DEVHIDE
Login Or Sign up

find attack packets on darpa dataset

1.2k Views Asked by At

I download inside tcpdump data of week5-monday of darpa dataset(link)
and download attack list on week 4 and 5 of darpa site(link)

(attack list say on time 04/06/1999 08:11:15 duration 00:00:10 on des ip 172.016.112.050 is tcpreset attack)

I want to find tcpreset attack packet on tcpdum so I open tcpdump with wireshark and filter packets that times between 8:11:15 and 8:11:25 (frame.time>apr 6,1999 8:11:15 and frame.time>apr 6,1999 8:11:25)

problem: I cant find packet with 172.016.11.050 des ip on result!!!

wireshark packet-capture intrusion-detection
Original Q&A
1

There are 1 best solutions below

0
On

Try giving a minute gap.

During the 1999 evaluations, a 1 minute gap was given to give chance for IDSs to detect attacks during week 2 for labeled attacks.

Related Questions in WIRESHARK

Related Questions in PACKET-CAPTURE

Related Questions in INTRUSION-DETECTION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.