This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
M. Goldstein and S. Uchida, “A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data,” PLoS One, vol. 11, no. 4, p. e0152173, Apr. 2016, doi: 10.1371/JOURNAL.PONE.0152173.GoldsteinM.UchidaS.“A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data,”114e0152173Apr.201610.1371/JOURNAL.PONE.0152173Open DOISearch in Google Scholar
V. Garcia-Font, C. Garrigues, and H. Rifà-Pous, “A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks,” Sensors (Basel)., vol. 16, no. 6, Jun. 2016, doi: 10.3390/S16060868.Garcia-FontV.GarriguesC.Rifà-PousH.“A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks,”166Jun.201610.3390/S16060868Open DOISearch in Google Scholar
A. Nisioti, A. Mylonas, P. D. Yoo, and V. Katos, “From intrusion detection to attacker attribution: A comprehensive survey of unsupervised methods,” IEEE Commun. Surv. Tutorials, vol. 20, no. 4, pp. 3369–3388, Oct. 2018, doi: 10.1109/COMST.2018.2854724.NisiotiA.MylonasA.YooP. D.KatosV.“From intrusion detection to attacker attribution: A comprehensive survey of unsupervised methods,”20433693388Oct.201810.1109/COMST.2018.2854724Open DOISearch in Google Scholar
F. Falcão et al., “Quantitative comparison of unsupervised anomaly detection algorithms for intrusion detection,” Proc. ACM Symp. Appl. Comput., vol. Part F147772, pp. 318–327, 2019, doi: 10.1145/3297280.3297314.FalcãoF.“Quantitative comparison of unsupervised anomaly detection algorithms for intrusion detection,”vol. Part F147772,318327201910.1145/3297280.3297314Open DOISearch in Google Scholar
T. Saranya, S. Sridevi, C. Deisy, T. D. Chung, and M. K. A. A. Khan, “Performance Analysis of Machine Learning Algorithms in Intrusion Detection System: A Review,” Procedia Comput. Sci., vol. 171, pp. 1251–1260, Jan. 2020, doi: 10.1016/J.PROCS.2020.04.133.SaranyaT.SrideviS.DeisyC.ChungT. D.KhanM. K. A. A.“Performance Analysis of Machine Learning Algorithms in Intrusion Detection System: A Review,”17112511260Jan.202010.1016/J.PROCS.2020.04.133Open DOISearch in Google Scholar
A. Thakkar and R. Lohiya, “A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions,” Artif. Intell. Rev., vol. 55, no. 1, pp. 453–563, Jan. 2022, doi: 10.1007/S10462-021-10037-9/FIGURES/15.ThakkarA.LohiyaR.“A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions,”551453563Jan.202210.1007/S10462-021-10037-9/FIGURES/15Open DOISearch in Google Scholar
D. Samariya and A. Thakkar, “A Comprehensive Survey of Anomaly Detection Algorithms,” Ann. Data Sci., vol. 10, no. 3, pp. 829–850, Jun. 2023, doi: 10.1007/S40745-021-00362-9.SamariyaD.ThakkarA.“A Comprehensive Survey of Anomaly Detection Algorithms,”103829850Jun.202310.1007/S40745-021-00362-9Open DOISearch in Google Scholar
A. E. Ezugwu et al., “A comprehensive survey of clustering algorithms: State-of-the-art machine learning applications, taxonomy, challenges, and future research prospects,” Eng. Appl. Artif. Intell., vol. 110, p. 104743, Apr. 2022, doi: 10.1016/J.ENGAPPAI.2022.104743.EzugwuA. E.“A comprehensive survey of clustering algorithms: State-of-the-art machine learning applications, taxonomy, challenges, and future research prospects,”110104743Apr.202210.1016/J.ENGAPPAI.2022.104743Open DOISearch in Google Scholar
U. A. Usmani, A. Happonen, and J. Watada, “A Review of Unsupervised Machine Learning Frameworks for Anomaly Detection in Industrial Applications,” Lect. Notes Networks Syst., vol. 507 LNNS, pp. 158–189, 2022, doi: 10.1007/978-3-031-10464-0_11/COVER.UsmaniU. A.HapponenA.WatadaJ.“A Review of Unsupervised Machine Learning Frameworks for Anomaly Detection in Industrial Applications,”507LNNS,158189202210.1007/978-3-031-10464-0_11/COVEROpen DOISearch in Google Scholar
X. Tao, X. Gong, X. Zhang, S. Yan, and C. Adak, “Deep Learning for Unsupervised Anomaly Localization in Industrial Images: A Survey,” IEEE Trans. Instrum. Meas., vol. 71, 2022, doi: 10.1109/TIM.2022.3196436.TaoX.GongX.ZhangX.YanS.AdakC.“Deep Learning for Unsupervised Anomaly Localization in Industrial Images: A Survey,”71202210.1109/TIM.2022.3196436Open DOISearch in Google Scholar
M. Q. Ma, Y. Zhao, X. Zhang, and L. Akoglu, “The Need for Unsupervised Outlier Model Selection: A Review and Evaluation of Internal Evaluation Strategies,” Accessed: Jun. 04, 2023. [Online]. Available: https://github.com/yzhao062/uoms.MaM. Q.ZhaoY.ZhangX.AkogluL.Accessed: Jun. 04, 2023. [Online]. Available: https://github.com/yzhao062/uoms.Search in Google Scholar
K. DeMedeiros, A. Hendawi, and M. Alvarez, “A Survey of AI-Based Anomaly Detection in IoT and Sensor Networks,” Sensors 2023, Vol. 23, Page 1352, vol. 23, no. 3, p. 1352, Jan. 2023, doi: 10.3390/S23031352.DeMedeirosK.HendawiA.AlvarezM.“A Survey of AI-Based Anomaly Detection in IoT and Sensor Networks,”2331352Jan.202310.3390/S23031352Open DOISearch in Google Scholar
K. Taha, “Semi-supervised and un-supervised clustering: A review and experimental evaluation,” Inf. Syst., vol. 114, p. 102178, Mar. 2023, doi: 10.1016/J.IS.2023.102178.TahaK.“Semi-supervised and un-supervised clustering: A review and experimental evaluation,”114102178Mar.202310.1016/J.IS.2023.102178Open DOISearch in Google Scholar
M. Landauer, S. Onder, F. Skopik, and M. Wurzenberger, “Deep learning for anomaly detection in log data: A survey,” Mach. Learn. with Appl., vol. 12, p. 100470, Jun. 2023, doi: 10.1016/J.MLWA.2023.100470.LandauerM.OnderS.SkopikF.WurzenbergerM.“Deep learning for anomaly detection in log data: A survey,”12100470Jun.202310.1016/J.MLWA.2023.100470Open DOISearch in Google Scholar
E. Eskin, “Anomaly Detection over Noisy Data Using Learned Probability Distributions,” 2000, doi: 10.7916/D8C53SKF.EskinE.200010.7916/D8C53SKFOpen DOISearch in Google Scholar
A. Lazarevic, L. Ertoz, V. Kumar, A. Ozgur, and J. Srivastava, “A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection †,” Accessed: Oct. 15, 2022. [Online]. Available: https://epubs.siam.org/terms-privacy.LazarevicA.ErtozL.KumarV.OzgurA.SrivastavaJ.Accessed: Oct. 15, 2022. [Online]. Available: https://epubs.siam.org/terms-privacy.Search in Google Scholar
M. G. H. Omran, A. P. Engelbrecht, and A. Salman, “An overview of clustering methods,” Intell. Data Anal., vol. 11, pp. 583–605, 2007.OmranM. G. H.EngelbrechtA. P.SalmanA.“An overview of clustering methods,”115836052007Search in Google Scholar
K. L. Ingham and H. Inoue, “Comparing anomaly detection techniques for HTTP,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 4637 LNCS, pp. 42–62, 2007, doi: 10.1007/978-3-540-74320-0_3.InghamK. L.InoueH.“Comparing anomaly detection techniques for HTTP,”4637LNCS,4262200710.1007/978-3-540-74320-0_3Open DOISearch in Google Scholar
C. F. Tsai, Y. F. Hsu, C. Y. Lin, and W. Y. Lin, “Intrusion detection by machine learning: A review,” Expert Syst. Appl., vol. 36, no. 10, pp. 11994–12000, Dec. 2009, doi: 10.1016/J.ESWA.2009.05.029.TsaiC. F.HsuY. F.LinC. Y.LinW. Y.“Intrusion detection by machine learning: A review,”36101199412000Dec.200910.1016/J.ESWA.2009.05.029Open DOISearch in Google Scholar
