how intrusion can be detected by applying frequent data mining technique.
how to create intrusion detection system by applying frequent item set mining using rapid miner. which process to follow.
Find more posts tagged with
Sort by:
1 - 3 of
31
hi,
i have my network data contains attributes
src-ip, dstn-ip, protocol, sync, ack, sync+ack, time
now i have to find the intrusion on the basis of :
if for the same src ip and dest ip, these three fields(ack, syn, ack+syn) have received Boolean value true in three rows then it's ok otherwise if there are only ack and syn value true and there is no corrsponding value for ack+syn(i.e. false) intrusion will be detected.
data is captured using wireshark in .pcap format. how to convert pcap file to csv format.
regards
i have my network data contains attributes
src-ip, dstn-ip, protocol, sync, ack, sync+ack, time
now i have to find the intrusion on the basis of :
if for the same src ip and dest ip, these three fields(ack, syn, ack+syn) have received Boolean value true in three rows then it's ok otherwise if there are only ack and syn value true and there is no corrsponding value for ack+syn(i.e. false) intrusion will be detected.
data is captured using wireshark in .pcap format. how to convert pcap file to csv format.
regards
Hi,
I don't know the pcap format, can you post a short example?
Anyway, you will end up in a tabular data format in RapidMiner. To propose further steps, we would need the format of this data, too. Maybe you can post a short sample.
Best,
Marius
I don't know the pcap format, can you post a short example?
Anyway, you will end up in a tabular data format in RapidMiner. To propose further steps, we would need the format of this data, too. Maybe you can post a short sample.
Best,
Marius
Best,
Marius