{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T23:46:17Z","timestamp":1740181577400,"version":"3.37.3"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2023,5,19]],"date-time":"2023-05-19T00:00:00Z","timestamp":1684454400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,5,19]],"date-time":"2023-05-19T00:00:00Z","timestamp":1684454400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"DOI":"10.1007\/s42979-023-01849-3","type":"journal-article","created":{"date-parts":[[2023,5,19]],"date-time":"2023-05-19T10:02:39Z","timestamp":1684490559000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Study of Network IDS in IoT devices"],"prefix":"10.1007","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5937-5331","authenticated-orcid":false,"given":"Arnaud","family":"Rosay","sequence":"first","affiliation":[]},{"given":"Elo\u00efse","family":"Cheval","sequence":"additional","affiliation":[]},{"given":"Mustapha","family":"Ghanmi","sequence":"additional","affiliation":[]},{"given":"Florent","family":"Carlier","sequence":"additional","affiliation":[]},{"given":"Pascal","family":"Leroux","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,5,19]]},"reference":[{"key":"1849_CR1","unstructured":"(1999) Kdd cup 1999: computer network intrusion detection. https:\/\/kdd.org\/kdd-cup\/view\/kdd-cup-1999\/Tasks."},{"key":"1849_CR2","unstructured":"Agilent\u00a0Technologies. The journal of internet test methodologies. 2007. http:\/\/www.ixiacom.com\/pdfs\/test_plans\/agilent_journal_of_internet_test_methodologies.pdf."},{"issue":"7","key":"1849_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.5120\/1092-1427","volume":"6","author":"U Banerjee","year":"2010","unstructured":"Banerjee U, Vashishtha A, Saxena M. Evaluation of the capabilities of wireshark as a tool for intrusion detection. Int J Comput Appl. 2010;6(7):1\u20135. https:\/\/doi.org\/10.5120\/1092-1427. (published By Foundation of Computer Science).","journal-title":"Int J Comput Appl."},{"issue":"6","key":"1849_CR4","doi-asserted-by":"publisher","first-page":"981","DOI":"10.1016\/j.jcss.2014.12.012","volume":"81","author":"W Bul\u2019ajoul","year":"2015","unstructured":"Bul\u2019ajoul W, James A, Pannu M. Improving network intrusion detection system performance through quality of service configuration and parallel technology. J Comput Syst Sci. 2015;81(6):981\u201399. https:\/\/doi.org\/10.1016\/j.jcss.2014.12.012. (special Issue on Optimisation, Security, Privacy and Trust in E-business Systemsspecial Issue on Optimisation, Security, Privacy and Trust in E-business Systemsspecial Issue on Optimisation, Security, Privacy and Trust in E-business Systems).","journal-title":"J Comput Syst Sci"},{"key":"1849_CR5","unstructured":"Canadian Institute for Cybersecurity. Applications\u2014icflowmeter (formerly iscxflowmeter). 2017a. https:\/\/www.unb.ca\/cic\/research\/applications.html."},{"key":"1849_CR6","unstructured":"Canadian Institute for Cybersecurity. Intrusion detection evaluation dataset (cicids2017). 2017b. https:\/\/www.unb.ca\/cic\/datasets\/ids-2017.html."},{"key":"1849_CR7","unstructured":"Canadian Institute for Cybersecurity. Cse-cic-ids2018 on aws, a collaborative project between the communications security establishment (cse) & the Canadian institute for cybersecurity (cic). 2018. https:\/\/www.unb.ca\/cic\/datasets\/ids-2018.html."},{"issue":"102","key":"1849_CR8","first-page":"341","volume":"108","author":"M Catillo","year":"2021","unstructured":"Catillo M, Pecchia A, Rak M, et al. Demystifying the role of public intrusion datasets: a replication study of dos network traffic data. Comput Secur. 2021;108(102):341.","journal-title":"Comput Secur."