B. G. O. Reddy, B. G. O. Reddy, and D. M. Ussenaiah, “Literature Survey On Clustering Techniques,” Accessed: Jun. 07, 2022. [Online]. Available: https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.467.9888.ReddyB. G. O.ReddyB. G. O.UssenaiahD. M.Accessed: Jun. 07, 2022. [Online]. Available: https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.467.9888.Search in Google Scholar
X. Ding, Y. Li, A. Belatreche, and L. P. Maguire, “An experimental evaluation of novelty detection methods,” Neurocomputing, vol. 135, pp. 313–327, Jul. 2014, doi: 10.1016/J.NEUCOM.2013.12.002.DingX.LiY.BelatrecheA.MaguireL. P.“An experimental evaluation of novelty detection methods,”135313327Jul.201410.1016/J.NEUCOM.2013.12.002Open DOISearch in Google Scholar
D. Xu and Y. Tian, “A Comprehensive Survey of Clustering Algorithms,” Ann. Data Sci. 2015 22, vol. 2, no. 2, pp. 165–193, Aug. 2015, doi: 10.1007/S40745-015-0040-1.XuD.TianY.“A Comprehensive Survey of Clustering Algorithms,”22165193Aug.201510.1007/S40745-015-0040-1Open DOISearch in Google Scholar
M. Usama et al., “Unsupervised Machine Learning for Networking: Techniques, Applications and Research Challenges,” IEEE Access, vol. 7, pp. 65579–65615, 2019, doi: 10.1109/ACCESS.2019.2916648.UsamaM.“Unsupervised Machine Learning for Networking: Techniques, Applications and Research Challenges,”76557965615201910.1109/ACCESS.2019.2916648Open DOISearch in Google Scholar
S. Ramaswamy, R. Rastogi, and K. Shim KAIST, “Efficient Algorithms for Mining Outliers from Large Data Sets,” 2000, Accessed: Oct. 03, 2022. [Online]. Available: www.bell-labs.com/projects/serendip.RamaswamyS.RastogiR.Shim KAISTK.2000Accessed: Oct. 03, 2022. [Online]. Available: www.bell-labs.com/projects/serendip.Search in Google Scholar
V. Hautamäki, I. Kärkkäinen, and P. Fränti, “Outlier detection using k-nearest neighbour graph,” Proc. - Int. Conf. Pattern Recognit., vol. 3, pp. 430–433, 2004, doi: 10.1109/ICPR.2004.1334558.HautamäkiV.KärkkäinenI.FräntiP.“Outlier detection using k-nearest neighbour graph,”3430433200410.1109/ICPR.2004.1334558Open DOISearch in Google Scholar
T. Zoppi, A. ceccarelli, T. Capecchi, and A. Bondavalli, “Unsupervised Anomaly Detectors to Detect Intrusions in the Current Threat Landscape,” ACM/IMS Trans. Data Sci., vol. 2, no. 2, pp. 1–26, Dec. 2020, doi: 10.48550/arxiv.2012.11354.ZoppiT.ceccarelliA.CapecchiT.BondavalliA.“Unsupervised Anomaly Detectors to Detect Intrusions in the Current Threat Landscape,”22126Dec.202010.48550/arxiv.2012.11354Open DOISearch in Google Scholar
M. M. Breunig, H. P. Kriegel, R. T. Ng, and J. Sander, “LOF: Identifying Density-Based Local Outliers,” SIGMOD 2000 - Proc. 2000 ACM SIGMOD Int. Conf. Manag. Data, pp. 93–104, 2000, doi: 10.1145/342009.335388.BreunigM. M.KriegelH. P.NgR. T.SanderJ.“LOF: Identifying Density-Based Local Outliers,”93104200010.1145/342009.335388Open DOISearch in Google Scholar
“Algorithm selection for Anomaly Detection | by Sahil Garg | Analytics Vidhya | Medium.”
https://medium.com/analytics-vidhya/algorithm-selection-for-anomaly-detection-ef193fd0d6d1https://medium.com/analytics-vidhya/algorithm-selection-for-anomaly-detection-ef193fd0d6d1Search in Google Scholar
J. Tang, Z. Chen, A. W. C. Fu, and D. W. Cheung, “Enhancing effectiveness of Outlier detections for low Density Patterns,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 2336, pp. 535–548, 2002, doi: 10.1007/3-540-47887-6_53/COVER.TangJ.ChenZ.FuA. W. C.CheungD. W.“Enhancing effectiveness of Outlier detections for low Density Patterns,”2336535548200210.1007/3-540-47887-6_53/COVEROpen DOISearch in Google Scholar
E. Schubert, A. Koos, T. Emrich, A. Züfle, K. A. Schmid, and A. Zimek, “A framework for clustering uncertain data,” Proc. VLDB Endow., vol. 8, no. 12, pp. 1976–1979, Aug. 2015, doi: 10.14778/2824032.2824115.SchubertE.KoosA.EmrichT.ZüfleA.SchmidK. A.ZimekA.“A framework for clustering uncertain data,”81219761979Aug.201510.14778/2824032.2824115Open DOISearch in Google Scholar
C. Graziano Gentili and T. Zoppi Tutor Co-Tutor Andrea Bondavalli Dott Andrea Ceccarelli Coordinatori Graziano Gentili Cristina Pinotti, “Towards Effective Anomaly Detection in Complex Dynamic Systems,” 2019, Accessed: Nov. 02, 2022. [Online]. Available: https://flore.unifi.it/handle/2158/1119284.C. Graziano Gentili and T. Zoppi Tutor Co-Tutor Andrea Bondavalli Dott Andrea Ceccarelli Coordinatori Graziano Gentili Cristina Pinotti,2019Accessed: Nov. 02, 2022. [Online]. Available: https://flore.unifi.it/handle/2158/1119284.Search in Google Scholar
Y. G. Jung, M. S. Kang, and J. Heo, “Clustering performance comparison using K-means and expectation maximization algorithms,” Biotechnol. Biotechnol. Equip., vol. 28, pp. S44–S48, 2014, doi: 10.1080/13102818.2014.949045.JungY. G.KangM. S.HeoJ.“Clustering performance comparison using K-means and expectation maximization algorithms,”28S44S48201410.1080/13102818.2014.949045Open DOISearch in Google Scholar
M. Çelik, F. Dadaşer-Çelik, and A. Ş. Dokuz, “Anomaly detection in temperature data using DBSCAN algorithm,” INISTA 2011 - 2011 Int. Symp. Innov. Intell. Syst. Appl., pp. 91–95, 2011, doi: 10.1109/INISTA.2011.5946052.ÇelikM.Dadaşer-ÇelikF.DokuzA. Ş.“Anomaly detection in temperature data using DBSCAN algorithm,”9195201110.1109/INISTA.2011.5946052Open DOISearch in Google Scholar
M. C. R. Murça, R. John Hansman, H. Balakrishnan, R. Delaura, R. Jordan, and T. Reynolds, “Trajectory clustering and classification for characterization of air traffic flows,” 16th AIAA Aviat. Technol. Integr. Oper. Conf., 2016, doi: 10.2514/6.2016-3760.MurçaM. C. R.John HansmanR.BalakrishnanH.DelauraR.JordanR.ReynoldsT.“Trajectory clustering and classification for characterization of air traffic flows,”201610.2514/6.2016-3760Open DOISearch in Google Scholar
J. Li and D. G. Mani, “Machine Learning Application on Prediction of Male Breast Cancer with PLCO Dataset,” J. Student Res., vol. 10, no. 3, Nov. 2021, doi: 10.47611/jsrhs.v10i3.2199.LiJ.ManiD. G.“Machine Learning Application on Prediction of Male Breast Cancer with PLCO Dataset,”103Nov.202110.47611/jsrhs.v10i3.2199Open DOISearch in Google Scholar
R. Abdulhammed, M. Faezipour, H. Musafer, and A. Abuzneid, “Efficient network intrusion detection using PCA-based dimensionality reduction of features,” 2019 Int. Symp. Networks, Comput. Commun. ISNCC 2019, Jun. 2019, doi: 10.1109/ISNCC.2019.8909140.AbdulhammedR.FaezipourM.MusaferH.AbuzneidA.“Efficient network intrusion detection using PCA-based dimensionality reduction of features,”Jun.201910.1109/ISNCC.2019.8909140Open DOISearch in Google Scholar
