1.数据集kddcup99
本文使用了kddcup99数据集的10%的子集数据,其中包含四个大类攻击,共计23个子类攻击。具体攻击类型如下:
- DOS, denial-of-service. 拒绝服务攻击,例如ping-of-death, syn flood, smurf等;
- R2L, unauthorized access from a remote machine to a local machine. 来自远程主机的未授权访问,例如guessing password;
- U2R, unauthorized access to local superuser privileges by a local unpivileged user. 未授权的本地超级用户特权访问,例如buffer overflow attacks;
- PROBING, surveillance and probing, 端口监视或扫描,例如port-scan, ping-sweep等。
![攻击类型展示](https://img-blog.csdnimg.cn/d1c9f94d6cfb4b3d95ff6b2582651d81.png)
2.数据集简要介绍
KDD99数据集中每个连接(*)用41个特征来描述:
2, tcp, smtp, SF, 1684, 363, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0.00, 0.00, 0.00, 0.