{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T20:10:07Z","timestamp":1755893407066,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,19]],"date-time":"2024-06-19T00:00:00Z","timestamp":1718755200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006374","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2112471 and 2229876"],"award-info":[{"award-number":["2112471 and 2229876"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Cisco Research"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,19]]},"DOI":"10.1145\/3714393.3726004","type":"proceedings-article","created":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T18:38:47Z","timestamp":1749062327000},"page":"413-418","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["IoTDSCreator: A Framework to Create Labeled Datasets for IoT Intrusion Detection Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7490-9936","authenticated-orcid":false,"given":"Hyunwoo","family":"Lee","sequence":"first","affiliation":[{"name":"Department of Engineering, Korea Institute of Energy Technology, Naju, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1876-8478","authenticated-orcid":false,"given":"Charalampos","family":"Katsis","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5694-0278","authenticated-orcid":false,"given":"Alireza","family":"Lotfi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-7685-1731","authenticated-orcid":false,"given":"Taejun","family":"Choi","sequence":"additional","affiliation":[{"name":"Department of Engineering, Korea Institute of Energy Technology, Naju, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-6809-410X","authenticated-orcid":false,"given":"Soeun","family":"Kim","sequence":"additional","affiliation":[{"name":"Department of Engineering, Korea Institute of Energy Technology, Naju, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1499-5558","authenticated-orcid":false,"given":"Ashish","family":"Kundu","sequence":"additional","affiliation":[{"name":"Cisco Research, Cisco, San Jose, CA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4029-7051","authenticated-orcid":false,"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Netlab 360. 2017. IoT_reaper: A Rappid Spreading New IoT Botnet. https:\/\/blog.netlab.360.com\/iot_reaper-a-rappid-spreading-new-iot-botnet-en\/."},{"volume-title":"26th USENIX Security Symposium.","author":"Manos","key":"e_1_3_2_1_2_1","unstructured":"Manos Antonakakis et al. 2017. Understanding the mirai botnet. In 26th USENIX Security Symposium."},{"volume-title":"Proceeding of the USENIX Security Symposium.","author":"Daniel","key":"e_1_3_2_1_3_1","unstructured":"Daniel Arp et al. 2022. Dos and don'ts of machine learning in computer security. In Proceeding of the USENIX Security Symposium."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the 19th International Conference on Extending Database Technology, EDBT 2016. 1--3.","author":"Bertino Elisa","year":"2016","unstructured":"Elisa Bertino. 2016. Data Security and Privacy in the IoT.. In Proceedings of the 19th International Conference on Extending Database Technology, EDBT 2016. 1--3."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.62"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3085194"},{"key":"e_1_3_2_1_7_1","volume-title":"CA, USA","author":"Cisco U","year":"2020","unstructured":"U Cisco. 2020. Cisco Annual Internet Report (2018--2023) White Paper. Cisco: San Jose, CA, USA (2020)."},{"key":"e_1_3_2_1_8_1","unstructured":"Don Dingee. 2019. IoT Not People Now the Weakest Link in Security. https:\/\/devops.com\/iot-not-people-now-the-weakest-link-in-security\/. (Accessed on 05\/13\/2021)."},{"key":"e_1_3_2_1_9_1","unstructured":"Clark Evans et al. 2017. YAML Ain't Markup Language (YAML\u2122) Version 1.2."},{"key":"e_1_3_2_1_10_1","unstructured":"Canadian Institute for Cybersecurity. 2009. NSL-KDD dataset. https:\/\/www.unb.ca\/cic\/datasets\/nsl.html. (Accessed on 01\/08\/2024)."},{"key":"e_1_3_2_1_11_1","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins Eric M","year":"2011","unstructured":"Eric M Hutchins et al. 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research, Vol. 1, 1 (2011), 80.","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"e_1_3_2_1_12_1","unstructured":"Hyunjae Kang et al. 2019. IoT Network Intrusion Dataset. https:\/\/ieee-dataport.org\/open-access\/iot-network-intrusion-dataset. (Accessed on 06\/03\/2021)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"crossref","unstructured":"Nickolaos Koroniotis et al. 2019. Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Vol. 100 (2019) 779--796.","DOI":"10.1016\/j.future.2019.05.041"},{"key":"e_1_3_2_1_14_1","unstructured":"MIT Lincoln Laboratory. 2000. 2000 Darpa Intrusion Detection Scenario Specific Dataset. https:\/\/www.ll.mit.edu\/r-d\/datasets\/2000-darpa-intrusion-detection-scenario-specific-datasets. (Accessed on 01\/28\/2024)."