Open lizitong67 opened 4 years ago
There is a ground truth file in the google drive. It contains the malicious activities. You have to cross reference the time and event type with the main event db to find out the malicious events.
I think that the time provided by ground truth is not accurate
Hi guys, which strategies have you used to label malicious events, since in the interval of 1 minute, there are 25k to 50k log entries.
How to divide the data into benign and attack? Are there labels in the released data?