},{"key":"1849_CR9","doi-asserted-by":"crossref","unstructured":"Claise B, Trammell B, Aitken P. Specification of the ip flow information export (ipfix) protocol for the exchange of flow information. STD\u00a077, 2013. http:\/\/www.rfc-editor.org\/rfc\/rfc7011.txt.","DOI":"10.17487\/rfc7015"},{"key":"1849_CR10","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/3-540-60922-9_46","volume-title":"STACS 96","author":"M Dietzfelbinger","year":"1996","unstructured":"Dietzfelbinger M. Universal hashing and k-wise independent random variables via integer arithmetic without primes. In: Puech C, Reischuk R, editors. STACS 96. Berlin, Heidelberg: Springer Berlin Heidelberg; 1996. p. 567\u201380."},{"key":"1849_CR11","doi-asserted-by":"publisher","unstructured":"Draper-Gil G, Lashkari AH, Mamun MSI, et\u00a0al. Characterization of encrypted and vpn traffic using time-related features. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP), INSTICC, vol\u00a01. SciTePress, 2016; pp 407\u2013414, https:\/\/doi.org\/10.5220\/0005740704070414.","DOI":"10.5220\/0005740704070414"},{"key":"1849_CR12","unstructured":"Felt AP, Barnes R, King A, et\u00a0al. Measuring https adoption on the web. In: Proceedings of the 26th USENIX Conference on Security Symposium. USENIX Association, USA, SEC\u201917, 2017; pp. 1323\u20131338."},{"issue":"3","key":"1849_CR13","doi-asserted-by":"publisher","first-page":"203","DOI":"10.18280\/ria.330306","volume":"33","author":"S Fenanir","year":"2019","unstructured":"Fenanir S, Semchedine F, Baadache A. A machine learning-based lightweight intrusion detection system for the internet of things. Rev d\u2019Intell Artif. 2019;33(3):203\u201311. https:\/\/doi.org\/10.18280\/ria.330306.","journal-title":"Rev d\u2019Intell Artif."},{"key":"1849_CR14","doi-asserted-by":"publisher","unstructured":"Garg A, Maheshwari P. Performance analysis of Snort-based Intrusion Detection System. In: 3rd International Conference on Advanced Computing and Communication Systems (ICACCS), 2016a; pp 1\u20135, https:\/\/doi.org\/10.1109\/ICACCS.2016.7586351.","DOI":"10.1109\/ICACCS.2016.7586351"},{"key":"1849_CR15","doi-asserted-by":"publisher","unstructured":"Garg A, Maheshwari P. Performance analysis of Snort-based Intrusion Detection System. In: 3rd International Conference on Advanced Computing and Communication Systems (ICACCS), 2016b; pp 1\u20135, https:\/\/doi.org\/10.1109\/ICACCS.2016.7586351.","DOI":"10.1109\/ICACCS.2016.7586351"},{"key":"1849_CR16","doi-asserted-by":"publisher","unstructured":"Gohari M, Hashemi S, Abdi L. Android malware detection and classification based on network traffic using deep learning. In: 2021 7th International Conference on Web Research (ICWR), 2021; pp 71\u201377, https:\/\/doi.org\/10.1109\/ICWR51868.2021.9443025.","DOI":"10.1109\/ICWR51868.2021.9443025"},{"key":"1849_CR17","doi-asserted-by":"publisher","DOI":"10.1145\/1356052.1356053","author":"K Goto","year":"2008","unstructured":"Goto K, Geijn RAVD. Anatomy of high-performance matrix multiplication. ACM Trans Math Softw. 2008. https:\/\/doi.org\/10.1145\/1356052.1356053.","journal-title":"ACM Trans Math Softw."},{"issue":"3","key":"1849_CR18","doi-asserted-by":"publisher","first-page":"659","DOI":"10.1007\/s11222-016-9646-1","volume":"27","author":"B Gregorutti","year":"2017","unstructured":"Gregorutti B, Michel B, Saint-Pierre P. Correlation and variable importance in random forests. Stat Comput. 2017;27(3):659\u201378. https:\/\/doi.org\/10.1007\/s11222-016-9646-1.","journal-title":"Stat Comput"},{"key":"1849_CR19","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/978-981-10-7871-2_16","volume-title":"Progress in computing, analytics and networking","author":"P Joshi","year":"2018","unstructured":"Joshi P, Prasad R, Mewada P, et al. A new neural network-based ids for cloud computing. In: Pattnaik PK, Rautaray SS, Das H, et al., editors. Progress in computing, analytics and networking. Singapore: Springer Singapore; 2018. p. 161\u201370."},{"key":"1849_CR20","unstructured":"Kali. Kali linux, the most advanced penetration testing distribution. 2017. https:\/\/en.wikipedia.org\/wiki\/Internet_Mix, https:\/\/www.kali.org\/."},{"key":"1849_CR21","doi-asserted-by":"publisher","unstructured":"Lashkari AH, Gil GD, Mamun MSI, et\u00a0al. Characterization of tor traffic using time based features. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,. SciTePress, 2017; p 253\u2013262, https:\/\/doi.org\/10.5220\/0006105602530262.","DOI":"10.5220\/0006105602530262"},{"key":"1849_CR22","doi-asserted-by":"publisher","unstructured":"Lashkari AH, Kadir AFA, Taheri L, et\u00a0al. Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference on Security Technology (ICCST), 2018. pp 1\u20137, https:\/\/doi.org\/10.1109\/CCST.2018.8585560.","DOI":"10.1109\/CCST.2018.8585560"},{"key":"1849_CR23","doi-asserted-by":"publisher","first-page":"3491","DOI":"10.1109\/ACCESS.2017.2782159","volume":"6","author":"G Loukas","year":"2018","unstructured":"Loukas G, Vuong T, Heartfield R, et al. Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access. 2018;6:3491\u2013508. https:\/\/doi.org\/10.1109\/ACCESS.2017.2782159.","journal-title":"IEEE Access"},{"issue":"4","key":"1849_CR24","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1145\/382912.382923","volume":"3","author":"J McHugh","year":"2000","unstructured":"McHugh J. Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans Inf Syst Secur. 2000;3(4):262\u201394. https:\/\/doi.org\/10.1145\/382912.382923.","journal-title":"ACM Trans Inf Syst Secur"},{"key":"1849_CR25","doi-asserted-by":"publisher","DOI":"10.1145\/2808691","author":"A Milenkoski","year":"2015","unstructured":"Milenkoski A, Vieira M, Kounev S, et al. Evaluating computer intrusion detection systems: a survey of common practices. ACM Comput Surv. 2015. https:\/\/doi.org\/10.1145\/2808691.","journal-title":"ACM Comput Surv."},{"key":"1849_CR26","doi-asserted-by":"publisher","unstructured":"Ming G, Kenong Z, Jiahua L. Efficient packet matching for gigabit network intrusion detection using tcams. In: 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA\u201906), 2006; pp 6 pp.\u2013254, https:\/\/doi.org\/10.1109\/AINA.2006.164.","DOI":"10.1109\/AINA.2006.164"},{"key":"1849_CR27","doi-asserted-by":"publisher","unstructured":"Moustafa N, Slay J. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (MilCIS), 2015;pp 1\u20136, https:\/\/doi.org\/10.1109\/MilCIS.2015.7348942.","DOI":"10.1109\/MilCIS.2015.7348942"},{"issue":"2","key":"1849_CR28","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1504\/IJSN.2015.070421","volume":"10","author":"V Ndatinya","year":"2015","unstructured":"Ndatinya V, Xiao Z, Manepalli VR, et al. Network forensics analysis using wireshark. Int J Secur Netw. 2015;10(2):91\u2013106. https:\/\/doi.org\/10.1504\/IJSN.2015.070421.","journal-title":"Int J Secur Netw"},{"key":"1849_CR29","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/11599548_24","volume-title":"Information security and cryptology","author":"JS Park","year":"2005","unstructured":"Park JS, Shazzad KM, Kim DS. Toward modeling lightweight intrusion detection system through correlation-based hybrid feature selection. In: Feng D, Lin D, Yung M, editors. Information security and cryptology. Berlin, Heidelberg: Springer Berlin Heidelberg; 2005. p. 279\u201389. https:\/\/doi.org\/10.1007\/11599548_24."},{"key":"1849_CR30","unstructured":"Parliament E. Regulation (EU) 2015\/758 of the European Parliament and of the Council of 29 April 2015 concerning type-approval requirements for the deployment of the eCall in-vehicle system based on the 112 service and amending Directive 2007\/46\/EC. Official Journal of the European Union. 