{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T02:52:06Z","timestamp":1751597526058,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,12,29]],"date-time":"2018-12-29T00:00:00Z","timestamp":1546041600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100008675","name":"Zayed University","doi-asserted-by":"publisher","award":["Research Cluster Award #17079"],"award-info":[{"award-number":["Research Cluster Award #17079"]}],"id":[{"id":"10.13039\/501100008675","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004035","name":"Jordan University of Science and Technology","doi-asserted-by":"publisher","award":["Sabbatical Leave Grant Number 2016\/280"],"award-info":[{"award-number":["Sabbatical Leave Grant Number 2016\/280"]}],"id":[{"id":"10.13039\/501100004035","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,12,29]]},"DOI":"10.1145\/3301551.3301591","type":"proceedings-article","created":{"date-parts":[[2019,3,11]],"date-time":"2019-03-11T12:33:01Z","timestamp":1552307581000},"page":"97-103","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Characterizing Realistic Signature-based Intrusion Detection Benchmarks"],"prefix":"10.1145","author":[{"given":"Monther","family":"Aldwairi","sequence":"first","affiliation":[{"name":"Jordan University of Science and Technology, Irbid, Jordan, College of Technological Innovation, Zayed University, Abu Dhabi, UAE"}]},{"given":"Mohammad A.","family":"Alshboul","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, North Carolina State University, Raleigh, NC USA"}]},{"given":"Asmaa","family":"Seyam","sequence":"additional","affiliation":[{"name":"College of Technological Innovation, Zayed University, Abu Dhabi, UAE"}]}],"member":"320","published-online":{"date-parts":[[2018,12,29]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.588"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-017-0062-7"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5296\/npa.v4i3.2069"},{"key":"e_1_3_2_1_4_1","first-page":"4","article-title":"Bloom filters optimized Wu-Manber for intrusion detection","volume":"11","author":"Aldwairi M.","year":"2016","unstructured":"M. Aldwairi , K. Al-Khamaiseh , F. Alharbi and B. Shah . \" Bloom filters optimized Wu-Manber for intrusion detection \", Journal of Digital Forensics, Security and Law : Vol. 11 : No. 4 , Article 5, Dec 2016 . http:\/\/commons.erau.edu\/jdfsl\/vol11\/iss4\/5\/. M. Aldwairi, K. Al-Khamaiseh, F. Alharbi and B. Shah. \"Bloom filters optimized Wu-Manber for intrusion detection\", Journal of Digital Forensics, Security and Law: Vol. 11: No. 4, Article 5, Dec 2016. http:\/\/commons.erau.edu\/jdfsl\/vol11\/iss4\/5\/.","journal-title":"Journal of Digital Forensics, Security and Law"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-017-0062-7"},{"key":"e_1_3_2_1_6_1","volume-title":"International Journal on Communications Antenna and Propagation (IRECAP)","author":"Aldwairi M.","year":"2018","unstructured":"M. Aldwairi , W. Mardini and A. Alhowaide , \" Anomaly payload signature generation system based on efficient tokenization methodology \", International Journal on Communications Antenna and Propagation (IRECAP) , In Press 2018 . M. Aldwairi, W. Mardini and A. Alhowaide, \"Anomaly payload signature generation system based on efficient tokenization methodology\", International Journal on Communications Antenna and Propagation (IRECAP), In Press 2018."},{"key":"e_1_3_2_1_7_1","volume-title":"Advanced intrusion detection environment (AIDE)","author":"Lehti R.","year":"1999","unstructured":"R. Lehti , P. Virolainen , R. VD. Berg and H. V. Haugwitz , Advanced intrusion detection environment (AIDE) , 1999 . {Online}. Available: http:\/\/aide.sourceforge.net\/. Accessed on: Sept 13, 2018. R. Lehti, P. Virolainen, R. VD. Berg and H. V. Haugwitz, Advanced intrusion detection environment (AIDE), 1999. {Online}. Available: http:\/\/aide.sourceforge.net\/. