Hi there, I am a newbie in this forum. I am more concerned on Auritficial Intelligence (Machine Learning) techniques rather than the IDS itself. However, I would like to test some machine learning techniques (Neural Networks, ...) in the domain of IDS, i.e. use AI to analyse some available datasets of intrusions.
I found the IDS data published by MIT & DARPA (http://www.ll.mit.edu/IST/ideval/) which is quite wellknown I suppose. I have the following questions: 1. This dataset was published since 1999, which is quite long time ago. However, since then, there is no other "wellknown" dataset of IDS published. I would like to ask if there is some good IDS datasets (ready for AI techniques) but I am not aware of? 2. What is tcp-dump? What I got from the DARPA dataset was a text file with several lines, each line has several attributes separated by commas. How an IDS can understand this text file? I am confusing between the AI-ready datasets (text files that are preprocessed) and the files generated originally from a real IDS. Thanks Patrick Tran ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
