{"id":"https://openalex.org/W4406461513","doi":"https://doi.org/10.1109/bigdata62323.2024.10825710","title":"Hex2Sign: Automatic IDS Signature Generation from Hexadecimal Data using LLMs","display_name":"Hex2Sign: Automatic IDS Signature Generation from Hexadecimal Data using LLMs","publication_year":2024,"publication_date":"2024-12-15","ids":{"openalex":"https://openalex.org/W4406461513","doi":"https://doi.org/10.1109/bigdata62323.2024.10825710"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata62323.2024.10825710","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825710","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109741387","display_name":"Prasasthy Balasubramanian","orcid":"https://orcid.org/0009-0002-4098-0333"},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Prasasthy Balasubramanian","raw_affiliation_strings":["University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103067352","display_name":"Tarek Ali","orcid":"https://orcid.org/0000-0002-8380-1625"},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Tarek Ali","raw_affiliation_strings":["University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112055173","display_name":"Mohammad Salmani","orcid":null},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Mohammad Salmani","raw_affiliation_strings":["University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5115940191","display_name":"Danial KhoshKholgh","orcid":null},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Danial KhoshKholgh","raw_affiliation_strings":["University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5051336752","display_name":"Panos Kostakos","orcid":"https://orcid.org/0000-0002-8545-599X"},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Panos Kostakos","raw_affiliation_strings":["University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Faculty of Information Technology and Electrical Engineering Center for Ubiquitous Computing,Oulu,Finland","institution_ids":["https://openalex.org/I98381234"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5109741387"],"corresponding_institution_ids":["https://openalex.org/I98381234"],"apc_list":null,"apc_paid":null,"fwci":1.0401,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.82349842,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"4524","last_page":"4532"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10181","display_name":"Natural Language Processing Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10181","display_name":"Natural Language Processing Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10028","display_name":"Topic Modeling","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13523","display_name":"Mathematics, Computing, and Information Processing","score":0.9883000254631042,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7044385671615601},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.5458129644393921},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3450027108192444},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.32342809438705444},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.06789875030517578}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7044385671615601},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.5458129644393921},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3450027108192444},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.32342809438705444},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.06789875030517578},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata62323.2024.10825710","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata62323.2024.10825710","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W2170285839","https://openalex.org/W2810758612","https://openalex.org/W2896457183","https://openalex.org/W2965373594","https://openalex.org/W2981852735","https://openalex.org/W3034999214","https://openalex.org/W3122890974","https://openalex.org/W4206583610","https://openalex.org/W4213074563","https://openalex.org/W4288089799","https://openalex.org/W4292779060","https://openalex.org/W4312890671","https://openalex.org/W4384918448","https://openalex.org/W4386185625","https://openalex.org/W4386978016","https://openalex.org/W4389519352","https://openalex.org/W4391094158","https://openalex.org/W4391901219","https://openalex.org/W4392529044","https://openalex.org/W4393027151","https://openalex.org/W4400233803","https://openalex.org/W6755207826","https://openalex.org/W6766673545","https://openalex.org/W6769311223","https://openalex.org/W6778883912","https://openalex.org/W6779068807","https://openalex.org/W6854866820","https://openalex.org/W6855970221","https://openalex.org/W6856685690","https://openalex.org/W6861778579","https://openalex.org/W6862958856"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Despite":[0],"the":[1,78,100,140,174],"growing":[2],"utilization":[3],"of":[4,118,142],"large":[5],"language":[6],"models":[7,129,145],"(LLMs)":[8],"in":[9,52,93,146,207],"cyber":[10],"defense":[11,193],"operations,":[12],"their":[13],"integration":[14],"within":[15],"intrusion":[16],"detection":[17],"systems":[18],"(IDS)":[19],"remains":[20],"substantially":[21],"underexplored.":[22],"This":[23],"paper":[24,160],"proposes":[25,161],"a":[26,191],"novel":[27],"approach":[28],"to":[29,47,99,198],"generating":[30,55,94],"human-readable":[31,95],"IDS":[32,96,154,164,203],"signatures":[33],"by":[34,61],"fine-tuning":[35],"LLMs":[36,184],"on":[37],"hexadecimal":[38,69,132],"data.":[39],"In":[40],"our":[41,125],"experimental":[42],"framework,":[43],"we":[44],"deploy":[45],"honeypots":[46],"capture":[48,57],"malicious":[49],"network":[50,168],"traffic":[51],"real-world":[53],"conditions,":[54],"packet":[56],"(PCAP)":[58],"files":[59],"accompanied":[60],"text-based":[62],"alerts":[63],"and":[64,84,156,179,205],"Suricata":[65,149],"signatures.":[66],"The":[67],"collected":[68],"data,":[70],"derived":[71],"from":[72],"actual":[73],"attack":[74],"vectors,":[75],"serves":[76],"as":[77],"training":[79],"corpus":[80],"for":[81,90,135,166],"multiple":[82],"generative":[83,102],"classification":[85],"models,":[86],"which":[87],"are":[88],"fine-tuned":[89],"optimal":[91],"performance":[92],"alerts.":[97],"According":[98],"results,":[101],"model":[103],"GPT-3-Davinci-002":[104],"excelled":[105],"across":[106],"metrics":[107],"with":[108,177],"BERTscore":[109],"over":[110],"96%,":[111],"while":[112],"RoBERTa":[113],"base":[114],"achieved":[115],"high":[116],"accuracy":[117,206],"96%":[119],"among":[120],"classifiers.":[121],"These":[122],"findings":[123],"enhance":[124],"understanding":[126],"that":[127,170,195],"foundational":[128],"can":[130,171],"improve":[131],"data":[133,210],"processing":[134],"cybersecurity.":[136],"Our":[137],"conclusions":[138],"emphasize":[139],"potential":[141],"advanced":[143],"generative-AI":[144],"automating":[147],"dynamic":[148],"rule":[150],"generation,":[151],"thus":[152,201],"enhancing":[153,202],"efficiency":[155,204],"accuracy.":[157],"Moreover,":[158],"this":[159,188],"an":[162],"AI-powered":[163],"system":[165,189],"securing":[167],"environments":[169],"significantly":[172],"mitigate":[173],"risks":[175],"associated":[176],"diverse":[178],"widespread":[180],"devices.":[181],"By":[182],"integrating":[183],"into":[185],"security":[186],"frameworks,":[187],"offers":[190],"robust":[192],"mechanism":[194],"dynamically":[196],"adapts":[197],"emerging":[199],"threats,":[200],"handling":[208],"big":[209],"challenges.":[211]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-31T07:56:22.981413","created_date":"2025-10-10T00:00:00"}