Q

如何將KDD 99數據集轉換爲tcpdump格式？

2011-04-19 108 views 1 likes

1

任何人都可以指導我在轉換KDD 99數據集，包括ip數據包在以下格式到TCP轉儲格式？如何將KDD 99數據集轉換爲tcpdump格式？

0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal. 
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal. 
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.

2011-04-19 soma sekhar

A

回答

1

從KDD99 homepage：

1998年DARPA入侵檢測評估計劃準備和由麻省理工學院林肯實驗室管理。 ... 1999 KDD入侵檢測競賽使用此數據集的一個版本。

來有些熟悉與原來的DARPA數據集，並與包含在PCAP網絡捕獲文件中的信息，我可以告訴你的是，KDD99數據文件包含遠不足夠的信息來重建一個合適的網絡捕獲文件。

似乎KDD99是DARPA IDEVAL98數據集的簡化版本，其中只保留了高級操作（如連接），而不是單個數據包。如果您需要實際的網絡捕獲文件，您應該可以獲得原始的DARPA IDEVAL data sets。

2011-04-19 16:22:58 thkala

+0

是否可以將DARPA 1998 tcpdump與KDD 99特徵值進行映射？此外，99 KDD是否將1998 tcpdump文件中的所有數據包表示爲連接或僅僅是一個子集？謝謝 – Goaler444 2012-12-15 17:55:01

相關問題