From 5e66984db605e4795ac6ddcab49636705dea9a0e Mon Sep 17 00:00:00 2001 From: Jelena Mirkovic Date: Tue, 23 Jan 2024 15:10:48 -0800 Subject: [PATCH] Removed files in progress from emacs --- .../provider-peakflow/README.md~ | 29 ------------------- 1 file changed, 29 deletions(-) delete mode 100644 ddos_hackathon-20200511/provider-peakflow/README.md~ diff --git a/ddos_hackathon-20200511/provider-peakflow/README.md~ b/ddos_hackathon-20200511/provider-peakflow/README.md~ deleted file mode 100644 index 370ae19..0000000 --- a/ddos_hackathon-20200511/provider-peakflow/README.md~ +++ /dev/null @@ -1,29 +0,0 @@ -# Provenance information - -Peakflow (now NetScout) appliance was running at FRGP network during -dataset collection and it was generating alerts, which we collected -as well. We pre-filtered these alerts to keep only reflection DDoS -attacks and we have anonymized the alerts to match the dataset -anonymization. Each alert shows the epoch start and stop time of -the attack, and the attack type(s) as reported by Peakflow. The -start time is the actual attack detection time and the stop time -is when the mitigation was stopped. - -# Tools required for generating labels - -The provider (usc-isi) has produced the tool to use the provided -event labels in this folder and Netflow data from the dataset to -produce per-flow labels (B for benign, A for attack). The tool prints -output of nfdump -o pipe and attaches the label at the end of the line. -The tool can be found in /tools/usc-isi/netflow-ddos/ directory -in the COMUNDA git repository. Please refer to the -README.md file in that directory for how to run the tool. The -instructions below describe how to use the tool to generate the -provider given labels for this dataset. - - -# How to run the labeling code - -``` -perl tag_flows.pl tag -s 1581581100 -e 1581581360 -r -E sin -q 8.8.8.8 -``` \ No newline at end of file