Mohammad Reza Hajari
hajari at ...14582...
Sun May 10 15:23:11 EDT 2009
I am in the middle of doing a research on
> " Making Intelligent Snort Intrusion Detection System Using Machine
> Learning", and I
> need your help do this research. Would you please answer my questions?
> 1. what are the features of snort ?
> 2. Using the software of C4.5 I've gained some rules from Data set: KDD99
> having 41 features. How can I convert the gained rules to snort rules?
> 3. In which part of the sourse have the snort features been defined?
> 2. How many features have from the available 41 fatures in Dataset KDD99
> been defined , and where can the undefined features be added in the snort?
> 4.I want to convert Rules such as :
> Rule 146:
> service = http
> src_bytes > 971
> dst_bytes > 2686
> -> class back [99.9%]
> Rule 142:
> service = ftp
> num_access_files > 0
> -> class ftp_write [50.0%]
> could you please send to me the codes for adding these rules to snort.
> 5.What is snort's standard dataset?
> 6. How many features are there in this dataset ; and what are the
> 7. How can we use this dataset as the snort's input?
> I'll really appreciate your help and suggestions about it.
> Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users