the accumulated threat levels doesnt keep increasing as long as there's no alert in a given timewindow as it's supposed to

stratosphereips / StratosphereLinuxIPS

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.

Other

712 stars 176 forks source link

the accumulated threat levels doesnt keep increasing as long as there's no alert in a given timewindow as it's supposed to #1043

Closed AlyaGomaa closed 4 weeks ago

AlyaGomaa commented 1 month ago

The below screeshot is the ordered accumulated threat levels of IP 192.168.1.113 timewindow 1 of CTU-Malware-Capture-Botnet-219-2/Day1

there's a 0.4 drop in the accumulated threat levels, not sure where it's coming from.

cat output/Malware/CTU-Malware-Capture-Botnet-219-2/Day1/22/alerts.json | grep 'ec7dd838-6836-49f2-86d7-00078b88a5e8' -B 3 -A 3

AlyaGomaa commented 4 weeks ago

fixed here #1044