2015. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32015R0758."},{"key":"1849_CR31","unstructured":"Pugh W. A skip list cookbook. USA: Tech. rep; 1990."},{"issue":"6","key":"1849_CR32","doi-asserted-by":"publisher","first-page":"668","DOI":"10.1145\/78973.78977","volume":"33","author":"W Pugh","year":"1990","unstructured":"Pugh W. Skip lists: a probabilistic alternative to balanced trees. Commun ACM. 1990;33(6):668\u201376. https:\/\/doi.org\/10.1145\/78973.78977.","journal-title":"Commun ACM"},{"key":"1849_CR33","volume-title":"C4.5: programs for machine learning","author":"JR Quinlan","year":"1993","unstructured":"Quinlan JR. C4.5: programs for machine learning. Oxford: Morgan Kaufmann; 1993."},{"key":"1849_CR34","doi-asserted-by":"publisher","unstructured":"Roesch M. Snort\u2014lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX Conference on System Administration. USENIX Association, USA, LISA \u201999, 1999; p 229-238, https:\/\/doi.org\/10.5555\/1039834.1039864.","DOI":"10.5555\/1039834.1039864"},{"key":"1849_CR35","doi-asserted-by":"publisher","unstructured":"Sahar N, Mishra R, Kalam S. Deep learning approach-based network intrusion detection system for fog-assisted iot. In: Tiwari S, Suryani E, Ng AK, et\u00a0al (eds) Proceedings of International Conference on Big Data, Machine Learning and their Applications. Springer Singapore, Singapore, 2021; pp. 39\u201350, https:\/\/doi.org\/10.1007\/978-981-15-8377-3_4.","DOI":"10.1007\/978-981-15-8377-3_4"},{"key":"1849_CR36","volume-title":"Data structures and algorithm analysis in C++","author":"CA Shaffer","year":"2011","unstructured":"Shaffer CA. Data structures and algorithm analysis in C++. 3rd ed. Mineola: Dover Publications; 2011.","edition":"3"},{"key":"1849_CR37","doi-asserted-by":"publisher","unstructured":"Sharafaldin I, Lashkari AH, Ghorbani AA. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP), vol\u00a01. SciTePress, 2018; pp 108\u2013116, https:\/\/doi.org\/10.5220\/0006639801080116.","DOI":"10.5220\/0006639801080116"},{"key":"1849_CR38","doi-asserted-by":"publisher","unstructured":"Sharafaldin I, Lashkari AH, Hakak S, et\u00a0al. Developing realistic distributed denial of service (ddos) attack dataset and taxonomy. In: International Carnahan Conference on Security Technology (ICCST), 2019; pp 1\u20138, https:\/\/doi.org\/10.1109\/CCST.2019.8888419.","DOI":"10.1109\/CCST.2019.8888419"},{"issue":"3","key":"1849_CR39","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1016\/j.cose.2011.12.012","volume":"31","author":"A Shiravi","year":"2012","unstructured":"Shiravi A, Shiravi H, Tavallaee M, et al. Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur. 2012;31(3):357\u201374. https:\/\/doi.org\/10.1016\/j.cose.2011.12.012.","journal-title":"Comput Secur"},{"key":"1849_CR40","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1007\/978-1-4842-5881-1_13","volume-title":"Neon coprocessor","author":"S Smith","year":"2020","unstructured":"Smith S. Neon coprocessor. Berkeley: Apress; 2020. p. 291\u2013306. https:\/\/doi.org\/10.1007\/978-1-4842-5881-1_13."},{"key":"1849_CR41","doi-asserted-by":"publisher","first-page":"458","DOI":"10.1007\/978-3-030-15032-7_39","volume-title":"Advanced information networking and applications","author":"YN Soe","year":"2020","unstructured":"Soe YN, Feng Y, Santosa PI, et al. Implementing lightweight iot-ids on raspberry pi using correlation-based feature selection and its performance evaluation. In: Barolli L, Takizawa M, Xhafa F, et al., editors. Advanced information networking and applications. Cham: Springer International Publishing; 2020. p. 458\u201369. https:\/\/doi.org\/10.1007\/978-3-030-15032-7_39."