KDD 1999 generation faults: a review and analysis

Amjad M. Al Tobi; Ishbel Duncan

doi:10.1080/23742917.2018.1518061

KDD 1999 generation faults: a review and analysis

Amjad M. Al Tobi, Ishbel Duncan

School of Computer Science

Research output: Contribution to journal › Article › peer-review

Abstract

DARPA 1998 was one of the first Intrusion Detection datasets that was made publicly available. The KDD 1999 dataset was derived from DARPA 1998 to be used by researchers in developing machine learning (ML), classification and clustering algorithms with a security focus. DARPA 1998 has been criticised in literature due to raised concerns of problems in the dataset. Many researchers have accused KDD 1999 of having similar concerns but insufficient published evidence has been found. In this paper, we review the KDD 1999 generation process and present new proofs of existing inconsistencies in KDD 1999. We then present the process used to link some of the KDD 1999 (TELNET) records back to their origins in DARPA 1998 and discuss the interesting results and findings of this experiment.

Original language	English
Pages (from-to)	164-200
Number of pages	37
Journal	Journal of Cyber Security Technology
Volume	2
Issue number	3-4
Early online date	21 Sept 2018
DOIs	https://doi.org/10.1080/23742917.2018.1518061
Publication status	Published - 2018

Keywords

DARPA 1998 dataset
KDD Cup 1999 dataset
KDD review
KDD generation process
KDD generation faults

Access to Document

10.1080/23742917.2018.1518061

KDD 1999 generation faults
© 2018, Informa UK Ltd. This work has been made available online in accordance with the publisher's policies. This is the author created accepted version manuscript following peer review and as such may differ slightly from the final published version. The final published version of this work is available at https://doi.org/10.1080/23742917.2018.1518061
Accepted author manuscript, 5.03 MB

Ishbel Mary Macdonald Duncan
- Ishbel.Duncanst-andrews.acuk
- School of Computer Science - Honorary Senior Lecturer
Person: Honorary

Cite this

@article{f7b3938d97f147cda37f068cb4c09337,

title = "KDD 1999 generation faults: a review and analysis",

abstract = "DARPA 1998 was one of the first Intrusion Detection datasets that was made publicly available. The KDD 1999 dataset was derived from DARPA 1998 to be used by researchers in developing machine learning (ML), classification and clustering algorithms with a security focus. DARPA 1998 has been criticised in literature due to raised concerns of problems in the dataset. Many researchers have accused KDD 1999 of having similar concerns but insufficient published evidence has been found. In this paper, we review the KDD 1999 generation process and present new proofs of existing inconsistencies in KDD 1999. We then present the process used to link some of the KDD 1999 (TELNET) records back to their origins in DARPA 1998 and discuss the interesting results and findings of this experiment.",

keywords = "DARPA 1998 dataset, KDD Cup 1999 dataset, KDD review, KDD generation process, KDD generation faults",

author = "{Al Tobi}, {Amjad M.} and Ishbel Duncan",

year = "2018",

doi = "10.1080/23742917.2018.1518061",

language = "English",

volume = "2",

pages = "164--200",

journal = "Journal of Cyber Security Technology",

issn = "2374-2917",

publisher = "Taylor & Francis",

number = "3-4",

}

TY - JOUR

T1 - KDD 1999 generation faults

T2 - a review and analysis

AU - Al Tobi, Amjad M.

AU - Duncan, Ishbel

PY - 2018

Y1 - 2018

N2 - DARPA 1998 was one of the first Intrusion Detection datasets that was made publicly available. The KDD 1999 dataset was derived from DARPA 1998 to be used by researchers in developing machine learning (ML), classification and clustering algorithms with a security focus. DARPA 1998 has been criticised in literature due to raised concerns of problems in the dataset. Many researchers have accused KDD 1999 of having similar concerns but insufficient published evidence has been found. In this paper, we review the KDD 1999 generation process and present new proofs of existing inconsistencies in KDD 1999. We then present the process used to link some of the KDD 1999 (TELNET) records back to their origins in DARPA 1998 and discuss the interesting results and findings of this experiment.

AB - DARPA 1998 was one of the first Intrusion Detection datasets that was made publicly available. The KDD 1999 dataset was derived from DARPA 1998 to be used by researchers in developing machine learning (ML), classification and clustering algorithms with a security focus. DARPA 1998 has been criticised in literature due to raised concerns of problems in the dataset. Many researchers have accused KDD 1999 of having similar concerns but insufficient published evidence has been found. In this paper, we review the KDD 1999 generation process and present new proofs of existing inconsistencies in KDD 1999. We then present the process used to link some of the KDD 1999 (TELNET) records back to their origins in DARPA 1998 and discuss the interesting results and findings of this experiment.

KW - DARPA 1998 dataset

KW - KDD Cup 1999 dataset

KW - KDD review

KW - KDD generation process

KW - KDD generation faults

U2 - 10.1080/23742917.2018.1518061

DO - 10.1080/23742917.2018.1518061

M3 - Article

SN - 2374-2917

VL - 2

SP - 164

EP - 200

JO - Journal of Cyber Security Technology

JF - Journal of Cyber Security Technology

IS - 3-4

ER -

KDD 1999 generation faults: a review and analysis

Abstract

Keywords

Access to Document

Fingerprint

Profiles

Ishbel Mary Macdonald Duncan

Cite this