任何人都可以指导我转换KDD 99数据集,包括以下格式的ip数据包到TCP转储格式?
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
0,udp,private,SF,105,146,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0.00,0.00,0.00,0.00,1.00,0.00,0.00,255,254,1.00,0.01,0.00,0.00,0.00,0.00,0.00,0.00,normal.
1998年DARPA入侵检测评估计划由麻省理工学院林肯实验室制作和管理。 ... 1999年KDD入侵检测竞赛使用了该数据集的一个版本。
由于对原始DARPA数据集以及PCAP网络捕获文件中包含的信息有些熟悉,我可以告诉您,KDD99数据文件包含的信息远远不足以重建正确的网络捕获文件。
似乎KDD99是DARPA IDEVAL98数据集的简化版本,其中仅保留高级操作(例如连接)而不是单个数据包。如果你需要实际的网络捕获文件,你应该得到原始的DARPA IDEVAL data sets。