convert http request to kdd cup data format with 41 parameters

荒凉一梦 提交于 2019-12-26 10:00:09

问题


  • machine learning is done using KDD cup dataset and formed a trained dataset..
  • Now I have to check the real time request with the trained dataset..
  • for that I have to convert TCP dump data/or http request to KDD CUP data set format(with 41 parameters)

    MY QUESTION IS "HOW CAN I DO THIS CONVERSION ??"


回答1:


IIRC the process of how the feature of the flawed KDD CUP data set were exactly derived is not well documented.

But it does not reflect real attacks anyway. Running it on recent data does not make any sense. These kind of attacks do no longer exist (if they ever existed beyond script kiddie use in 1997).

Stop using this data set. NOW.

It does not reflect any realistic network attack scenario. If it ever did, that was in 1997 or so; and these attacks can trivially be detected by modern routers. Any machine learning on this data set is solving a problem that does not exist. For details, see this earlier answer:

NSL KDD Features from Raw Live Packets?

How to derive KDD99 Features from DARPA pcap file?

How to convert KDD 99 dataset to tcpdump format?

(You really should use the search function of StackOverflow!)

The real attacks are e.g. SQL injection attacks, and cannot be detected on these trivial TCP features, but will require deep packet inspection, or application level firewalls.



来源:https://stackoverflow.com/questions/22602174/convert-http-request-to-kdd-cup-data-format-with-41-parameters

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!