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1628829"},{"volume-title":"Inc.","year":"2010","key":"e_1_3_2_1_9_1","unstructured":"Open source host-based intrusion detection system (OSSEC). OSSEC project, Trend Micro , Inc. , 2010 {Online}. Available : https:\/\/www.ossec.net\/. Accessed on: Sept 13, 2018. Open source host-based intrusion detection system (OSSEC). OSSEC project, Trend Micro, Inc., 2010 {Online}. Available: https:\/\/www.ossec.net\/. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_10_1","volume-title":"Available: https:\/\/la-samhna.de\/samhain\/. Accessed on","author":"Wichmann R.","year":"2018","unstructured":"R. Wichmann , \"The SAM HAIN file integrity \/ host-based intrusion detection system\", 2006. {Online}. Available: https:\/\/la-samhna.de\/samhain\/. Accessed on : Sept 13, 2018 . R. Wichmann, \"The SAMHAIN file integrity \/ host-based intrusion detection system\", 2006. {Online}. Available: https:\/\/la-samhna.de\/samhain\/. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_11_1","volume-title":"Prelude SIEM project","author":"Vandoorselaere Y.","year":"1998","unstructured":"Y. Vandoorselaere , \"Prelude universal open-source SIEM\" , Prelude SIEM project , 1998 . {Online}. Available: http:\/\/www.prelude-siem.org. Accessed on: Sept 13, 2018. Y. Vandoorselaere, \"Prelude universal open-source SIEM\", Prelude SIEM project, 1998. {Online}. Available: http:\/\/www.prelude-siem.org. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_12_1","volume-title":"SANS Institute InfoSec Reading Room","author":"Yasm C.","year":"2009","unstructured":"C. Yasm , \"Prelude as a hybrid IDS framework \", SANS Institute InfoSec Reading Room , 2009 . C. Yasm, \"Prelude as a hybrid IDS framework\", SANS Institute InfoSec Reading Room, 2009."},{"key":"e_1_3_2_1_13_1","volume-title":"Bro intrusion detection system\". No. Bro","author":"Paxson V.","year":"1905","unstructured":"V. Paxson , S. Campbell , and J. Lee , \" Bro intrusion detection system\". No. Bro ; 00 1905 IBMPC00. Lawrence Berkeley National Laboratory , 2006. V. Paxson, S. Campbell, and J. Lee, \"Bro intrusion detection system\". No. Bro; 001905IBMPC00. Lawrence Berkeley National Laboratory, 2006."},{"volume-title":"Available: https:\/\/www.bro.org. Accessed on","year":"2018","key":"e_1_3_2_1_14_1","unstructured":"The Bro Network Security Monitor, 2006. {Online}. Available: https:\/\/www.bro.org. Accessed on : Sept 13, 2018 . The Bro Network Security Monitor, 2006. {Online}. Available: https:\/\/www.bro.org. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_15_1","volume-title":"OPEN information security foundation (OISF). 2010 {Online}. Available: https:\/\/suricata-ids.org. Accessed on","author":"IDS","year":"2018","unstructured":"\"Suricata Open Source IDS \/ IPS \/ NSM engine\" , OPEN information security foundation (OISF). 2010 {Online}. Available: https:\/\/suricata-ids.org. Accessed on : Sept 13, 2018 . \"Suricata Open Source IDS \/ IPS \/ NSM engine\", OPEN information security foundation (OISF). 2010 {Online}. Available: https:\/\/suricata-ids.org. Accessed on: Sept 13, 2018."},{"volume-title":"Security Onion Solutions, {Online}. Available: https:\/\/securityonion.net\/. Accessed on","year":"2018","key":"e_1_3_2_1_16_1","unstructured":"Security Onion , Security Onion Solutions, {Online}. Available: https:\/\/securityonion.net\/. Accessed on : Sept 13, 2018 . Security Onion, Security Onion Solutions, {Online}. Available: https:\/\/securityonion.net\/. Accessed on: Sept 13, 2018."},{"volume-title":"Lightweight intrusion detection for networks.\" Lisa","author":"Roesch M.","key":"e_1_3_2_1_17_1","unstructured":"M. Roesch , \"Snort : Lightweight intrusion detection for networks.\" Lisa . Vol. 99 . No. 1. 1999. M. Roesch, \"Snort: Lightweight intrusion detection for networks.\" Lisa. Vol. 99. No. 1. 1999."