G. Sidhu, N. Asgarian, R. Greiner, and M. R. G. Brown, “Kernel principal component analysis for dimensionality reduction in fMRI-based diagnosis of ADHD,” Front. Syst. Neurosci., vol. 0, no. OCTOBER 2012, pp. 1–17, Oct. 2012, doi: 10.3389/FNSYS.2012.00074/BIBTEX.SidhuG.AsgarianN.GreinerR.BrownM. R. G.“Kernel principal component analysis for dimensionality reduction in fMRI-based diagnosis of ADHD,”0no. OCTOBER 2012,117Oct.201210.3389/FNSYS.2012.00074/BIBTEXOpen DOISearch in Google Scholar
L. J. Cao, K. S. Chua, W. K. Chong, H. P. Lee, and Q. M. Gu, “A comparison of PCA, KPCA and ICA for dimensionality reduction in support vector machine,” Neurocomputing, vol. 55, no. 1–2, pp. 321–336, Sep. 2003, doi: 10.1016/S0925-2312(03)00433-8.CaoL. J.ChuaK. S.ChongW. K.LeeH. P.GuQ. M.“A comparison of PCA, KPCA and ICA for dimensionality reduction in support vector machine,”551–2321336Sep.200310.1016/S0925-2312(03)00433-8Open DOISearch in Google Scholar
C. C. Aggarwal, “Data Mining,” 2015, doi: 10.1007/978-3-319-14142-8.AggarwalC. C.201510.1007/978-3-319-14142-8Open DOISearch in Google Scholar
M. Goldstein and A. Dengel, “Histogram-based Outlier Score (HBOS): A fast Unsupervised Anomaly Detection Algorithm,” Accessed: Oct. 05, 2022. [Online]. Available: http://madm.dfki.de/rapidminer/anomalydetection.GoldsteinM.DengelA.Accessed: Oct. 05, 2022. [Online]. Available: http://madm.dfki.de/rapidminer/anomalydetection.Search in Google Scholar
T. Zoppi, A. Ceccarelli, L. Salani, and A. Bondavalli, “On the educated selection of unsupervised algorithms via attacks and anomaly classes,” J. Inf. Secur. Appl., vol. 52, Jun. 2020, doi: 10.1016/J.JISA.2020.102474.ZoppiT.CeccarelliA.SalaniL.BondavalliA.“On the educated selection of unsupervised algorithms via attacks and anomaly classes,”52Jun.202010.1016/J.JISA.2020.102474Open DOISearch in Google Scholar
M. Zhang, B. Xu, and J. Gong, “An Anomaly Detection Model Based on One-Class SVM to Detect Network Intrusions,” Proc. - 11th Int. Conf. Mob. Ad-Hoc Sens. Networks, MSN 2015, pp. 102–107, Feb. 2016, doi: 10.1109/MSN.2015.40.ZhangM.XuB.GongJ.“An Anomaly Detection Model Based on One-Class SVM to Detect Network Intrusions,”102107Feb.201610.1109/MSN.2015.40Open DOISearch in Google Scholar
Z. Ding and M. Fei, “An Anomaly Detection Approach Based on Isolation Forest Algorithm for Streaming Data using Sliding Window,” IFAC Proc. Vol., vol. 46, no. 20, pp. 12–17, Jan. 2013, doi: 10.3182/20130902-3-CN-3020.00044.DingZ.FeiM.“An Anomaly Detection Approach Based on Isolation Forest Algorithm for Streaming Data using Sliding Window,”46201217Jan.201310.3182/20130902-3-CN-3020.00044Open DOISearch in Google Scholar
“Isolation Forest | Anomaly Detection with Isolation Forest.” https://www.analyticsvidhya.com/blog/2021/07/anomaly-detection-using-isolation-forest-a-complete-guide/https://www.analyticsvidhya.com/blog/2021/07/anomaly-detection-using-isolation-forest-a-complete-guide/Search in Google Scholar
R. Sun, S. Zhang, C. Yin, J. Wang, and S. Min, “Strategies for data stream mining method applied in anomaly detection,” Cluster Comput., vol. 22, no. 2, pp. 399–408, Jun. 2019, doi: 10.1007/S10586-018-2835-2.SunR.ZhangS.YinC.WangJ.MinS.“Strategies for data stream mining method applied in anomaly detection,”222399408Jun.201910.1007/S10586-018-2835-2Open DOISearch in Google Scholar
K. Leung and C. Leckie, “Unsuper vised Anomaly Detection in Network Intrusion Detection Using Clusters,” doi: 10.5555/1082161.LeungK.LeckieC.10.5555/1082161Open DOISearch in Google Scholar
W. Chimphlee, A. H. Abdullah, M. N. M. Sap, S. Srinoy, and S. Chimphlee, “Anomaly-based intrusion detection using fuzzy rough clustering,” Proc. - 2006 Int. Conf. Hybrid Inf. Technol. ICHIT 2006, vol. 1, pp. 329–334, 2006, doi: 10.1109/ICHIT.2006.253508.ChimphleeW.AbdullahA. H.SapM. N. M.SrinoyS.ChimphleeS.“Anomaly-based intrusion detection using fuzzy rough clustering,”1329334200610.1109/ICHIT.2006.253508Open DOISearch in Google Scholar
S. Zhong, T. M. Khoshgoftaar, and N. Seliya, “CLUSTERING-BASED NETWORK INTRUSION DETECTION,” http://dx.doi.org/10.1142/S0218539307002568, vol. 14, no. 2, pp. 169–187, Nov. 2011, doi: 10.1142/S0218539307002568.ZhongS.KhoshgoftaarT. M.SeliyaN.“CLUSTERING-BASED NETWORK INTRUSION DETECTION,”142169187Nov.201110.1142/S0218539307002568Open DOISearch in Google Scholar
M. Jianliang, S. Haikun, and B. Ling, “The application on intrusion detection based on K-means cluster algorithm,” Proc. - 2009 Int. Forum Inf. Technol. Appl. IFITA 2009, vol. 1, pp. 150–152, 2009, doi: 10.1109/IFITA.2009.34.JianliangM.HaikunS.LingB.“The application on intrusion detection based on K-means cluster algorithm,”1150152200910.1109/IFITA.2009.34Open DOISearch in Google Scholar
A. P. Muniyandi, R. Rajeswari, and R. Rajaram, “Network Anomaly Detection by Cascading K-Means Clustering and C4.5 Decision Tree algorithm,” Procedia Eng., vol. 30, pp. 174–182, Jan. 2012, doi: 10.1016/J.PROENG.2012.01.849.MuniyandiA. P.RajeswariR.RajaramR.“Network Anomaly Detection by Cascading K-Means Clustering and C4.5 Decision Tree algorithm,”30174182Jan.201210.1016/J.PROENG.2012.01.849Open DOISearch in Google Scholar
S. Gujral, E. Ortiz, and V. L. Syrmos, “An unsupervised method for intrusion detection using spectral clustering,” 2009 IEEE Symp. Comput. Intell. Cyber Secur. CICS 2009 - Proc., 2009, doi: 10.1109/CICYBS.2009.4925096.GujralS.OrtizE.SyrmosV. L.“An unsupervised method for intrusion detection using spectral clustering,”200910.1109/CICYBS.2009.4925096Open DOISearch in Google Scholar
X. Ni, D. He, S. Chan, and F. Ahmad, “Network anomaly detection using unsupervised feature selection and density peak clustering,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 9696, pp. 212–227, 2016, doi: 10.1007/978-3-319-39555-5_12.NiX.HeD.ChanS.AhmadF.“Network anomaly detection using unsupervised feature selection and density peak clustering,”9696212227201610.1007/978-3-319-39555-5_12Open DOISearch in Google Scholar
M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “NADO: Network Anomaly Detection using Outlier approach,” ACM Int. Conf. Proceeding Ser., pp. 531–536, 2011, doi: 10.1145/1947940.1948050.BhuyanM. H.BhattacharyyaD. K.KalitaJ. K.“NADO: Network Anomaly Detection using Outlier approach,”531536201110.1145/1947940.1948050Open DOISearch in Google Scholar
I. Syarif, A. Prugel-Bennett, and G. Wills, “Unsupervised Clustering Approach for Network Anomaly Detection,” pp. 135–145, 2012, doi: 10.1007/978-3-642-30507-8_13.SyarifI.Prugel-BennettA.WillsG.135145201210.1007/978-3-642-30507-8_13Open DOISearch in Google Scholar
M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “An effective unsupervised network anomaly detection method,” ACM Int. Conf. Proceeding Ser., pp. 533–539, 2012, doi: 10.1145/2345396.2345484.BhuyanM. H.BhattacharyyaD. K.KalitaJ. K.“An effective unsupervised network anomaly detection method,”533539201210.1145/2345396.2345484Open DOISearch in Google Scholar
