Stack Overflow
Stack Overflow

Questions tagged [intrusion-detection]

137 questions
1
vote
1 answer

How to Monitor MYSQL changes

I have installed The AIDE on my Ubuntu server and I would like now to Monitor MYSQL changes (new fields, new content, new tables etc. created). How can I do this with AIDE? Thanks! Roman
Roman
  • 337
  • 1
  • 3
  • 12
1
vote
0 answers

Boyer-Moore Algorithm

I'm trying to implement Boyer-Moore Algorithm in C for searching a particular word in .pcap file. I have referenced code from http://ideone.com/FhJok5. I'm using this code as it is. Just I'm passing packet as string and the keyword I'm searching…
D V Santhosh Kiran
  • 119
  • 1
  • 11
1
vote
1 answer

Snort http_inspect preprocessor will not alert to traffic

I am currently testing the Snort IDS for a project, I followed the Snort 2.9.5.3 installation guide. I am having an issue to correctly configure http_inspect so that it alerts to traffic. The (virtual) network Snort is monitoring consists of it, an…
Dan1676
  • 1,685
  • 8
  • 24
  • 35
1
vote
0 answers

What are the issues by disabling the "DELETE" and "PUT" method from webserver server?

We have installed "Intruder Detection System" (IDS) to our web sever. According to it's recent report it recommend us to disable "DELETE" and "PUT" method from our webserver server. I understand what these two methods can help to a Web attacker but…
FR STAR
  • 662
  • 4
  • 24
  • 50
1
vote
1 answer

How to disable (turn off) tripwire

I setup a IDS Tripwire and now found that sometimes when it check integrity of FS it's have huge CPU consumption. In all manuals only says how to setup this, but not how to delete. I have root permissions, cause this is my server. How I may turn it…
Daniel
  • 534
  • 4
  • 16
1
vote
1 answer

KDD1999 dataset Features exolaination

I'm using KDD1999 dataset to prevent intrusion, but i have some questions about the features: can someone explain to me or give me the meaning of the flags. Here is the list of the flags used in the KDD1999 dataset: 'flag' { 'OTH', 'REJ', 'RSTO',…
Nadya Nux
  • 519
  • 1
  • 5
  • 17
1
vote
1 answer

Building features for Intrusion Detection System using JPCAP

I am doing project on intrusion detection system. I am using JPCAP library to capture packet. Using JPCAP I am able to construct basic features of TCP Connections mentioned in KDD 99 dataset(e.g. Duration, protocol_type, Service, Source port,…
Mahendra Garodi
1
vote
1 answer

find attack packets on darpa dataset

I download inside tcpdump data of week5-monday of darpa dataset(link) and download attack list on week 4 and 5 of darpa site(link) (attack list say on time 04/06/1999 08:11:15 duration 00:00:10 on des ip 172.016.112.050 is tcpreset attack) I…
titiri
  • 1
  • 5
1
vote
1 answer

Suspected Error div on web pages of YontooInstallID, Y2PluginIds

I have found out that, while Inspect Element on chrome or firebug on mozilla, i found these strange invisble divs.. how can we remove this.. or is some kind of intrusion... below is the code
0
votes
1 answer

How to avoid spammer to use my FTP, bandwidth and mySQL of my site?

THE PROBLEM My server gave me an ultimatum (3 business days): "We regret to say That database is currently consuming excessive resources on our servers Which causes our servers to degrade performance Affecting ITS customers to other database driven…
Giada Lombardi
  • 1
  • 1
0
votes
0 answers

I am trying to print all pie charts for different types of attack labels but its only printing one?

attacks=list(data.labels.unique()) for labe in attacks: print(labe) data.loc[data.labels=='normal']['protocol_type'].value_counts().plot(kind='pie', label=str(labe)+' protcol type proportions', autopct='%.2f%%') I am trying to print all…
Omega_smash
  • 1
  • 1
0
votes
0 answers

Question about how to improve my intrusion detection model and decrease false positives?

I have a machine learning model that i feel is still getting false positives. It can largely detect attacks that i produce separately from the training / test set, maybe at a 80% rate? But for me that is not enough. I also tried to drop columns with…
babypuncher666
  • 1
  • 1
0
votes
2 answers

Is there a definition to SYN error in KDD99 dataset?

I'm studying about the KDD99 dataset. There's an error called "'SYN' error" in 25th and 26th feature of the dataset. Can anyone please tell me what type of error is it and when does it happen? Thank you very much.
Thanh Duy Cao
  • 35
  • 3
0
votes
0 answers

how to get data from raw logs to put into training model or dataset kddcup99?

anyone can help me? I had a model about intrusion detection system using machine learning, and I used dataset kdd99cup, Now I want to get data from raw logs from SIEM or switch core, how can i get data from raw logs to put into training model?…
Ruby Zan
  • 1
0
votes
1 answer

Ways to fullfil NaN Values for Intrusion Detection with ML, Unsupervised ML

I created a CSV file. It contains 250800 rows and 75 columns. I am doing an EDA analysis to use the data for ML. It looks like this. All of the columns are float or integer values. (df.info()) When I do : df.dropna() It removes NaN values but the…
user18791319
1 2 3
9 10