[Snort-users] Help

Mohammad Reza Hajari hajari at ...14582...
Sun May 10 15:23:11 EDT 2009


I am in the middle of doing a research on
> " Making Intelligent Snort Intrusion Detection System Using Machine
> Learning", and I
> need your help  do  this research. Would you please answer my questions?
>
> 1. what are the features of snort ?
>
> 2. Using the software of C4.5 I've gained some rules from Data set: KDD99
> having 41 features. How can I convert the gained rules to snort rules?
>
> 3. In which part of the sourse have the snort features been defined?
>
> 2. How many features have from the available 41 fatures in  Dataset KDD99
> been defined , and where can the undefined features be added in the snort?
>
> 4.I want to convert Rules such as :
> Rule 146:
>         service = http
>         src_bytes > 971
>         dst_bytes > 2686
>         ->  class back  [99.9%]
> or
>
>
> Rule 142:
>
>         service = ftp
>
>         num_access_files > 0
>
>         ->  class ftp_write  [50.0%]
>
>
>
> could you please send to me the codes for adding these rules to snort.
> 5.What is snort's standard dataset?
>
> 6. How many features are there in this dataset ; and what are the 
features'
> characteristics?
>
> 7. How can we use this dataset as the snort's input?
>
> I'll really appreciate your help and suggestions about it.
> Best Regards
> M.R.Hajari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20090510/f532c3fa/attachment.html>


More information about the Snort-users mailing list