M. Prasad, S. Tripathi, and K. Dahal, “Unsupervised feature selection and cluster center initialization based arbitrary shaped clusters for intrusion detection,” Comput. Secur., vol. 99, Dec. 2020, doi: 10.1016/J.COSE.2020.102062.PrasadM.TripathiS.DahalK.“Unsupervised feature selection and cluster center initialization based arbitrary shaped clusters for intrusion detection,”99Dec.202010.1016/J.COSE.2020.102062Open DOISearch in Google Scholar
J. Dromard, G. Roudière, and P. Owezarski, “Unsupervised network anomaly detection in real-time on big data,” Commun. Comput. Inf. Sci., vol. 539, pp. 197–206, 2015, doi: 10.1007/978-3-319-23201-0_22.DromardJ.RoudièreG.OwezarskiP.“Unsupervised network anomaly detection in real-time on big data,”539197206201510.1007/978-3-319-23201-0_22Open DOISearch in Google Scholar
S. Ahmad, A. Lavin, S. Purdy, and Z. Agha, “Unsupervised real-time anomaly detection for streaming data,” Neurocomputing, vol. 262, pp. 134–147, Nov. 2017, doi: 10.1016/J.NEUCOM.2017.04.070.AhmadS.LavinA.PurdyS.AghaZ.“Unsupervised real-time anomaly detection for streaming data,”262134147Nov.201710.1016/J.NEUCOM.2017.04.070Open DOISearch in Google Scholar
B. C. Rhodes, J. A. Mahaffey, and J. D. Cannady, “Multiple Self-Organizing Maps for Intrusion Detection.”RhodesB. C.MahaffeyJ. A.CannadyJ. D.Search in Google Scholar
H. Güneş Kayacik, A. Nur Zincir-Heywood, and M. I. Heywood, “On the Capability of an SOM based Intrusion Detection System,” Proc. Int. Jt. Conf. Neural Networks, vol. 3, pp. 1808–1813, 2003, doi: 10.1109/IJCNN.2003.1223682.Güneş KayacikH.Nur Zincir-HeywoodA.HeywoodM. I.“On the Capability of an SOM based Intrusion Detection System,”318081813200310.1109/IJCNN.2003.1223682Open DOISearch in Google Scholar
A. D. Landress, “A hybrid approach to reducing the false positive rate in unsupervised machine learning intrusion detection,” Conf. Proc. - IEEE SOUTHEASTCON, vol. 2016-July, Jul. 2016, doi: 10.1109/SECON.2016.7506773.LandressA. D.“A hybrid approach to reducing the false positive rate in unsupervised machine learning intrusion detection,”vol. 2016-July,Jul.201610.1109/SECON.2016.7506773Open DOISearch in Google Scholar
S. Y. Huang and Y. N. Huang, “Network traffic anomaly detection based on growing hierarchical SOM,” Proc. Int. Conf. Dependable Syst. Networks, 2013, doi: 10.1109/DSN.2013.6575338.HuangS. Y.HuangY. N.“Network traffic anomaly detection based on growing hierarchical SOM,”201310.1109/DSN.2013.6575338Open DOISearch in Google Scholar
N. Marir, H. Wang, G. Feng, B. Li, and M. Jia, “Distributed abnormal behavior detection approach based on deep belief network and ensemble SVM using spark,” IEEE Access, vol. 6, pp. 59657–59671, 2018, doi: 10.1109/ACCESS.2018.2875045.MarirN.WangH.FengG.LiB.JiaM.“Distributed abnormal behavior detection approach based on deep belief network and ensemble SVM using spark,”65965759671201810.1109/ACCESS.2018.2875045Open DOISearch in Google Scholar
K. Keerthi Vasan and B. Surendiran, “Dimensionality reduction using Principal Component Analysis for network intrusion detection,” Perspect. Sci., vol. 8, pp. 510–512, Sep. 2016, doi: 10.1016/J.PISC.2016.05.010.Keerthi VasanK.SurendiranB.“Dimensionality reduction using Principal Component Analysis for network intrusion detection,”8510512Sep.201610.1016/J.PISC.2016.05.010Open DOISearch in Google Scholar
D. Yang and H. Qi, “A network intrusion detection method using independent component analysis,” Proc. - Int. Conf. Pattern Recognit., 2008, doi: 10.1109/ICPR.2008.4761087.YangD.QiH.“A network intrusion detection method using independent component analysis,”200810.1109/ICPR.2008.4761087Open DOISearch in Google Scholar
T. M. Pattewar and H. A. Sonawane, “Neural network based intrusion detection using Bayesian with PCA and KPCA feature extraction,” 2015 IEEE Int. Conf. Comput. Graph. Vis. Inf. Secur. CGVIS 2015, pp. 83–88, Apr. 2016, doi: 10.1109/CGVIS.2015.7449898.PattewarT. M.SonawaneH. A.“Neural network based intrusion detection using Bayesian with PCA and KPCA feature extraction,”8388Apr.201610.1109/CGVIS.2015.7449898Open DOISearch in Google Scholar
F. Kuang, W. Xu, and S. Zhang, “A novel hybrid KPCA and SVM with GA model for intrusion detection,” Appl. Soft Comput. J., vol. 18, pp. 178–184, May 2014, doi: 10.1016/j.asoc.2014.01.028.KuangF.XuW.ZhangS.“A novel hybrid KPCA and SVM with GA model for intrusion detection,”18178184May201410.1016/j.asoc.2014.01.028Open DOISearch in Google Scholar
Z. Elkhadir, K. Chougdali, and M. Benattou, “Intrusion detection system using PCA and kernel PCA methods,” Lect. Notes Electr. Eng., vol. 381, pp. 489–497, 2016, doi: 10.1007/978-3-319-30298-0_50.ElkhadirZ.ChougdaliK.BenattouM.“Intrusion detection system using PCA and kernel PCA methods,”381489497201610.1007/978-3-319-30298-0_50Open DOISearch in Google Scholar
M. Amer, M. Goldstein, and S. Abdennadher, “Enhancing one-class Support Vector Machines for unsupervised anomaly detection,” Proc. ACM SIGKDD Work. Outlier Detect. Descr. ODD 2013, pp. 8–15, 2013, doi: 10.1145/2500853.2500857.AmerM.GoldsteinM.AbdennadherS.“Enhancing one-class Support Vector Machines for unsupervised anomaly detection,”815201310.1145/2500853.2500857Open DOISearch in Google Scholar
Q. T. Nguyen, T. Thu Huong, K. P. Tran, M. K. Nguyen, P. Castagliola, and S. Lardjane, “Nested one-class support vector machines for network intrusion detection,” 2018 IEEE 7th Int. Conf. Commun. Electron. ICCE 2018, pp. 7–12, Sep. 2018, doi: 10.1109/CCE.2018.8465718.NguyenQ. T.Thu HuongT.TranK. P.NguyenM. K.CastagliolaP.LardjaneS.“Nested one-class support vector machines for network intrusion detection,”712Sep.201810.1109/CCE.2018.8465718Open DOISearch in Google Scholar
M. Verkerken, L. D'hooge, T. Wauters, B. Volckaert, and F. De Turck, “Towards Model Generalization for Intrusion Detection: Unsupervised Machine Learning Techniques,” J. Netw. Syst. Manag., vol. 30, no. 1, pp. 1–25, Jan. 2022, doi: 10.1007/S10922-021-09615-7/FIGURES/6.VerkerkenM.D'hoogeL.WautersT.VolckaertB.De TurckF.“Towards Model Generalization for Intrusion Detection: Unsupervised Machine Learning Techniques,”301125Jan.202210.1007/S10922-021-09615-7/FIGURES/6Open DOISearch in Google Scholar
N. Paulauskas and A. Baskys, “Application of Histogram-Based Outlier Scores to Detect Computer Network Anomalies,” Electron. 2019, Vol. 8, Page 1251, vol. 8, no. 11, p. 1251, Nov. 2019, doi: 10.3390/ELECTRONICS8111251.PaulauskasN.BaskysA.“Application of Histogram-Based Outlier Scores to Detect Computer Network Anomalies,”8111251Nov.201910.3390/ELECTRONICS8111251Open DOISearch in Google Scholar
B. Schölkopf, J. C. Platt, J. Shawe-Taylor, A. J. Smola, and R. C. Williamson, “Estimating the support of a high-dimensional distribution,” Neural Comput., vol. 13, no. 7, pp. 1443–1471, Jul. 2001, doi: 10.1162/089976601750264965.SchölkopfB.PlattJ. C.Shawe-TaylorJ.SmolaA. J.WilliamsonR. C.“Estimating the support of a high-dimensional distribution,”13714431471Jul.200110.1162/089976601750264965Open DOISearch in Google Scholar
