StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
7939151
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2011-10-29T13:22:17.807
FavoriteCount
0
LastActivityDate
2011-10-29T13:30:39.360
LastEditDate
2011-10-29T13:30:39.360
LastEditorUserId
41782
OwnerUserId
41782
ParentId
7587657
PostTypeId
2
Score
2
ViewCount
0
LastEditorDisplayName
text
Body
I study in the same subject. Intrusion detection and machine learning. It is rather broad subject. I will answer more about data pre-processing and feature construction point of view. Neural Network part is different story altogether. First of all, this area is heavily commercialized therefore there is almost no open source code examples. A lot things are done commercially in a closed ecosystem. From academic perspective: There is a big data set problem. DK99C (Darpa - KDD99 data set) exists but it is very old. KDD99 dataset is constructed from DARPA tcpdumps. They used bro IDS , tcpdump api to construct features. From my perspective it is a lot harder to create features from raw tcpdump than working with machine learning algorithms (Neural Network) on ready features. Read this article to learn more about how it (KDD99) is constructed <pre><code>Article (Lee2000framework) Lee, W. & Stolfo, S. J. A framework for constructing features and models for intrusion detection systems ACM Trans. Inf. Syst. Secur., ACM, 2000, 3, 227-261 </code></pre> Read this article and its presentation to learn why this subject is a hard problem to study. <pre><code> Inproceedings (Sommer2010Outside) Sommer, R. & Paxson, V. Outside the Closed World: On Using Machine Learning for Network Intrusion Detection Proceedings of the 2010 IEEE Symposium on Security and Privacy, IEEE Computer Society, 2010, 305-316 </code></pre> Read this article to see how most academics work in this subject. A bit disappointing really. <pre><code>Article (Tavallaee2010Toward) Tavallaee, M.; Stakhanova, N. & Ghorbani, A. Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on, 2010, 40, 516 -524 </code></pre> Read this why DK99C is considered harmful. It is harmful but no other credible dataset exists. <pre><code>Article (Brugger2007KDD) Brugger, S. KDD Cup’99 dataset (Network Intrusion) considered harmful KDnuggets newsletter, 2007, 7, 15 </code></pre> Read this about taxonomy of IDS data pre processing <pre><code>Article (Davis2011Data) Davis, J. J. & Clark, A. J. Data preprocessing for anomaly based network intrusion detection: A review Computers & Security, 2011, 30, 353 - 375 </code></pre>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POBuilding Intrusion Detection System but from where to begin
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USAtilla Ozgur
UserOwnerUserId
1. USAtilla Ozgur
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.