[unisog] Another suggestion

mmunaret at studenti.math.unipd.it mmunaret at studenti.math.unipd.it
Fri Nov 19 15:37:29 GMT 2004


Thanks again for your contribution. I made a program that runs through the 
data and now I have all the data I need except the last one..
for instance in that line of data:

0,icmp,ecr_i,SF,1032,0,0,0,0,511,511,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,255
,1.00,0.00,1.00,0.00,0.00,0.00,0.00,0.00,smurf.
--------------------
duration: 0 sec
protocol: icmp
service: echo reply
src bytes: 1032
dest bytes:0
...
--------------------

in the KDD CUP they wrote all the data from the sniffing and then put a class 
of attack at the end of each one, like shown above! Why they wrote a "smurf" 
attack here?
How can I get these information for the other classes.
best regards - Matt




Reply to: mmunaret at studenti.math.unipd.it:

> 
> 
> Hi y'all, I am doing a research for a thesis in intrusion detector learning
> but
> I have some problems sniffing a proper net.
> I am using a tcpdump log file to extrapolate some features that I need, like
> the
> lenght of the connection, the protocol type, the service and so on but I need
> to
> have other information like:
> "wrong fragment", urgent, connections that have SYN/REJ errors and so on.
> 
> Just for an example, features written here:
> www.kdd.ics.uci.edu/databases/kddcup99/task.html
> are ones that I use.
> Thank you so much for your contribution even if it is not a fully security
> issue.
> 
> -----------------------------
> Matteo Munaretto
> University of Padova - Italy
> Computer Science Dept.
> 
> -------------------------------------------------
> Mail inviata da: http://www.studenti.math.unipd.it
> 
> Dipartimento di Matematica Pura ed Applicata
> Universita' degli Studi di Padova
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
> 




-------------------------------------------------
Mail inviata da: http://www.studenti.math.unipd.it

Dipartimento di Matematica Pura ed Applicata
Universita' degli Studi di Padova




More information about the unisog mailing list