R. Aliakbarisani, A. Ghasemi, and S. Felix Wu, “A data-driven metric learning-based scheme for unsupervised network anomaly detection,” Comput. Electr. Eng., vol. 73, pp. 71–83, Jan. 2019, doi: 10.1016/J.COMPELECENG.2018.11.003.AliakbarisaniR.GhasemiA.Felix WuS.“A data-driven metric learning-based scheme for unsupervised network anomaly detection,”737183Jan.201910.1016/J.COMPELECENG.2018.11.003Open DOISearch in Google Scholar
J. Auskalnis, N. Paulauskas, and A. Baskys, “Application of Local Outlier Factor Algorithm to Detect Anomalies in Computer Network,” Elektron. ir Elektrotechnika, vol. 24, no. 3, pp. 96–99, Jun. 2018, doi: 10.5755/J01.EIE.24.3.20972.AuskalnisJ.PaulauskasN.BaskysA.“Application of Local Outlier Factor Algorithm to Detect Anomalies in Computer Network,”2439699Jun.201810.5755/J01.EIE.24.3.20972Open DOISearch in Google Scholar
T. Ding, M. Zhang, and D. He, “A Network Intrusion Detection Algorithm Based on Outlier Mining,” doi: 10.1007/978-981-10-6571-2_147.DingT.ZhangM.HeD.10.1007/978-981-10-6571-2_147Open DOISearch in Google Scholar
M. Manulis, A.-R. Sadeghi, and S. Schneider, Eds., “Applied Cryptography and Network Security,” vol. 9696, 2016, doi: 10.1007/978-3-319-39555-5.ManulisM.SadeghiA.-R.SchneiderS.Eds.9696201610.1007/978-3-319-39555-5Open DOISearch in Google Scholar
M. A. Kabir and X. Luo, “Unsuper vised Learning for Network Flow Based Anomaly Detection in the Era of Deep Learning,” Proc. - 2020 IEEE 6th Int. Conf. Big Data Comput. Serv. Appl. BigDataService 2020, pp. 165–168, Aug. 2020, doi: 10.1109/BIGDATASERVICE49289.2020.00032.KabirM. A.LuoX.“Unsuper vised Learning for Network Flow Based Anomaly Detection in the Era of Deep Learning,”165168Aug.202010.1109/BIGDATASERVICE49289.2020.00032Open DOISearch in Google Scholar
T. Truong-Huu et al., “An Empirical Study on Unsupervised Network Anomaly Detection using Generative Adversarial Networks,” SPAI 2020 - Proc. 1st ACM Work. Secur. Priv. Artif. Intelligent, Colocated with AsiaCCS 2020, pp. 20–29, Oct. 2020, doi: 10.1145/3385003.3410924.Truong-HuuT.“An Empirical Study on Unsupervised Network Anomaly Detection using Generative Adversarial Networks,”2029Oct.202010.1145/3385003.3410924Open DOISearch in Google Scholar
D. Sovilj, P. Budnarain, S. Sanner, G. Salmon, and M. Rao, “A comparative evaluation of unsupervised deep architectures for intrusion detection in sequential data streams,” Expert Syst. Appl., vol. 159, Nov. 2020, doi: 10.1016/J.ESWA.2020.113577.SoviljD.BudnarainP.SannerS.SalmonG.RaoM.“A comparative evaluation of unsupervised deep architectures for intrusion detection in sequential data streams,”159Nov.202010.1016/J.ESWA.2020.113577Open DOISearch in Google Scholar
F. Carrera, V. Dentamaro, S. Galantucci, A. Iannacone, D. Impedovo, and G. Pirlo, “Combining Unsupervised Approaches for Near Real-Time Network Traffic Anomaly Detection,” Appl. Sci. 2022, Vol. 12, Page 1759, vol. 12, no. 3, p. 1759, Feb. 2022, doi: 10.3390/APP12031759.CarreraF.DentamaroV.GalantucciS.IannaconeA.ImpedovoD.PirloG.“Combining Unsupervised Approaches for Near Real-Time Network Traffic Anomaly Detection,”1231759Feb.202210.3390/APP12031759Open DOISearch in Google Scholar
X. Sáez-de-Cámara, J. L. Flores, C. Arellano, A. Urbieta, and U. Zurutuza, “Clustered federated learning architecture for network anomaly detection in large scale heterogeneous IoT networks,” Comput. Secur., vol. 131, p. 103299, Aug. 2023, doi: 10.1016/J.COSE.2023.103299.Sáez-de-CámaraX.FloresJ. L.ArellanoC.UrbietaA.ZurutuzaU.“Clustered federated learning architecture for network anomaly detection in large scale heterogeneous IoT networks,”131103299Aug.202310.1016/J.COSE.2023.103299Open DOISearch in Google Scholar
P. Casas Hernandez, J. Mazel, P. Owezarski, P. O. Unsupervised, and P. Casas, “Network Intrusion Detection Systems: Detecting the Unknown without Knowledge,” Comput. Commun., vol. 35, no. 7, pp. 772–783, 2012, Accessed: May 23, 2022. [Online]. Available: https://hal.archives-ouvertes.fr/hal-00736278.Casas HernandezP.MazelJ.OwezarskiP.UnsupervisedP. O.CasasP.“Network Intrusion Detection Systems: Detecting the Unknown without Knowledge,”3577727832012Accessed: May 23, 2022. [Online]. Available: https://hal.archives-ouvertes.fr/hal-00736278.Search in Google Scholar
M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “An Effective Unsupervised Network Anomaly Detection Method,” 2012.BhuyanM. H.BhattacharyyaD. K.KalitaJ. K.2012Search in Google Scholar
P. Casas, J. Mazel, and P. Owezarski, “Knowledge-independent traffic monitoring: Unsupervised detection of network attacks,” IEEE Netw., vol. 26, no. 1, pp. 13–21, Jan. 2012, doi: 10.1109/MNET.2012.6135851.CasasP.MazelJ.OwezarskiP.“Knowledge-independent traffic monitoring: Unsupervised detection of network attacks,”2611321Jan.201210.1109/MNET.2012.6135851Open DOISearch in Google Scholar
I. Aljarah and S. A. Ludwig, “MapReduce intrusion detection system based on a particle swarm optimization clustering algorithm,” 2013 IEEE Congr. Evol. Comput. CEC 2013, pp. 955–962, 2013, doi: 10.1109/CEC.2013.6557670.AljarahI.LudwigS. A.“MapReduce intrusion detection system based on a particle swarm optimization clustering algorithm,”955962201310.1109/CEC.2013.6557670Open DOISearch in Google Scholar
J. Song, H. Takakura, Y. Okabe, and K. Nakao, “Toward a more practical unsupervised anomaly detection system,” Inf. Sci. (Ny)., vol. 231, pp. 4–14, May 2013, doi: 10.1016/J.INS.2011.08.011.SongJ.TakakuraH.OkabeY.NakaoK.“Toward a more practical unsupervised anomaly detection system,”231414May201310.1016/J.INS.2011.08.011Open DOISearch in Google Scholar
A. M. Chandrasekhar and K. Raghuveer, “Intrusion detection technique by using k-means, fuzzy neural network and SVM classifiers,” 2013 Int. Conf. Comput. Commun. Informatics, ICCCI 2013, 2013, doi: 10.1109/ICCCI.2013.6466310.ChandrasekharA. M.RaghuveerK.“Intrusion detection technique by using k-means, fuzzy neural network and SVM classifiers,”201310.1109/ICCCI.2013.6466310Open DOISearch in Google Scholar
“(PDF) Artificial Immune System Based Intrusion Detection: Innate Immunity using an Unsupervised Learning Approach.” https://www.researchgate.net/publication/270276153_Artificial_Immune_System_Based_Intrusion_Detection_Innate_Immunity_using_an_Unsupervised_Learning_Approach.https://www.researchgate.net/publication/270276153_Artificial_Immune_System_Based_Intrusion_Detection_Innate_Immunity_using_an_Unsupervised_Learning_Approach.Search in Google Scholar
K. A. P. Costa, L. A. M. Pereira, R. Y. M. Nakamura, C. R. Pereira, J. P. Papa, and A. Xavier Falcão, “A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks,” Inf. Sci. (Ny)., vol. 294, pp. 95–108, Feb. 2015, doi: 10.1016/J.INS.2014.09.025.CostaK. A. P.PereiraL. A. M.NakamuraR. Y. M.PereiraC. R.PapaJ. P.Xavier FalcãoA.“A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks,”29495108Feb.201510.1016/J.INS.2014.09.025Open DOISearch in Google Scholar
