2008년 6월 11일 수요일

machine learning & Intrusion detection - MIT Lincoln lab

http://www.ll.mit.edu/mission/communications/ist/index.html

  • intrusion detection 쪽 test data set (by DARPA) 정보를 찾는데 reference 로 활용
  • MIT Lincoln lab 에서 배포하는 tool 중 아래의 것이 유용함
  • Machine Learning
    LNKnet Pattern Classification Software

    LNKnet, developed at MIT Lincoln Laboratory, integrates more than 22 neural network, statistical, and machine learning classification, clustering, and feature selection algorithms into a modular software package. Recently, support vector machines and naive Bayesian Classifiers have been added and a version of LNKnet has been developed that runs under the Microsoft Windows operating system using the Cygwin environment.

    Tcpdump File Replay Utility

    NetPoke is a utility used to replay packets to a live network that were previously captured with the tcpdump program. It attempts to match the timing of the original traffic, optionally speeding it up or slowing it down, and can also modify the network hardware address in the replayed traffic. NetPoke supports multiple network interfaces allowing replayed packets to be injected into different points on a network based on the source address. NetPoke is no longer being supported by MIT Lincoln Laboratory. Those looking for similar functionality might search for tcpreplay and other tools that provide similar functionality.