937_b37
  doi: 10.1145/3460120.3484585
– volume: 16
  start-page: 303
  issue: 1
  year: 2013
  ident: 10.1016/j.comnet.2024.110937_b28
  article-title: Network anomaly detection: methods, systems and tools
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/SURV.2013.052213.00046
– ident: 10.1016/j.comnet.2024.110937_b5
  doi: 10.14722/ndss.2024.23216
– volume: 169
  year: 2020
  ident: 10.1016/j.comnet.2024.110937_b17
  article-title: HELAD: A novel network anomaly detection model based on heterogeneous ensemble learning
  publication-title: Comput. Netw.
  doi: 10.1016/j.comnet.2019.107049
– ident: 10.1016/j.comnet.2024.110937_b24
  doi: 10.1109/INFOCOM41043.2020.9155278
– volume: 121
  year: 2022
  ident: 10.1016/j.comnet.2024.110937_b57
  article-title: A two-stage intrusion detection system with auto-encoder and LSTMs
  publication-title: Appl. Soft Comput.
  doi: 10.1016/j.asoc.2022.108768
– ident: 10.1016/j.comnet.2024.110937_b43
– year: 2024
  ident: 10.1016/j.comnet.2024.110937_b15
– volume: 215
  year: 2023
  ident: 10.1016/j.comnet.2024.110937_b3
  article-title: Implementation of intrusion detection model for ddos attacks in lightweight IoT networks
  publication-title: Expert Syst. Appl.
  doi: 10.1016/j.eswa.2022.119330
– ident: 10.1016/j.comnet.2024.110937_b35
  doi: 10.14722/ndss.2014.23269
– ident: 10.1016/j.comnet.2024.110937_b53
SSID ssj0004428
Score 2.458371
Snippet Internet of Things (IoT) devices are often used as springboards for network intrusion due to the open nature of IoT protocol stacks that enable automatic...
SourceID crossref
elsevier
SourceType Enrichment Source
Index Database
Publisher
StartPage 110937
SubjectTerms AutoEncoder
Dual-granularity
Internet of things attack
Transformer
Unsupervised anomaly detection
Title DUdetector: A dual-granularity unsupervised model for network anomaly detection
URI https://dx.doi.org/10.1016/j.comnet.2024.110937
Volume 257
WOSCitedRecordID wos001370596900001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals 2021
  issn: 1389-1286
  databaseCode: AIEXJ
  dateStart: 19990114
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: false
  ssIdentifier: ssj0004428
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1Lb9QwELaWLQc4IJ6ivOQDt8po43jjuLcVFAoSBaRWWnGJHNspu9pmV91s1f4BfjfjVxJaVOiBSxRFzuQxn8Yzo5lvEHoN9o4lsqyI0UlOmExTIoQRpBSwW40TJSut3bAJfnCQT6fi62DwM_bCnC14Xefn52L1X1UN10DZtnX2BupuhcIFOAelwxHUDsd_Uvy7I20an4t3Xee22Yocw5ZkC06tz72p15uVNRFrcDbdJBxXa1j7gvAdWS9P5OJix0uJaotkBmEIRFztcraTE8u2oAO0ug7ikG4Qopdu-GC8cdmXs_mmBeZn58J-m3XFBn6Ytlw2Pfi2ye3vP2b9bAUdxwLn1sCCg0RgT8z6Fph6jupgQy0HqieCuWLefaZhbrUDnwnRPWVvuuW_s2lf2uXa2sNY1jYvvJTCSim8lFtoi_KxyIdoa_Jxb_qp67Blbkpv-_axCdNVCl59mz87OT3H5fA-uhciDjzxSHmABqZ-iO72eCgfoS8dZnbxBF9GDO4jBjvEYEAMDhjAATG4RcxjdPR-7_DtPgmTNoiCkLEhqQFHNSmNUSMx0ozxtMrLkiuuUpZplUqTa2GooNIkZpzlqqIsg0Bf0ZF2zLJP0LBe1uYpwlVWQYQgQBRNbG6irDhXGsJmKka8YnQbpfHXFCrQ0NtpKIviOsVsI9LetfI0LH9Zz-NfL4Ir6V3EAqB07Z3Pbvik5-hOh_MXaNicbsxLdFudNbP16auAo18-YZYT
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=DUdetector%3A+A+dual-granularity+unsupervised+model+for+network+anomaly+detection&rft.jtitle=Computer+networks+%28Amsterdam%2C+Netherlands+%3A+1999%29&rft.au=Geng%2C+Haijun&rft.au=Ma%2C+Qi&rft.au=Chi%2C+Haotian&rft.au=Zhang%2C+Zhi&rft.date=2025-02-01&rft.issn=1389-1286&rft.volume=257&rft.spage=110937&rft_id=info:doi/10.1016%2Fj.comnet.2024.110937&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_comnet_2024_110937
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1389-1286&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1389-1286&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1389-1286&client=summon