P. V. Amoli, T. Hamalainen, G. David, M. Zolotukhin, and M. Mirzamohammad, “Unsupervised Network Intrusion Detection Systems for Zero-Day Fast-Spreading Attacks and Botnets Distributed Intrusion Detection Systems Based on Artificial Immune System View project Unsupervised Network Intrusion Detection Systems for Zero-Day Fast-Spreading Attacks and Botnets,” Artic. Int. J. Digit. Content Technol. its Appl., 2016, Accessed: Jun. 16, 2022. [Online]. Available: https://www.researchgate.net/publication/301549262.AmoliP. V.HamalainenT.DavidG.ZolotukhinM.MirzamohammadM.“Unsupervised Network Intrusion Detection Systems for Zero-Day Fast-Spreading Attacks and Botnets Distributed Intrusion Detection Systems Based on Artificial Immune System View project Unsupervised Network Intrusion Detection Systems for Zero-Day Fast-Spreading Attacks and Botnets,”2016Accessed: Jun. 16, 2022. [Online]. Available: https://www.researchgate.net/publication/301549262.Search in Google Scholar
H. Bostani and M. Sheikhan, “Modification of supervised OPF-based intrusion detection systems using unsupervised learning and social network concept,” Pattern Recognit., vol. 62, pp. 56–72, Feb. 2017, doi: 10.1016/J.PATCOG.2016.08.027.BostaniH.SheikhanM.“Modification of supervised OPF-based intrusion detection systems using unsupervised learning and social network concept,”625672Feb.201710.1016/J.PATCOG.2016.08.027Open DOISearch in Google Scholar
M. Almi'Ani, A. A. Ghazleh, A. Al-Rahayfeh, and A. Razaque, “Intelligent intrusion detection system using clustered self organized map,” 2018 5th Int. Conf. Softw. Defin. Syst. SDS 2018, pp. 138–144, May 2018, doi: 10.1109/SDS.2018.8370435.Almi'AniM.GhazlehA. A.Al-RahayfehA.RazaqueA.“Intelligent intrusion detection system using clustered self organized map,”138144May201810.1109/SDS.2018.8370435Open DOISearch in Google Scholar
D. He, S. Chan, X. Ni, and M. Guizani, “Software-Defined-Networking-Enabled Traffic Anomaly Detection and Mitigation,” IEEE Internet Things J., vol. 4, no. 6, pp. 1890–1898, Dec. 2017, doi: 10.1109/JIOT.2017.2694702.HeD.ChanS.NiX.GuizaniM.“Software-Defined-Networking-Enabled Traffic Anomaly Detection and Mitigation,”4618901898Dec.201710.1109/JIOT.2017.2694702Open DOISearch in Google Scholar
E. Ariafar and R. Kiani, “Intrusion detection system using an optimized framework based on datamining techniques,” 2017 IEEE 4th Int. Conf. Knowledge-Based Eng. Innov. KBEI 2017, vol. 2018-January, pp. 0785–0791, Mar. 2018, doi: 10.1109/KBEI.2017.8324903.AriafarE.KianiR.“Intrusion detection system using an optimized framework based on datamining techniques,”vol. 2018-January,07850791Mar.201810.1109/KBEI.2017.8324903Open DOISearch in Google Scholar
E. Bigdeli, M. Mohammadi, B. Raahemi, and S. Matwin, “Incremental anomaly detection using two-layer cluster-based structure,” Inf. Sci. (Ny)., vol. 429, pp. 315–331, Mar. 2018, doi: 10.1016/J.INS.2017.11.023.BigdeliE.MohammadiM.RaahemiB.MatwinS.“Incremental anomaly detection using two-layer cluster-based structure,”429315331Mar.201810.1016/J.INS.2017.11.023Open DOISearch in Google Scholar
M. Almi'Ani, A. A. Ghazleh, A. Al-Rahayfeh, and A. Razaque, “Intelligent intrusion detection system using clustered self organized map,” in 2018 5th International Conference on Software Defined Systems, SDS 2018, May 2018, pp. 138–144, doi: 10.1109/SDS.2018.8370435.Almi'AniM.GhazlehA. A.Al-RahayfehA.RazaqueA.in2018 5th International Conference on Software Defined Systems, SDS 2018May 201813814410.1109/SDS.2018.8370435Open DOISearch in Google Scholar
Y. Zhou, L. Yu, M. Liu, Y. Zhang, and H. Li, “Network intrusion detection based on kernel principal component analysis and extreme learning machine,” Int. Conf. Commun. Technol. Proceedings, ICCT, vol. 2019-October, pp. 860–864, Jan. 2019, doi: 10.1109/ICCT.2018.8600104.ZhouY.YuL.LiuM.ZhangY.LiH.“Network intrusion detection based on kernel principal component analysis and extreme learning machine,”vol. 2019-October,860864Jan.201910.1109/ICCT.2018.8600104Open DOISearch in Google Scholar
H. Choi, M. Kim, G. Lee, and W. Kim, “Unsupervised learning approach for network intrusion detection system using autoencoders,” J. Supercomput., vol. 75, no. 9, pp. 5597–5621, Sep. 2019, doi: 10.1007/S11227-019-02805-W/TABLES/10.ChoiH.KimM.LeeG.KimW.“Unsupervised learning approach for network intrusion detection system using autoencoders,”75955975621Sep.201910.1007/S11227-019-02805-W/TABLES/10Open DOISearch in Google Scholar
R. H. Hwang, M. C. Peng, C. W. Huang, P. C. Lin, and V. L. Nguyen, “An Unsupervised Deep Learning Model for Early Network Traffic Anomaly Detection,” IEEE Access, vol. 8, pp. 30387–30399, 2020, doi: 10.1109/ACCESS.2020.2973023.HwangR. H.PengM. C.HuangC. W.LinP. C.NguyenV. L.“An Unsupervised Deep Learning Model for Early Network Traffic Anomaly Detection,”83038730399202010.1109/ACCESS.2020.2973023Open DOISearch in Google Scholar
S. Zavrak and M. Iskefiyeli, “Anomaly-Based Intrusion Detection from Network Flow Features Using Variational Autoencoder,” IEEE Access, vol. 8, pp. 108346–108358, 2020, doi: 10.1109/ACCESS.2020.3001350.ZavrakS.IskefiyeliM.“Anomaly-Based Intrusion Detection from Network Flow Features Using Variational Autoencoder,”8108346108358202010.1109/ACCESS.2020.3001350Open DOISearch in Google Scholar
A. A. Megantara and T. Ahmad, “A hybrid machine learning method for increasing the performance of network intrusion detection systems,” J. Big Data, vol. 8, no. 1, pp. 1–19, Dec. 2021, doi: 10.1186/S40537-021-00531-W/TABLES/8.MegantaraA. A.AhmadT.“A hybrid machine learning method for increasing the performance of network intrusion detection systems,”81119Dec.202110.1186/S40537-021-00531-W/TABLES/8Open DOISearch in Google Scholar
J. Liao, S. G. Teo, P. Pratim Kundu, and T. Truong-Huu, “ENAD: An ensemble framework for unsupervised network anomaly detection,” Proc. 2021 IEEE Int. Conf. Cyber Secur. Resilience, CSR 2021, pp. 81–88, Jul. 2021, doi: 10.1109/CSR51186.2021.9527982.LiaoJ.TeoS. G.Pratim KunduP.Truong-HuuT.“ENAD: An ensemble framework for unsupervised network anomaly detection,”8188Jul.202110.1109/CSR51186.2021.9527982Open DOISearch in Google Scholar
A. Singh and J. Jang-Jaccard, “Autoencoder-based Unsupervised Intrusion Detection using Multi-Scale Convolutional Recurrent Networks,” Apr. 2022, Accessed: Jun. 05, 2023. [Online]. Available: https://arxiv.org/abs/2204.03779v1.SinghA.Jang-JaccardJ.Apr.2022Accessed: Jun. 05, 2023. [Online]. Available: https://arxiv.org/abs/2204.03779v1.Search in Google Scholar
