I am in the process of constructing a NIDS based on SVM learning and classification and would like to apply the same type of mapping or transformation of NSL-KDD data (41 features) for use in SVM to raw packet capture data too.
hi:
I hope this help:
https://www.researchgate.net/post/How_do_you_use_a_KDDcup_99_data_set_for_intrusion_detection
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CCsQFjAA&url=http%3A%2F%2Fwww.ijetae.com%2Ffiles%2FVolume3Issue3%2FIJETAE_0313_100.pdf&ei=gyYZU46JFKjOygOH_YLoCw&usg=AFQjCNH_4db4IsbIADqYzujo9lFgqyvRUQ&sig2=evqplNpe4WEwfkglSPPArw&bvm=bv.62578216,d.bGQ
Thank you sir. The paper you reference has been my primary source of information regarding possible mapping of the NSL-KDD 99 data. However, I find that there are some details of the authors' mappings that aren't clearly explained, or simply missing. For example, some of the attributes or features of the dataset are simply enumerated and do not provide much help (read context) in the particular SVM implementation I am using.
I appreciate your input and again thank you. For now, going forward I am going to be considerably widening the dataset records by assigning binary choices for each of the service types for instance. I'm hoping that through clever feature elimination I can still maintain a smaller but effective feature set for SVM training and classification.
- Badges
- Science topic