1

谁能指导我将KDD 99包含ip以下格式的数据包的数据集转换为TCP转储格式?

0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
4

1 回答 1

1

来自KDD99 主页

1998 年 DARPA 入侵检测评估计划由麻省理工学院林肯实验室制定和管理。... 1999 年的 KDD 入侵检测竞赛使用了这个数据集的一个版本。

对原始 DARPA 数据集和PCAP网络捕获文件中包含的信息有些熟悉,我可以告诉您,KDD99 数据文件包含的信息远不足以重建适当的网络捕获文件。

KDD99 似乎是 DARPA IDEVAL98 数据集的简化版本,其中只保留高级操作,例如连接,而不是单个数据包。如果您需要实际的网络捕获文件,您可能应该获得原始DARPA IDEVAL 数据集

于 2011-04-19T16:22:58.133 回答