Y. Wang, G. Sun, X. Cao, and J. Yang, “An Intrusion Detection System for the Internet of Things Based on the Ensemble of Unsupervised Techniques,” Wirel. Commun. Mob. Comput., vol. 2022, 2022, doi: 10.1155/2022/8614903.WangY.SunG.CaoX.YangJ.“An Intrusion Detection System for the Internet of Things Based on the Ensemble of Unsupervised Techniques,”2022202210.1155/2022/8614903Open DOISearch in Google Scholar
G. de C. Bertoli, L. A. P. Junior, A. L. dos Santos, and O. Saotome, “Generalizing intrusion detection for heterogeneous networks: A stacked-unsupervised federated learning approach,” Comput. Secur., vol. 127, Sep. 2022, doi: 10.1016/j.cose.2023.103106.BertoliG. de C.JuniorL. A. P.dos SantosA. L.SaotomeO.“Generalizing intrusion detection for heterogeneous networks: A stacked-unsupervised federated learning approach,”127Sep.202210.1016/j.cose.2023.103106Open DOISearch in Google Scholar
M. E. Eren et al., “General-purpose Unsupervised Cyber Anomaly Detection via Non-negative Tensor Factorization,” Digit. Threat. Res. Pract., vol. 4, no. 1, pp. 1–28, Mar. 2023, doi: 10.1145/3519602.ErenM. E.“General-purpose Unsupervised Cyber Anomaly Detection via Non-negative Tensor Factorization,”41128Mar.202310.1145/3519602Open DOISearch in Google Scholar
J. Lan, X. Liu, B. Li, and J. Zhao, “A novel hierarchical attention-based triplet network with unsupervised domain adaptation for network intrusion detection,” Appl. Intell., vol. 53, no. 10, pp. 11705–11726, May 2022, doi: 10.1007/S10489-022-04076-0/FIGURES/8.LanJ.LiuX.LiB.ZhaoJ.“A novel hierarchical attention-based triplet network with unsupervised domain adaptation for network intrusion detection,”53101170511726May202210.1007/S10489-022-04076-0/FIGURES/8Open DOISearch in Google Scholar
T. K. Boppana and P. Bagade, “GAN-AE: An unsupervised intrusion detection system for MQTT networks,” Eng. Appl. Artif. Intell., vol. 119, p. 105805, Mar. 2023, doi: 10.1016/J.ENGAPPAI.2022.105805.BoppanaT. K.BagadeP.“GAN-AE: An unsupervised intrusion detection system for MQTT networks,”119105805Mar.202310.1016/J.ENGAPPAI.2022.105805Open DOISearch in Google Scholar
“MIT Lincoln Laboratory: DARPA Intrusion Detection Evaluation.” https://archive.ll.mit.edu/ideval/data/2000data.html (accessed May 25, 2022).https://archive.ll.mit.edu/ideval/data/2000data.html (accessed May 25, 2022).Search in Google Scholar
“KDD Cup 1999 Data.” http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (accessed May 25, 2022).http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (accessed May 25, 2022).Search in Google Scholar
“DEF CON® Hacking Conference - Call for CTF Organizers.” https://defcon.org/html/links/dc-ctfcfo.html (accessed Feb. 10, 2024).https://defcon.org/html/links/dc-ctfcfo.html (accessed Feb. 10, 2024).Search in Google Scholar
“LBNL/ICSI Enterprise Tracing Project - Traces Project Papers.” https://www.icir.org/enterprise-tracing/papers.html (accessed May 25, 2022).https://www.icir.org/enterprise-tracing/papers.html (accessed May 25, 2022).Search in Google Scholar
J. Song, H. Takakura, Y. Okabe, M. Eto, D. Inoue, and K. Nakao, “Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation,” Proc. 1st Work. Build. Anal. Datasets Gather. Exp. Returns Secur. BADGERS 2011, pp. 29–36, 2011, doi: 10.1145/1978672.1978676.SongJ.TakakuraH.OkabeY.EtoM.InoueD.NakaoK.“Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation,”2936201110.1145/1978672.1978676Open DOISearch in Google Scholar
“NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB.” https://www.unb.ca/cic/datasets/nsl.html (accessed May 25, 2022).https://www.unb.ca/cic/datasets/nsl.html (accessed May 25, 2022).Search in Google Scholar
“Cyber Research Center - Data Sets | United States Military Academy West Point.” https://www.usma.edu/centers-and-research/cyber-research-center/data-sets (accessed Feb. 10, 2024).https://www.usma.edu/centers-and-research/cyber-research-center/data-sets (accessed Feb. 10, 2024).Search in Google Scholar
A. Shiravi, H. Shiravi, M. Tavallaee, and A. A. Ghorbani, “Toward developing a systematic approach to generate benchmark datasets for intrusion detection,” Comput. Secur., vol. 31, no. 3, pp. 357–374, May 2012, doi: 10.1016/J.COSE.2011.12.012.ShiraviA.ShiraviH.TavallaeeM.GhorbaniA. A.“Toward developing a systematic approach to generate benchmark datasets for intrusion detection,”313357374May201210.1016/J.COSE.2011.12.012Open DOISearch in Google Scholar
M. Jonker, A. King, J. Krupp, C. Rossow, A. Sperotto, and A. Dainotti, “Millions of targets under atack: A macroscopic characterization of the DoS ecosystem,” Proc. ACM SIGCOMM Internet Meas. Conf. IMC, vol. Part F131937, pp. 100–113, Nov. 2017, doi: 10.1145/3131365.3131383.JonkerM.KingA.KruppJ.RossowC.SperottoA.DainottiA.“Millions of targets under atack: A macroscopic characterization of the DoS ecosystem,”vol. Part F131937,100113Nov.201710.1145/3131365.3131383Open DOISearch in Google Scholar
N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” 2015 Mil. Commun. Inf. Syst. Conf. MilCIS 2015 - Proc., Dec. 2015, doi: 10.1109/MILCIS.2015.7348942.MoustafaN.SlayJ.“UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),”Dec.201510.1109/MILCIS.2015.7348942Open DOISearch in Google Scholar
M. Ring, S. Wunderlich, D. Grüdl, D. Landes, and A. Hotho, “Flow-based benchmark data sets for intrusion detection,” 2017.RingM.WunderlichS.GrüdlD.LandesD.HothoA.2017Search in Google Scholar
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” ICISSP 2018 - Proc. 4th Int. Conf. Inf. Syst. Secur. Priv., vol. 2018-January, pp. 108–116, 2018, doi: 10.5220/0006639801080116.SharafaldinI.LashkariA. H.GhorbaniA. A.“Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,”vol. 2018-January,108116201810.5220/0006639801080116Open DOISearch in Google Scholar
M. P. Bharati and S. Tamane, “NIDS-Network Intrusion Detection System Based on Deep and Machine Learning Frameworks with CICIDS2018 using Cloud Computing,” Proc. 2020 Int. Conf. Smart Innov. Des. Environ. Manag. Plan. Comput. ICSIDEMPC 2020, pp. 27–30, Oct. 2020, doi: 10.1109/ICSIDEMPC49020.2020.9299584.BharatiM. P.TamaneS.“NIDS-Network Intrusion Detection System Based on Deep and Machine Learning Frameworks with CICIDS2018 using Cloud Computing,”2730Oct.202010.1109/ICSIDEMPC49020.2020.9299584Open DOISearch in Google Scholar
I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani, “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy,” Proc. - Int. Carnahan Conf. Secur. Technol., vol. 2019-October, Oct. 2019, doi: 10.1109/CCST.2019.8888419.SharafaldinI.LashkariA. H.HakakS.GhorbaniA. A.“Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy,”vol. 2019-October,Oct.201910.1109/CCST.2019.8888419Open DOISearch in Google Scholar
N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, “Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,” Futur. Gener. Comput. Syst., vol. 100, pp. 779–796, Nov. 2019, doi: 10.1016/J.FUTURE.2019.05.041.KoroniotisN.MoustafaN.SitnikovaE.TurnbullB.“Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,”100779796Nov.201910.1016/J.FUTURE.2019.05.041Open DOISearch in Google Scholar
