IDS mailing list archives
CDX dataset and labeling
From: snort user <snort.user () gmail com>
Date: Wed, 23 Sep 2009 00:11:59 -0400
The CDX dataset is available at http://www.itoc.usma.edu/research/dataset/ The paper describing the generation of labeled dataset is available here: http://www.usenix.org/event/cset09/tech/full_papers/sangster.pdf As a user of this dataset, how do I get labeling information. The detailed network diagram is also available at http://www.itoc.usma.edu/research/dataset/logs/CDX_2009_Network_USMA.pdf Attack labeling based on ip address: [?] The IP addresses of the Red Team (the bad guys) is known ahead of time. But the red team also generates benign traffic. In addition, after taking over some of the good machines, red team can use those ip addresses to attack. Unless the user digs deep and analyze the traffic in detail is it possible to know which sessions/packets are good / bad? Otherwise what does labeled data mean? Thanks for any clarification - ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe. http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194
Current thread:
- CDX dataset and labeling snort user (Sep 23)