DARPA Intrusion Detection Evaluation
1999 Training Data - Week 2
The simulation network normally collected data twenty-two hours a day. The tcpslice program was used to examine the outside tcpdump data files and the actual times of the first and last packet were extracted. These times are shown below. During the second week of training data the simulation network was brought down early ( 3:00 AM ) during Tuesday's run for extended unscheduled maintenance.
| First Packet Time | Last Packet Time | ||||||
| Mon | Mar 8 | 08:00:01 | Tue | Mar 9 | 06:00:49 | ||
| Tue | Mar 9 | 08:00:01 | Wed | Mar 10 | 02:59:59 | ||
| Wed | Mar 10 | 08:00:03 | Thu | Mar 11 | 06:00:01 | ||
| Thu | Mar 11 | 08:00:03 | Fri | Mar 12 | 06:00:00 | ||
| Fri | Mar 12 | 08:00:02 | Sat | Mar 13 | 06:00:00 | ||
Monday
| outside tcpdump data | 167,536 kb | gzipped |
| inside tcpdump data | 185,368 kb | gzipped |
| Solaris BSM audit data | 2,789 kb | gzipped |
| NT audit data | 10,482 kb | tarred & gzipped |
| Selected directory dumps | 3,269 kb | tarred & gzipped |
| File system listing & inode record | 10,597 kb | tarred & gzipped |
Tuesday
| outside tcpdump data | 196,205 kb | gzipped |
| inside tcpdump data | 206,995 kb | gzipped |
| Solaris BSM audit data | 3,086 kb | gzipped |
| NT audit data | 10,481 kb | tarred & gzipped |
| Selected directory dumps | 2,966 kb | tarred & gzipped |
| File system listing & inode record | 6,991 kb | tarred & gzipped |
Wednesday
| outside tcpdump data | 68,267 kb | gzipped |
| inside tcpdump data | 78,986 kb | gzipped |
| Solaris BSM audit data | 3,182 kb | gzipped |
| NT audit data | 10,481 kb | tarred & gzipped |
| Selected directory dumps | 3,416 kb | tarred & gzipped |
| File system listing & inode record | 6,993 kb | tarred & gzipped |
Thursday
| outside tcpdump data | 165,445 kb | gzipped |
| inside tcpdump data | 172,389 kb | gzipped |
| Solaris BSM audit data | 5,884 kb | gzipped |
| NT audit data | 2,497 kb | tarred & gzipped |
| Selected directory dumps | 3,315 kb | tarred & gzipped |
| File system listing & inode record | 6,563 kb | tarred & gzipped |
Friday
| outside tcpdump data | 142,087 kb | gzipped |
| inside tcpdump data | 151,229 kb | gzipped |
| Solaris BSM audit data | 3,875 kb | gzipped |
| NT audit data | 440 kb | tarred & gzipped |
| Selected directory dumps | 3,442 kb | tarred & gzipped |
| File system listing & inode record | 6,944 kb | tarred & gzipped |
Errata.
None.
top of page