期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2008
卷号:8
期号:9
页码:309-315
出版社:International Journal of Computer Science and Network Security
摘要:This paper discusses an efficient approach for extracting information from the libpcap compatible network data using scripting languages. The extracted information will be used for traffic anomaly detection in network intrusion detection systems. The information extraction is done on DARPA 1998 dataset. Extraction process includes exporting the dataset into plain text or csv format using wireshark (network sniffing tools) and then extracting the information using scripting languages. The results obtained from the scripts written using gawk, awk, sed and perl are compared with the results obtained from the DDL, DML, procedures given to the database. It is found that the use of scripts along with queries was more efficient than using just using DDL, DML, procedures on database or scripting languages alone for extracting information
关键词:IDS; NIDS; anomaly detection; information extraction;gawk; DDL; DML; sed; pager.
Loading...
