Raw Live Packets的NSL KDD功能? [英] NSL KDD Features from Raw Live Packets?
问题描述
我想使用pcap和wincap提取原始数据。由于我将对使用NSLKDD数据集训练的神经网络进行测试,我想知道如何从原始数据中获取这41个属性?或者即使不可能,也可以获得src_bytes,dst host_same_srv_rate等功能, diff_srv_rate,count,dst_host_serror_rate,来自pcap的原始实时捕获数据包的wrong_fragment?
I want to extract raw data using pcap and wincap. Since i will be testing it against a neural network trained with NSLKDD dataset, i want to know how to get those 41 attributes from raw data?.. or even if that is not possible is it possible to obtain features like src_bytes, dst host_same_srv_rate, diff_srv_rate, count, dst_host_serror_rate, wrong_fragment from raw live captured packets from pcap?
推荐答案
我似乎迟到了回复。但是,正如其他人已经回答的那样,KDD99数据集已经过时了。
It seems that I am late to reply. But, as other people already answered, the KDD99 data-set is outdated.
我不知道NSL-KDD数据集的用处。但是,有几件事情:
I don't know about the usefulness of the NSL-KDD dataset. However, there is a couple of things:
- 从网络流量中获取信息时,您可以做的最好的事情是获取统计信息(内容)基于信息的加密信息。您可以做的是创建自己的数据集来描述您想要视为正常的行为。然后,训练神经网络以检测与正常行为的偏差。
- 请注意,即使正常行为的定义也会随着网络和网络的变化而变化。
你可以看看这项工作,我参与其中,除了采用原始KDD的统计特征外,从真实的网络环境中获取其他功能。
You can have a look to this work, I was involved in it, in which besides taking the statistical features of the original KDD, takes additional features from a real network environment.
该软件正在申请中,可免费用于学术目的!这里有两个出版物链接:
The software is under request and it is free for academic purposes! Here two links to publications:
- http://link.springer.com/chapter/10.1007/978-94-007-6818-5_30
- http://www.iaeng.org/publication/WCECS2012/WCECS2012_pp30-35。 pdf
- http://link.springer.com/chapter/10.1007/978-94-007-6818-5_30
- http://www.iaeng.org/publication/WCECS2012/WCECS2012_pp30-35.pdf
谢谢!
这篇关于Raw Live Packets的NSL KDD功能?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!