任何人都可以指导我将KDD 99数据集转换为ip转发格式的TCP数据包吗?
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
答案 0 :(得分:1)
1998年DARPA入侵检测 评估计划已经准备好了 由麻省理工学院林肯实验室管理。 ...... 1999年KDD入侵检测大赛 使用此数据集的一个版本。
熟悉原始DARPA数据集以及PCAP网络捕获文件中包含的信息,我可以告诉您,KDD99数据文件包含的信息不足以重建正确的网络捕获文件。 / p>
似乎KDD99是DARPA IDEVAL98数据集的简化版本,其中仅保留高级操作(如连接),而不是单个数据包。如果您需要实际的网络捕获文件,则应该获得原始DARPA IDEVAL data sets。