Question about the darpa dataset

FDUDSDE / MAGIC

Codes and data for USENIX Security 24 paper "MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning"

MIT License

64 stars 10 forks source link

Question about the darpa dataset #10

Closed kamelferrahi closed 5 months ago

kamelferrahi commented 5 months ago

Hi how did you get the documentation on the darpa dataset n order to know which file contains the malicious or benign activity

Jimmyokok commented 5 months ago

Three ways:

Traverse every file and find those activities.
Traverse the head of each file, extract the timestamp and see if it is inside the time range of an attack campaign.
See which file(s) did previous works use via their papers/github repos.

kamelferrahi commented 5 months ago

Thank you for you guidance. Where Can I find the planning of the attack campaign

Jimmyokok commented 5 months ago

There is a ground truth document(TC_Ground_Truth_Report_E3_Update.pdf) officially provided with the data release. It contains when the attack campaigns took place.

kamelferrahi commented 5 months ago

Thank You!