},{"volume-title":"Proceeding of Network and Distributed System Security Symposium (NDSS).","author":"Junjie","key":"e_1_3_2_1_15_1","unstructured":"Junjie Liang et al. 2021. FARE: Enabling Fine-grained Attack Categorization under Low-quality Labeled Data. In Proceeding of Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings DARPA Information Survivability Conference and Exposition","volume":"2","author":"Richard","unstructured":"Richard P Lippmann et al. 2000. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In Proceedings DARPA Information Survivability Conference and Exposition, Vol. 2. IEEE, 12--26."},{"key":"e_1_3_2_1_17_1","unstructured":"Dave McMillen. 2021. Internet of threats: IoT botnets drive surge in network attacks. https:\/\/securityintelligence.com\/posts\/internet-of-threats-iot-botnets-network-attacks\/. (Accessed on 05\/23\/2024)."},{"volume-title":"Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Network and Distributed Systems Security (NDSS) Symposium.","author":"Yisroel","key":"e_1_3_2_1_18_1","unstructured":"Yisroel Mirsky et al. 2018. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Network and Distributed Systems Security (NDSS) Symposium."},{"volume-title":"UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 military communications and information systems conference (MilCIS)","author":"Moustafa Nour","key":"e_1_3_2_1_19_1","unstructured":"Nour Moustafa and Jill Slay. 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 military communications and information systems conference (MilCIS). IEEE, 1--6."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329857"},{"volume-title":"2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). IEEE, 756--767","author":"Duc Thien","key":"e_1_3_2_1_21_1","unstructured":"Thien Duc Nguyen et al. 2019. D\u00cfoT: A federated self-learning anomaly detection system for IoT. In 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). IEEE, 756--767."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SOSE52839.2021.00007"},{"key":"e_1_3_2_1_23_1","unstructured":"LLC QoSient. 1980. argus. https:\/\/openargus.org\/. (Accessed on 05\/27\/2022)."},{"key":"e_1_3_2_1_24_1","unstructured":"Check Point Research. 2017. IoTroop Botnet: The Full Investigation. https:\/\/research.checkpoint.com\/2017\/iotroop-botnet-full-investigation\/. (Accessed on 05\/07\/2021)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","unstructured":"Maria Jose Erquiaga Sebastian Garcia Agustin Parmisano. 2020. IoT-23: A labeled dataset with malicious and benign IoT network traffic (Version 1.0.0) [Data set]. http:\/\/doi.org\/10.5281\/zenodo.4743746. (Accessed on 05\/13\/2022).","DOI":"10.5281\/zenodo.4743746"},{"key":"e_1_3_2_1_26_1","volume-title":"Sqrrl Data","author":"Inc.","year":"2018","unstructured":"Inc. Sqrrl Data. 2018. A Framework for Cyber Threat Hunting. https:\/\/www.threathunting.net\/files\/framework-for-threat-hunting-whitepaper.pdf. (Accessed on 1\/31\/2022)."},{"key":"e_1_3_2_1_27_1","volume-title":"Storm et al","author":"Blake","year":"2018","unstructured":"Blake E. Storm et al. 2018. MITRE ATT&CK: Design and Philosophy. https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf. (Accessed on 06\/03\/2021)."},{"volume-title":"2009 IEEE symposium on computational intelligence for security and defense applications. Ieee, 1--6.","author":"Mahbod","key":"e_1_3_2_1_28_1","unstructured":"Mahbod Tavallaee et al. 2009. A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications. Ieee, 1--6."},{"key":"e_1_3_2_1_29_1","volume-title":"SUNSPOT: An Implant in the Build Process. https:\/\/www.crowdstrike.com\/blog\/sunspot-malware-technical-analysis\/. (Accessed on 05\/05\/2022).","author":"Intelligence Team CrowdStrike","year":"2021","unstructured":"CrowdStrike Intelligence Team. 2021. SUNSPOT: An Implant in the Build Process. https:\/\/www.crowdstrike.com\/blog\/sunspot-malware-technical-analysis\/. (Accessed on 05\/05\/2022)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-47358-7_52"},{"volume-title":"Botnet and IoT Security Trends","year":"2024","key":"e_1_3_2_1_31_1","unstructured":"USTelecom. 2024. Botnet and IoT Security Trends 2024. https:\/\/www.ustelecom.org\/wp-content\/uploads\/2024\/03\/USTelecom-Botnet-and-Security-Trends-2024.pdf. (Accessed on 05\/23\/2024)."}],"event":{"name":"CODASPY '25: Fifteenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Pittsburgh PA USA","acronym":"CODASPY '25"},"container-title":["Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3714393.3726004","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3714393.3726004","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:55:05Z","timestamp":1755892505000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3714393.3726004"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,19]]},"references-count":31,"alternative-id":["10.1145\/3714393.3726004","10.1145\/3714393"],"URL":"https:\/\/doi.org\/10.1145\/3714393.3726004","relation":{},"subject":[],"published":{"date-parts":[[2024,6,19]]},"assertion":[{"value":"2025-06-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}