Repository for research conducted at NETX, a networks research group in the Department of Computer Science and Engineering at IIT Hyderabad, India led by Dr. Praveen Tammana.
-Legitimate traffic:
CAIDA 2018 dirA /24 pcaps having retransmission in the range 0-15% and avg flows per window around 50
-Attack traffic:
Steps used for generation:
-Extract random 2% TCP flows from normal trace (0-15% retransmission) and remove these 2% flows from original normal trace
-Extract a payload packet from each of the 2% flows. We treat these flows as attack flows
-Create a new pcap using python3 such that a new attack flow is started every second
-So, at 1st sec, we have a packet from attack flow1, at 2nd sec, we have re-transmitted packet from attack flow1 plus a packet from a new attack flow2 and so on.
-Within 2 sec, we observe packets of same attack flow -- to infer that attack flows are active
-Attack flows are active till the end of the experiment i.e 60 secs
Todo:
Test on 135* pcap
Get instance log (avg number of flows) for this pcap
-Legitimate traffic: CAIDA 2018 dirA /24 pcaps having retransmission in the range 0-15% and avg flows per window around 50
-Attack traffic: Steps used for generation: -Extract random 2% TCP flows from normal trace (0-15% retransmission) and remove these 2% flows from original normal trace -Extract a payload packet from each of the 2% flows. We treat these flows as attack flows -Create a new pcap using python3 such that a new attack flow is started every second -So, at 1st sec, we have a packet from attack flow1, at 2nd sec, we have re-transmitted packet from attack flow1 plus a packet from a new attack flow2 and so on. -Within 2 sec, we observe packets of same attack flow -- to infer that attack flows are active -Attack flows are active till the end of the experiment i.e 60 secs
Todo: