How to divide the data into benign and attack?

darpa-i2o / Transparent-Computing

Material from the DARPA Transparent Computing Program

http://www.darpa.mil/program/transparent-computing

178 stars 25 forks source link

How to divide the data into benign and attack? #1

Open lizitong67 opened 4 years ago

lizitong67 commented 4 years ago

How to divide the data into benign and attack? Are there labels in the released data?

monowaranjum commented 3 years ago

There is a ground truth file in the google drive. It contains the malicious activities. You have to cross reference the time and event type with the main event db to find out the malicious events.

faker09 commented 2 years ago

I think that the time provided by ground truth is not accurate

Chaves2021 commented 8 months ago

Hi guys, which strategies have you used to label malicious events, since in the interval of 1 minute, there are 25k to 50k log entries.