Snort mailing list archives
Re: Is it possible to apply DARPA dataset on snort to classify attack types?
From: Paulo Angelo <pa () pauloangelo com>
Date: Sat, 31 Mar 2018 22:40:17 -0300
Hi Thierry, The DARPA dataset is a bit outdated (98/99). I suggest you to take a look on the ISCX2012, CICIDS2017, or CTU-13 datasets. Some months ago I replayed the CTU-13 and part of the ISCX2012 dataset to Snort and registered its output combined with the extracted flows. The results are available at [1] (below). I submitted the finding as a paper, which is still under review. So, there is no much publicly available information yet about it. But I can send you some details in private upon request. I also recommend [2-3], which are updated papers that discuss about datasets in the realm of intrusion detection systems. I hope this may help you. Best regards, Paulo Angelo [1] http://ids-hogzilla.org/dataset/ [2] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization”, 4th International Conference on Information Systems Security and Privacy (ICISSP), Portugal, January 2018. [3] Iman Sharafaldin, Amirhossein Gharib, Arash Habibi Lashkari, Ali A. Ghorbani, "Towards a Reliable Intrusion Detection Benchmark Dataset", River Journal, Vol 2017, Issue 1, P 177-200, Software Networking Journal, River Publishers, January 2017. On Sat, Mar 31, 2018 at 8:21 PM, 2014/2015 - Nsabimana Thierry < thierry.nsabimana () aims-cameroon org> wrote:
Hello everyone, I hope you are all doing great. I have Implemented IDS Using Genetic Algorithm and Self Organizing Feature Maps algorithm. DARPA dataset from MIT Lincoln Lab was used for training and testing the intrusion detection rules. Varied Crossover probability, mutation probability and weights were used to derive classification rate and detection rate. My question is follows: " Is it possible to apply DARPA Dataset on Snort to derive classification rate and detection rate of attacks? If not, Can you tell me open sources security which can be both host intrusion detection system and Network intrusion detection system to apply DARPA dataset? I am not familiar with snort but I want to apply it with DARPA dataset. Could anyone help me. Many thanks. Thierry _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is- the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Is it possible to apply DARPA dataset on snort to classify attack types? 2014/2015 - Nsabimana Thierry (Mar 31)
- Re: Is it possible to apply DARPA dataset on snort to classify attack types? Paulo Angelo (Mar 31)