How can one create an intrusion detection dataset for testing. I have ISCX datasets can i sue them to train as well as test my classifiers. Beginner in this field I shall appreciate inputs
Dear Gunseerat
It is always good to use the UNB ISCX NSL-KDD DataSet. Also the number of records in the NSL-KDD train and test sets are reasonable and hence affordable to run the experiments on the complete set without the need to randomly select a small portion.
If you would like to create your own IDS dataset i would like to tell you to create a network setup with more than 5 systems minimum. Install SNORT in all these systems.
Snort's open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching and matching.
Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection. In sniffer mode, the program will read network packets and display them on the console. In packet logger mode, the program will log packets to the disk. In intrusion detection mode, the program will monitor network traffic and analyze it against a rule set defined by the user. The program will then perform a specific action based on what has been identified.
https://www.snort.org/
This will help you create your own dataset with packet traces. You can create your own signatures for VIRUS module and all..
You can also have a look into these papers
https://www.researchgate.net/publication/284510716_An_Efficient_Alert_Correlation_Engine_for_Intrusion_Detection
https://www.researchgate.net/publication/284484095_Correlation_of_Alerts_Using_Prerequisites_and_Consequences_for_Intrusion_Detection
https://www.researchgate.net/publication/284484012_Machine_Learning_Based_Intrusion_Detection_Systems_using_RSC
https://www.researchgate.net/publication/283319762_Accuracy_Analysis_of_Machine_Learning_Algorithms_for_Intrusion_Detection_System_using_NSL-KDD_Dataset
Regards
Sanoop
Conference Paper An Efficient Alert Correlation Engine for Intrusion Detection
Conference Paper Correlation of Alerts Using Prerequisites and Consequences f...
Article Machine Learning Based Intrusion Detection Systems using RSC
Conference Paper Accuracy Analysis of Machine Learning Algorithms for Intrusi...
Dear Gunseerat
Sanoop is right. You can actually setup both testbed based dataset or simulation based data set. If you are looking at the simulation based systems, then i would suggest to model a network ()configure according to your requirment) program an attack scenario so that you will have the traces by run it with various seed values and then abstract your audit data and apply the Intrusion detection technique.
Have a look at my papers on Intrusion detection and response full text available on my RG profile.
Protection of MANETs from a range of attacks using an intrusion detection and prevention system
An Intrusion Detection & Adaptive Response Mechanism for MANETs
Adaptive intrusion detection & prevention of denial of service attacks in MANETs
Hope this will help.
Regards
Dr Adnan Nadeem
Norliza Abdullah... Mam I will be using Support vector machine and multi layer perceptron in machine learning
- Badges
- Science topic
- Similar topics
- Mathematical Sciences
- Graphs