},{"key":"e_1_3_2_1_18_1","volume-title":"Apache, MySQL, PHP, and ACID\"","author":"Ur Rehman R.","year":"2003","unstructured":"R. Ur Rehman , \"Intrusion detection with SNORT : Advanced IDS techniques using SNORT , Apache, MySQL, PHP, and ACID\" . 1 st Edition, Prentice Hall , 2003 . R. Ur Rehman, \"Intrusion detection with SNORT: Advanced IDS techniques using SNORT, Apache, MySQL, PHP, and ACID\". 1st Edition, Prentice Hall, 2003.","edition":"1"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICEBE.2013.26"},{"issue":"6","key":"e_1_3_2_1_20_1","first-page":"512","article-title":"Hybrid pattern matching algorithm for intrusion detection systems","volume":"6","author":"Aldwairi M.","year":"2011","unstructured":"M. Aldwairi , N. Yaser , \" Hybrid pattern matching algorithm for intrusion detection systems \", Journal of Information Assurance and Security , Vol. 6 , No. 6 , pp. 512 -- 521 , 2011 . M. Aldwairi, N. Yaser, \"Hybrid pattern matching algorithm for intrusion detection systems\", Journal of Information Assurance and Security, Vol. 6, No. 6, pp.512--521, 2011.","journal-title":"Journal of Information Assurance and Security"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/360825.360855"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2006.320212"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1137\/0206024"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/359842.359859"},{"key":"e_1_3_2_1_26_1","volume-title":"DARPA intrusion detection evaluation","author":"Lincoln Laboratory MIT","year":"1999","unstructured":"MIT Lincoln Laboratory : DARPA intrusion detection evaluation . 1999 , {Online}. Available: ftp:\/\/ftp.ll.mit.edu\/outgoing\/darpa\/docs\/attackDB.html. Accessed on: May 13, 2017. MIT Lincoln Laboratory: DARPA intrusion detection evaluation. 1999, {Online}. Available: ftp:\/\/ftp.ll.mit.edu\/outgoing\/darpa\/docs\/attackDB.html. Accessed on: May 13, 2017."},{"key":"e_1_3_2_1_27_1","volume-title":"University of California","author":"Cup KDD","year":"1999","unstructured":"KDD Cup 1999 Data , University of California , 1999, {Online}. Available : http:\/\/kdd.ics.uci.edu\/databases\/kddcup99\/kddcup99.html. Accessed on: Sept 13, 2018. KDD Cup 1999 Data, University of California, 1999, {Online}. Available: http:\/\/kdd.ics.uci.edu\/databases\/kddcup99\/kddcup99.html. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_28_1","first-page":"1","volume-title":"A detailed analysis of the KDD CUP 99 data set,\" 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications","author":"Tavallaee M.","year":"2009","unstructured":"M. Tavallaee , E. Bagheri , W. Lu and A. A. Ghorbani , \" A detailed analysis of the KDD CUP 99 data set,\" 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications , Ottawa, ON , 2009 , pp. 1 -- 6 . M. Tavallaee, E. Bagheri, W. Lu and A. A. Ghorbani, \"A detailed analysis of the KDD CUP 99 data set,\" 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, 2009, pp. 1--6."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978672.1978676"},{"key":"e_1_3_2_1_30_1","volume-title":"Available: http:\/\/www.takakura.com\/Kyoto_data\/BenchmarkData-Description-v5.pdf. Accessed on","author":"Song J.","year":"2018","unstructured":"J. Song , H. Takakura , Y. Okabe , \"Description of Kyoto University benchmark data\". 2006. {Online}. Available: http:\/\/www.takakura.com\/Kyoto_data\/BenchmarkData-Description-v5.pdf. Accessed on : Sept 13, 2018 . J. Song, H. Takakura, Y. Okabe, \"Description of Kyoto University benchmark data\". 2006. {Online}. Available: http:\/\/www.takakura.com\/Kyoto_data\/BenchmarkData-Description-v5.pdf. Accessed on: Sept 13, 2018."},{"volume-title":"Center for Applied Internet Data Analysis (CAIDA)","author":"Dataset AIDA","key":"e_1_3_2_1_31_1","unstructured":"C AIDA Dataset , Center for Applied Internet Data Analysis (CAIDA) , University of California's San Diego Supercomputer Center , {Online}. Available: https:\/\/www.caida.org\/data\/. Accessed on: Sept 13, 2018. CAIDA Dataset, Center for Applied Internet Data Analysis (CAIDA), University of California's San Diego Supercomputer Center, {Online}. Available: https:\/\/www.caida.org\/data\/. Accessed on: Sept 13, 2018."