[nsp-sec] Pre-classified netflow samples
Jason Chambers
jchambers at ucla.edu
Tue Sep 2 19:26:45 EDT 2008
Sebastian Abt wrote:
> ----------- nsp-security Confidential --------
>
> Hi everyone,
>
> For a study on using data mining and machine learning concepts and
> techniques for network anomaly detection, I'm looking for a set of
> pre-classified ("good", "bad", portscan, dos, ...) netflow exports.
>
You might find DatCat useful. I have not used it personally but
remember when it was presented.
http://imdc.datcat.org/help/
http://imdc.datcat.org/help/tutorial
And cases like this [1] are why some people are hesitant to share even
anonymized traces.
[1] www.ece.cmu.edu/~reiter/papers/2007/NDSS1.pdf
Regards,
--
Jason Chambers
UCLA
jchambers at ucla.edu
310-206-5603
More information about the nsp-security
mailing list