igstbagusdharmaputra
commented
4 years ago how to get attribute service on pcap?
Open fightingman1 opened 4 years ago
igstbagusdharmaputra
commented
4 years ago how to get attribute service on pcap?
igstbagusdharmaputra
commented
4 years ago How can I transform tcpdump data on KDDCup99 format?
if ( p in port_names ) return port_names[p]; else{ if ((49152/tcp<=p && p<=65535/tcp) || (49152/udp<=p && p<=65535/udp)) return "private"; else return "other"; }
https://github.com/inigoperona/tcpdump2gureKDDCup99/blob/master/darpa2gurekddcup.bro How to active function? and i can to get data service
At present I have succeed transformed the packets captured by wireshark or tcpdump.However,I find the numbers of characteristic value is different with KDD99.Then I noticed the first 6 valued didn't exist
in KDD99,so I ingnored them .But as for the third valued in KDD99---service,which did'nt appear in transformed data.So I want to ask why.And does this value has effect on the result of detecing the attack