{"id":"https://openalex.org/W2896782771","doi":"https://doi.org/10.1109/icci-cc.2018.8482026","title":"Detecting and Resolving Inconsistencies in Snort","display_name":"Detecting and Resolving Inconsistencies in Snort","publication_year":2018,"publication_date":"2018-07-01","ids":{"openalex":"https://openalex.org/W2896782771","doi":"https://doi.org/10.1109/icci-cc.2018.8482026","mag":"2896782771"},"language":"en","primary_location":{"id":"doi:10.1109/icci-cc.2018.8482026","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icci-cc.2018.8482026","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 IEEE 17th International Conference on Cognitive Informatics &amp; Cognitive Computing (ICCI*CC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057361129","display_name":"Xibin Sun","orcid":"https://orcid.org/0000-0002-5308-467X"},"institutions":[{"id":"https://openalex.org/I4210165204","display_name":"Zhuhai Institute of Advanced Technology","ror":"https://ror.org/05r1mzq61","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210145761","https://openalex.org/I4210165204"]},{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xibin Sun","raw_affiliation_strings":["Beijing Institute of Technology, Zhuhai, China"],"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology, Zhuhai, China","institution_ids":["https://openalex.org/I4210165204","https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100677748","display_name":"Du Zhang","orcid":"https://orcid.org/0000-0001-8921-5865"},"institutions":[{"id":"https://openalex.org/I111950717","display_name":"Macau University of Science and Technology","ror":"https://ror.org/03jqs2n27","country_code":"MO","type":"education","lineage":["https://openalex.org/I111950717","https://openalex.org/I4391767947"]}],"countries":["MO"],"is_corresponding":false,"raw_author_name":"Du Zhang","raw_affiliation_strings":["Faculty of Information Technology, Macau University of Science and Technology, Macau, China"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Macau University of Science and Technology, Macau, China","institution_ids":["https://openalex.org/I111950717"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100674094","display_name":"Mingzhe Liu","orcid":"https://orcid.org/0000-0001-7054-997X"},"institutions":[{"id":"https://openalex.org/I111950717","display_name":"Macau University of Science and Technology","ror":"https://ror.org/03jqs2n27","country_code":"MO","type":"education","lineage":["https://openalex.org/I111950717","https://openalex.org/I4391767947"]}],"countries":["MO"],"is_corresponding":false,"raw_author_name":"Mingzhe Liu","raw_affiliation_strings":["Faculty of Information Technology, Macau University of Science and Technology, Macau, China"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Macau University of Science and Technology, Macau, China","institution_ids":["https://openalex.org/I111950717"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059804598","display_name":"Zhuoxin He","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165204","display_name":"Zhuhai Institute of Advanced Technology","ror":"https://ror.org/05r1mzq61","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210145761","https://openalex.org/I4210165204"]},{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhuoxin He","raw_affiliation_strings":["Beijing Institute of Technology, Zhuhai, China"],"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology, Zhuhai, China","institution_ids":["https://openalex.org/I4210165204","https://openalex.org/I125839683"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005801079","display_name":"Haijie Li","orcid":"https://orcid.org/0000-0003-4908-4615"},"institutions":[{"id":"https://openalex.org/I111950717","display_name":"Macau University of Science and Technology","ror":"https://ror.org/03jqs2n27","country_code":"MO","type":"education","lineage":["https://openalex.org/I111950717","https://openalex.org/I4391767947"]}],"countries":["MO"],"is_corresponding":false,"raw_author_name":"Haijie Li","raw_affiliation_strings":["Faculty of Information Technology, Macau University of Science and Technology, Macau, China"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Macau University of Science and Technology, Macau, China","institution_ids":["https://openalex.org/I111950717"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100758099","display_name":"Jiwei Li","orcid":"https://orcid.org/0000-0003-3655-7313"},"institutions":[{"id":"https://openalex.org/I125839683","display_name":"Beijing Institute of Technology","ror":"https://ror.org/01skt4w74","country_code":"CN","type":"education","lineage":["https://openalex.org/I125839683","https://openalex.org/I890469752"]},{"id":"https://openalex.org/I4210165204","display_name":"Zhuhai Institute of Advanced Technology","ror":"https://ror.org/05r1mzq61","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210145761","https://openalex.org/I4210165204"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiwei Li","raw_affiliation_strings":["Beijing Institute of Technology, Zhuhai, China"],"affiliations":[{"raw_affiliation_string":"Beijing Institute of Technology, Zhuhai, China","institution_ids":["https://openalex.org/I4210165204","https://openalex.org/I125839683"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5057361129"],"corresponding_institution_ids":["https://openalex.org/I125839683","https://openalex.org/I4210165204"],"apc_list":null,"apc_paid":null,"fwci":0.1845,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.56089132,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"vi","issue":null,"first_page":"552","last_page":"560"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12391","display_name":"Artificial Immune Systems Applications","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/2204","display_name":"Biomedical Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.850190281867981},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.8050605058670044},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5594021677970886},{"id":"https://openalex.org/keywords/matching","display_name":"Matching (statistics)","score":0.5179735422134399},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.48295897245407104},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.4279819428920746},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.4231227934360504},{"id":"https://openalex.org/keywords/network-monitoring","display_name":"Network monitoring","score":0.4178682565689087},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3994496464729309},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3850882947444916},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.370887815952301},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3261284828186035},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.22521087527275085}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.850190281867981},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.8050605058670044},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5594021677970886},{"id":"https://openalex.org/C165064840","wikidata":"https://www.wikidata.org/wiki/Q1321061","display_name":"Matching (statistics)","level":2,"score":0.5179735422134399},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.48295897245407104},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.4279819428920746},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.4231227934360504},{"id":"https://openalex.org/C81877898","wikidata":"https://www.wikidata.org/wiki/Q1965787","display_name":"Network monitoring","level":2,"score":0.4178682565689087},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3994496464729309},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3850882947444916},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.370887815952301},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3261284828186035},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.22521087527275085},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icci-cc.2018.8482026","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icci-cc.2018.8482026","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 IEEE 17th International Conference on Cognitive Informatics &amp; Cognitive Computing (ICCI*CC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W414544266","https://openalex.org/W610200145","https://openalex.org/W883434633","https://openalex.org/W1572403580","https://openalex.org/W1582022100","https://openalex.org/W1658402581","https://openalex.org/W1980246362","https://openalex.org/W1983362686","https://openalex.org/W1985460844","https://openalex.org/W1995666505","https://openalex.org/W2015658894","https://openalex.org/W2061438946","https://openalex.org/W2093195672","https://openalex.org/W2101223494","https://openalex.org/W2101916532","https://openalex.org/W2107806048","https://openalex.org/W2119802261","https://openalex.org/W2144338762","https://openalex.org/W2147271386","https://openalex.org/W2148408186","https://openalex.org/W2148656332","https://openalex.org/W2151554678","https://openalex.org/W2244602389","https://openalex.org/W2290883490","https://openalex.org/W2348485172","https://openalex.org/W2585392941","https://openalex.org/W2738900493","https://openalex.org/W2790613404","https://openalex.org/W2938463896","https://openalex.org/W6634225530","https://openalex.org/W6634778338","https://openalex.org/W6654702348","https://openalex.org/W6761244502"],"related_works":["https://openalex.org/W2337148208","https://openalex.org/W3004832009","https://openalex.org/W1971929717","https://openalex.org/W3036013726","https://openalex.org/W1724519426","https://openalex.org/W2061466315","https://openalex.org/W2355532322","https://openalex.org/W2368329025","https://openalex.org/W3157271777","https://openalex.org/W1485296229"],"abstract_inverted_index":{"Intrusion":[0],"Detection":[1],"Systems":[2],"(IDSs)":[3],"are":[4],"part":[5],"of":[6,53,76,83,129,163],"the":[7,27,31,54,69,74,78,91,102,153,161],"network":[8,23,45,103,165,185],"security":[9],"systems":[10],"that":[11,61,71,132],"can":[12,41,93,133],"take":[13,48],"active":[14],"measures":[15],"when":[16],"they":[17],"detect":[18,44,143],"suspicious":[19],"intrusions":[20],"through":[21,34],"monitoring":[22],"transmissions.":[24],"By":[25],"matching":[26],"incoming":[28],"packets":[29],"with":[30],"patterns":[32],"established":[33],"access":[35],"control":[36],"rules,":[37],"an":[38,58,137,156,183],"IDS":[39,59],"system":[40],"identify":[42],"and":[43,47,147,180],"attacks,":[46],"proactive":[49],"responses.":[50],"However,":[51],"one":[52],"major":[55],"challenges":[56],"for":[57],"is":[60,64,81,171],"its":[62,164],"effectiveness":[63],"only":[65],"as":[66,68,88,121],"good":[67],"rules":[70,92],"collectively":[72],"define":[73,126],"profiles":[75],"all":[77],"attacks":[79],"it":[80],"capable":[82],"capturing.":[84],"The":[85],"detection":[86],"knowledge":[87,130,145],"embodied":[89],"in":[90,136,155],"be":[94,134],"incomplete,":[95],"inconsistent,":[96],"deficient,":[97],"or":[98,109],"not":[99],"well-defined,":[100],"making":[101],"defense":[104,166,186],"less":[105],"effective,":[106],"still":[107],"vulnerable,":[108],"suffering":[110],"from":[111],"realtime":[112],"performance":[113,187],"degradation.":[114],"In":[115],"this":[116],"paper,":[117],"we":[118],"use":[119],"Snort":[120],"a":[122],"backdrop":[123],"to":[124,141,151,158,172,177],"formally":[125],"eighteen":[127],"types":[128],"deficiencies":[131,154],"found":[135],"IDS,":[138],"describe":[139],"approaches":[140],"automatically":[142],"those":[144],"deficiencies,":[146],"propose":[148],"resolution":[149],"algorithms":[150],"eliminate":[152],"attempt":[157],"incrementally":[159],"improve":[160,182],"quality":[162],"knowledge.":[167],"Our":[168],"ultimate":[169],"goal":[170],"rely":[173],"on":[174],"perpetual":[175],"learning":[176],"automatically,":[178],"consistently,":[179],"continuously":[181],"IDS's":[184],"over":[188],"time.":[189]},"counts_by_year":[{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}