@semanticyong
2017-03-25T02:05:10.000000Z
字数 1549
阅读 815
IDS AI
随着大数据
The Information System Technology (IST) group of Lincoln laboratories at MIT university under contract of
DARPA and in collaboration with ARFL created a network. In this network, they simulated real traffic with normal and
attack connections and they sniffed them with tcpdump (linux command). The experiment lasted 7 weeks of 5 days. The
generated tcpdump files and ps outputs, log files... are known as darpa98 database. (More information on the following
website http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html).
该链接已失效
After this simulation, they extracted connections from the tcpdump files and they represented them in a tabular
dataset in UCI repository format. This way, instances of the dataset belong to connections. They extracted 41 attributes
for each connection plus the class attribute. These attributes are divided in three main groups: intrinsic features (extracted
from the headers' area of the network packets), content features (extracted from the contents area of the network
packets), traffic features (extracted with information about previous connections). This dataset is known as kddcup99.
http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
UADI 是 Unsupervised Anomaly Detection in Intrusion Detection Systems 的缩写。
这是 EHU 的一个研究团队于 2010 年 1 月 开始的一个研究项目。旨在通过机器学习的方法,构造一个 IDS。这个项目的一项重要产出物是 gureKDDCup。
Iñigo Perona, Olatz Arbelaitz, Javi Muguerza, Ibai Gurrutxaga
Support Vector Machine (SVM), Decision Tree, K nearest neighbor, K-Mean and Fuzzy C-Mean Clustering
https://www.researchgate.net/publication/263929521_A_Detail_Analysis_on_Intrusion_Detection_Datasets