A detailed analysis of the KDD CUP 99 data set

2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications Pub Date : 2009-07-08 DOI:10.1109/CISDA.2009.5356528

Mahbod Tavallaee, E. Bagheri, Wei Lu, A. Ghorbani

引用次数: 3487

Abstract

During the last decade, anomaly detection has attracted the attention of many researchers to overcome the weakness of signature-based IDSs in detecting novel attacks, and KDDCUP'99 is the mostly widely used data set for the evaluation of these systems. Having conducted a statistical analysis on this data set, we found two important issues which highly affects the performance of evaluated systems, and results in a very poor evaluation of anomaly detection approaches. To solve these issues, we have proposed a new data set, NSL-KDD, which consists of selected records of the complete KDD data set and does not suffer from any of mentioned shortcomings.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

对KDD CUP 99数据集的详细分析

在过去的十年中，异常检测已经引起了许多研究人员的关注，以克服基于签名的入侵防御系统在检测新型攻击方面的弱点，而KDDCUP'99是最广泛使用的用于评估这些系统的数据集。在对该数据集进行统计分析后，我们发现了两个重要的问题，这些问题严重影响了评估系统的性能，并导致对异常检测方法的评估非常差。为了解决这些问题，我们提出了一个新的数据集，NSL-KDD，它由完整的KDD数据集的选定记录组成，并且没有上述任何缺点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications

自引率

0.00%

发文量

期刊最新文献

Evolving spiking neural networks: A novel growth algorithm corrects the teacher Emitter geolocation using low-accuracy direction-finding sensors Secure two and multi-party association rule mining Passive multitarget tracking using transmitters of opportunity Bias phenomenon and analysis of a nonlinear transformation in a mobile passive sensor network