“IoT-23 Dataset: A labeled dataset of Malware and Benign IoT Traffic. — Stratosphere IPS.” https://www.stratosphereips.org/datasets-iot23 (accessed Jul. 08, 2023).https://www.stratosphereips.org/datasets-iot23 (accessed Jul. 08, 2023).Search in Google Scholar
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” IEEE Symp. Comput. Intell. Secur. Def. Appl. CISDA 2009, Dec. 2009, doi: 10.1109/CISDA.2009.5356528.TavallaeeM.BagheriE.LuW.GhorbaniA. A.“A detailed analysis of the KDD CUP 99 data set,”Dec.200910.1109/CISDA.2009.5356528Open DOISearch in Google Scholar
N. Moustafa, G. Creech, and J. Slay, “Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models,” pp. 127–156, 2017, doi: 10.1007/978-3-319-59439-2_5.MoustafaN.CreechG.SlayJ.127156201710.1007/978-3-319-59439-2_5Open DOISearch in Google Scholar
M. Ahmed, A. Naser Mahmood, and J. Hu, “A survey of network anomaly detection techniques,” J. Netw. Comput. Appl., vol. 60, pp. 19–31, 2016, doi: 10.1016/j.jnca.2015.11.016.AhmedM.Naser MahmoodA.HuJ.“A survey of network anomaly detection techniques,”601931201610.1016/j.jnca.2015.11.016Open DOISearch in Google Scholar
M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “Network Anomaly Detection: Methods, Systems and Tools,” IEEE Commun. Surv. TUTORIALS, vol. 16, no. 1, 2014, doi: 10.1109/SURV.2013.052213.00046.BhuyanM. H.BhattacharyyaD. K.KalitaJ. K.“Network Anomaly Detection: Methods, Systems and Tools,”161201410.1109/SURV.2013.052213.00046Open DOISearch in Google Scholar
“GitHub - snayan06/Dimensionality-Reduction-Technique-PCA-LDA-ICA-SVD: In this we are going to learn about how to impliment PCA algorithm which is useful for Dimentionality Reduction.” https://github.com/snayan06/Dimensionality-Reduction-Technique-PCALDA-ICA-SVD (accessed Oct. 29, 2022).https://github.com/snayan06/Dimensionality-Reduction-Technique-PCALDA-ICA-SVD (accessed Oct. 29, 2022).Search in Google Scholar
“GitHub - vamsikrishnachangala/Dimensionality_reduction_KPCA.” https://github.com/vamsikrishnachangala/Dimensionality_reduction_KPCA (accessed Oct. 29, 2022).https://github.com/vamsikrishnachangala/Dimensionality_reduction_KPCA (accessed Oct. 29, 2022).Search in Google Scholar
“GitHub - Habeebhassan/Anomaly_Detection_HBOS: Anomaly detection model using Histogram Based Outlier System to create labels for unsupervised dataset, by detecting outliers as a result of threshold set.” https://github.com/Habeebhassan/Anomaly_Detection_HBOS (accessed Oct. 29, 2022).https://github.com/Habeebhassan/Anomaly_Detection_HBOS (accessed Oct. 29, 2022).Search in Google Scholar
“GitHub - zhongyuchen/outlier-detection: Detect outliers with 3 methods: LOF, DBSCAN and one-class SVM.” https://github.com/zhongyuchen/outlier-detection (accessed Oct. 29, 2022).https://github.com/zhongyuchen/outlier-detection (accessed Oct. 29, 2022).Search in Google Scholar
“GitHub - yzhao062/pyod: A Comprehensive and Scalable Python Library for Outlier Detection (Anomaly Detection).” https://github.com/yzhao062/pyod#hoffmann2007kernel (accessed Oct. 30, 2022).https://github.com/yzhao062/pyod#hoffmann2007kernel (accessed Oct. 30, 2022).Search in Google Scholar
H. Bin Wang, H. L. Yang, Z. J. Xu, and Z. Yuan, “A clustering algorithm use SOM and K-Means in Intrusion Detection,” Proc. Int. Conf. E-bus. E-Government, ICEE 2010, pp. 1281–1284, 2010, doi: 10.1109/ICEE.2010.327.Bin WangH.YangH. L.XuZ. J.YuanZ.“A clustering algorithm use SOM and K-Means in Intrusion Detection,”12811284201010.1109/ICEE.2010.327Open DOISearch in Google Scholar
E. J. Palomo, E. Domínguez, R. M. Luque, and J. Muñoz, “Network security using growing hierarchical self-organizing maps,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 5495 LNCS, pp. 130–139, 2009, doi: 10.1007/978-3-642-04921-7_14.PalomoE. J.DomínguezE.LuqueR. M.MuñozJ.“Network security using growing hierarchical self-organizing maps,”5495LNCS,130139200910.1007/978-3-642-04921-7_14Open DOISearch in Google Scholar
D. Ippoliti and X. Zhou, “A-GHSOM: An adaptive growing hierarchical self organizing map for network anomaly detection,” J. Parallel Distrib. Comput., vol. 72, no. 12, pp. 1576–1590, Dec. 2012, doi: 10.1016/J.JPDC.2012.09.004.IppolitiD.ZhouX.“A-GHSOM: An adaptive growing hierarchical self organizing map for network anomaly detection,”721215761590Dec.201210.1016/J.JPDC.2012.09.004Open DOISearch in Google Scholar
H. Gunes Kayacik, A. Nur Zincir-Heywood, and M. I. Heywood, “A hierarchical SOM-based intrusion detection system,” Eng. Appl. Artif. Intell., vol. 20, no. 4, pp. 439–451, Jun. 2007, doi: 10.1016/J.ENGAPPAI.2006.09.005.Gunes KayacikH.Nur Zincir-HeywoodA.HeywoodM. I.“A hierarchical SOM-based intrusion detection system,”204439451Jun.200710.1016/J.ENGAPPAI.2006.09.005Open DOISearch in Google Scholar
M. Vasighi and H. Amini, “A directed batch growing approach to enhance the topology preservation of self-organizing map,” Appl. Soft Comput., vol. 55, pp. 424–435, Jun. 2017, doi: 10.1016/J.ASOC.2017.02.015.VasighiM.AminiH.“A directed batch growing approach to enhance the topology preservation of self-organizing map,”55424435Jun.201710.1016/J.ASOC.2017.02.015Open DOISearch in Google Scholar
R. R. Selvaraju, M. Cogswell, A. Das, R. Vedantam, D. Parikh, and D. Batra, “Grad-CAM: Visual Explanations from Deep Networks via Gradient-Based Localization,” Proc. IEEE Int. Conf. Comput. Vis., vol. 2017-October, pp. 618–626, Dec. 2017, doi: 10.1109/ICCV.2017.74.SelvarajuR. R.CogswellM.DasA.VedantamR.ParikhD.BatraD.“Grad-CAM: Visual Explanations from Deep Networks via Gradient-Based Localization,”vol. 2017-October,618626Dec.201710.1109/ICCV.2017.74Open DOISearch in Google Scholar
D. Bau, B. Zhou, A. Khosla, A. Oliva, and A. Torralba, “Network dissection: Quantifying interpretability of deep visual representations,” Proc. - 30th IEEE Conf. Comput. Vis. Pattern Recognition, CVPR 2017, vol. 2017-January, pp. 3319–3327, Nov. 2017, doi: 10.1109/CVPR.2017.354.BauD.ZhouB.KhoslaA.OlivaA.TorralbaA.“Network dissection: Quantifying interpretability of deep visual representations,”vol. 2017-January,33193327Nov.201710.1109/CVPR.2017.354Open DOISearch in Google Scholar
I. Sturm, S. Lapuschkin, W. Samek, and K. R. Müller, “Interpretable Deep Neural Networks for Single-Trial EEG Classification,” J. Neurosci. Methods, vol. 274, pp. 141–145, Apr. 2016, doi: 10.48550/arxiv.1604.08201.SturmI.LapuschkinS.SamekW.MüllerK. R.“Interpretable Deep Neural Networks for Single-Trial EEG Classification,”274141145Apr.201610.48550/arxiv.1604.08201Open DOISearch in Google Scholar
R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” Proc. - IEEE Symp. Secur. Priv., pp. 305–316, 2010, doi: 10.1109/SP.2010.25.SommerR.PaxsonV.“Outside the closed world: On using machine learning for network intrusion detection,”305316201010.1109/SP.2010.25Open DOISearch in Google Scholar