It depends upon which data set you have downloaded. Most of the people download KDD data sets. In the readme file of the data set, the attributes(Features)and the names of various attacks are mentioned. It consists of around 40 plus attributes to detect the various attacks.It is necessary to study the various types of the attack and then to normalize the data according to your requirements. Normalization of data also depends on what kind of machine algorithm you are going to use to detect the intrusion. Therefore it is good to first decide upon the ML algorithm and then normalize the data.
thank u Manikrao. but my problem is different. i have data set not from kdd . this data set has 5 attributes but still they didnt classified these datase . my problem how i can identify attack from different record
for example i want to know this record is abnormal ( exp neptune attack) and either record is normal like this
What exactly is your 'intrusion detection data set' comprised of? Is this raw packet data? Is it data that you can transform into input or training data for a data mining tool such as RapidMiner?
- Badges
- Science topic
- Similar topics
- Social Psychology
- Attitude