Traffic Trace: 2002/01/25
Info:
http://mawi.wide.ad.jp/mawi/samplepoint-B/2002/200201251400.html
tcpdump file:
http://mawi.wide.ad.jp/mawi/samplepoint-B/2002/200201251400.dump.gz
Anomalous Traffic:
"Anomalous" and "Suspicious" labels (admd file):
200201251400_anomalous_suspicious.xml
Overview of the anomalies:
# of anomalies: 6
# of anomalies as function of the # of alarms and # of detectors reporting the alarms:
Breakdown of the anomalies:
| Category | Label | Detectors |
|---|
| SYN scan | Anomalous | Hough, Gamma, PCA |
| HTTP | Anomalous | Gamma, KL, PCA |
| HTTP | Anomalous | Hough, Gamma, KL, PCA |
| Unknown | Anomalous | Hough, Gamma, PCA |
| Unknown | Anomalous | Hough, Gamma, PCA |
| Unknown | Anomalous | Hough, Gamma, KL, PCA |
| Category | Label | Detectors |
|---|
Other:
"Notice" labels (admd file):
200201251400_notice.xml