},{"key":"1849_CR42","unstructured":"STMicroelectronics. Data brief\u2014stellar sr6 g7 line. 2022. https:\/\/www.st.com\/resource\/en\/data_brief\/sr6g7c4.pdf."},{"key":"1849_CR43","doi-asserted-by":"publisher","unstructured":"Stolfo S, Fan W, Lee W, et\u00a0al. Cost-based modeling for fraud and intrusion detection: results from the jam project. In: Proceedings DARPA Information Survivability Conference and Exposition. DISCEX\u201900, 2000; pp 130\u2013144 vol. 2, https:\/\/doi.org\/10.1109\/DISCEX.2000.821515","DOI":"10.1109\/DISCEX.2000.821515"},{"key":"1849_CR44","doi-asserted-by":"publisher","DOI":"10.3390\/app9010178","author":"B Sudqi Khater","year":"2019","unstructured":"Sudqi Khater B, Abdul Wahab AWB, Idris MYIB, et al. A lightweight perceptron-based intrusion detection system for fog computing. Appl Sci. 2019. https:\/\/doi.org\/10.3390\/app9010178.","journal-title":"Appl Sci"},{"key":"1849_CR45","doi-asserted-by":"publisher","unstructured":"Taheri L, Kadir AFA, Lashkari AH. Extensible android malware detection and family classification using network-flows and api-calls. In: International Carnahan Conference on Security Technology (ICCST), 2019; pp 1\u20138, https:\/\/doi.org\/10.1109\/CCST.2019.8888430.","DOI":"10.1109\/CCST.2019.8888430"},{"key":"1849_CR46","doi-asserted-by":"publisher","unstructured":"Tavallaee M, Bagheri E, Lu W, et\u00a0al. A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009; pp 1\u20136, https:\/\/doi.org\/10.1109\/CISDA.2009.5356528.","DOI":"10.1109\/CISDA.2009.5356528"},{"key":"1849_CR47","doi-asserted-by":"crossref","unstructured":"Trammell B, Boschi E. Bidirectional flow export using ip flow information export (ipfix). STD 5103, 2008. http:\/\/www.rfc-editor.org\/rfc\/rfc5103.txt.","DOI":"10.17487\/rfc5103"},{"key":"1849_CR48","doi-asserted-by":"publisher","first-page":"508","DOI":"10.1007\/978-3-030-47358-7_52","volume-title":"Advances in artificial intelligence","author":"I Ullah","year":"2020","unstructured":"Ullah I, Mahmoud QH. A scheme for generating a dataset for anomalous activity detection in iot networks. In: Goutte C, Zhu X, editors. Advances in artificial intelligence. Cham: Springer International Publishing; 2020. p. 508\u201320."},{"key":"1849_CR49","doi-asserted-by":"publisher","unstructured":"V\u00f6lske M, Bevendorff J, Kiesel J, et\u00a0al. Web archive analytics. In: Reussner RH, Koziolek A, Heinrich R (eds) INFORMATIK 2020. Gesellschaft f\u00fcr Informatik, Bonn, 2021; pp 61\u201372, https:\/\/doi.org\/10.18420\/inf2020_05.","DOI":"10.18420\/inf2020_05"},{"key":"1849_CR50","unstructured":"Wikipedia .internet mix\u2014wikipedia. 2017. https:\/\/en.wikipedia.org\/wiki\/Internet_Mix."}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-023-01849-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-023-01849-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-023-01849-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,17]],"date-time":"2023-06-17T15:23:44Z","timestamp":1687015424000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-023-01849-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,19]]},"references-count":50,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,7]]}},"alternative-id":["1849"],"URL":"https:\/\/doi.org\/10.1007\/s42979-023-01849-3","relation":{},"ISSN":["2661-8907"],"issn-type":[{"type":"electronic","value":"2661-8907"}],"subject":[],"published":{"date-parts":[[2023,5,19]]},"assertion":[{"value":"17 October 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 April 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 May 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical Approval"}}],"article-number":"407"}}