Skip to content

Complete Version

Latest
Latest
Compare
Choose a tag to compare
@spectator05 spectator05 released this 24 May 06:58
· 10 commits to master since this release
2.0
5e521c1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

O24Sec(Object-Oriented Clustering for Security Monitoring)

v2.0 Preprocessing(Object Separation) and Clustering

  • in "capstone-2021-18/O24Sec/"

  • Separating events into 6 categories(4 datasets , 2 exceptions) based on source IP: add category(int) column data to event

  1. inner_server -> outer_client
  2. inner_client -> outer_server
  3. outer_server -> inner_client
  4. outer_client -> inner_server
  5. can't separate events (exception)
  6. packet protocol is ICMP (exception)
  • Encryption determination:

With 1 ~ 4 categories dataset, dividing events into two directory(saved_folder):

  • "\encrypt": Folder with encrypted events
  • "\plain": Folder with unencrypted events
  • Events Clustering in 4-kind Objects:

Clustering with Jaccard Similarity

  • Else:

/docs
/image
updating README.md
updating index.md (webpage)

Assets 2
Loading