},{"key":"e_1_3_2_1_32_1","first-page":"92","volume-title":"London","author":"Nehinbe J. O.","year":"2011","unstructured":"J. O. Nehinbe , \"A critical evaluation of datasets for investigating IDSs and IPSs researches,\" 2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS) , London , 2011 , pp. 92 -- 97 . J. O. Nehinbe, \"A critical evaluation of datasets for investigating IDSs and IPSs researches,\" 2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS), London, 2011, pp. 92--97."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/974044.974078"},{"key":"e_1_3_2_1_34_1","first-page":"24","volume-title":"2011 7th International Conference on","author":"Aldwairi M.","year":"2011","unstructured":"M. Aldwairi and D. Alansari , \" Exscind: Fast pattern matching for intrusion detection using exclusion and inclusion filters,\" Next Generation Web Services Practices (NWeSP) , 2011 7th International Conference on , Salamanca , 2011 , pp. 24 -- 30 . M. Aldwairi and D. Alansari, \"Exscind: Fast pattern matching for intrusion detection using exclusion and inclusion filters,\" Next Generation Web Services Practices (NWeSP), 2011 7th International Conference on, Salamanca, 2011, pp. 24--30."},{"volume-title":"Available: https:\/\/www.defcon.org\/. Accessed on","year":"2017","key":"e_1_3_2_1_35_1","unstructured":"DEFCON, 1992-2018, {Online}. Available: https:\/\/www.defcon.org\/. Accessed on : May 13, 2017 . DEFCON, 1992-2018, {Online}. Available: https:\/\/www.defcon.org\/. Accessed on: May 13, 2017."},{"key":"e_1_3_2_1_36_1","volume-title":"A survey and taxonomy on data and pre-processing techniques of intrusion detection systems.\" Computer and Network Security Essentials","author":"Ernst J.B.","year":"2018","unstructured":"H., Tarfa, J.B. Ernst , and S. C. Kremer . \" A survey and taxonomy on data and pre-processing techniques of intrusion detection systems.\" Computer and Network Security Essentials . Springer , Cham , 2018 . 113--134. H., Tarfa, J.B. Ernst, and S. C. Kremer. \"A survey and taxonomy on data and pre-processing techniques of intrusion detection systems.\" Computer and Network Security Essentials. Springer, Cham, 2018. 113--134."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.12.012"},{"key":"e_1_3_2_1_38_1","volume-title":"Available: https:\/\/github.com\/munzer2000\/IDSEngine. Accessed on","author":"Aldwairi M.","year":"2017","unstructured":"M. Aldwairi , M.A. Alshboul , IDSEngine. {Online}. Available: https:\/\/github.com\/munzer2000\/IDSEngine. Accessed on : May 13, 2017 . M. Aldwairi, M.A. Alshboul, IDSEngine. {Online}. Available: https:\/\/github.com\/munzer2000\/IDSEngine. Accessed on: May 13, 2017."}],"event":{"name":"ICIT 2018: IoT and Smart City","sponsor":["The Hong Kong Polytechnic The Hong Kong Polytechnic University","TU Tianjin University"],"location":"Hong Kong Hong Kong","acronym":"ICIT 2018"},"container-title":["Proceedings of the 6th International Conference on Information Technology: IoT and Smart City"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3301551.3301591","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3301551.3301591","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:57:35Z","timestamp":1750208255000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3301551.3301591"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,29]]},"references-count":37,"alternative-id":["10.1145\/3301551.3301591","10.1145\/3301551"],"URL":"https:\/\/doi.org\/10.1145\/3301551.3301591","relation":{},"subject":[],"published":{"date-parts":[[2018,12,29]]},"assertion":[{"value":"2018-12-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}