[unisog] An help for a thesis

Michael Anderson mca at arlut.utexas.edu
Wed Nov 17 21:45:59 GMT 2004


Have you taken a look at argus. It might do some of what you want.
http://www.qosient.com/argus

mmunaret at studenti.math.unipd.it wrote:

>Hi y'all, I am doing a research for a thesis in intrusion detector learning but
>I have some problems sniffing a proper net.
>I am using a tcpdump log file to extrapolate some features that I need, like the
>lenght of the connection, the protocol type, the service and so on but I need to
>have other information like:
>"wrong fragment", urgent, connections that have SYN/REJ errors and so on.
>
>Just for an example, features written here:
>www.kdd.ics.uci.edu/databases/kddcup99/task.html
>are ones that I use.
>Thank you so much for your contribution even if it is not a fully security issue.
>
>-----------------------------
>Matteo Munaretto
>University of Padova - Italy
>Computer Science Dept.
>
>-------------------------------------------------
>Mail inviata da: http://www.studenti.math.unipd.it
>
>Dipartimento di Matematica Pura ed Applicata
>Universita' degli Studi di Padova
>
>_______________________________________________
>unisog mailing list
>unisog at lists.sans.org
>http://www.dshield.org/mailman/listinfo/unisog
>  
>




More information about the unisog mailing list