How to convert KDD 99 dataset to tcpdump format?

Question

Can anyone guide me in converting the KDD 99 dataset,consisting of ip packets in the following format to TCP dump format?

Answer 1

From the KDD99 homepage:

The 1998 DARPA Intrusion Detection Evaluation Program was prepared and managed by MIT Lincoln Labs. ... The 1999 KDD intrusion detection contest uses a version of this dataset.

Being somewhat familiar with the original DARPA dataset and with the information contained in a PCAP network capture file, I can tell you that the KDD99 data files contain nowhere near enough information to reconstruct a proper network capture file.

It seems that KDD99 is a boiled-down version of the DARPA IDEVAL98 data set, where only high-level operations, such as connections, are retained, instead of individual packets. If you need the actual network capture files, you should probably get the original DARPA IDEVAL data sets.