You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spot.apache.org by br...@apache.org on 2017/09/14 22:20:05 UTC

[15/15] incubator-spot git commit: Edit

Edit


Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/341eb029
Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/341eb029
Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/341eb029

Branch: refs/heads/master
Commit: 341eb029ba00c4b5e579a65c055fc738d9d15479
Parents: 56353b8
Author: Brandon Edwards <br...@intel.com>
Authored: Thu Sep 14 15:09:38 2017 -0700
Committer: Brandon Edwards <br...@intel.com>
Committed: Thu Sep 14 15:09:38 2017 -0700

----------------------------------------------------------------------
 spot-ml/DATA_SAMPLE.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-spot/blob/341eb029/spot-ml/DATA_SAMPLE.md
----------------------------------------------------------------------
diff --git a/spot-ml/DATA_SAMPLE.md b/spot-ml/DATA_SAMPLE.md
index 1d14f9e..2ffd064 100644
--- a/spot-ml/DATA_SAMPLE.md
+++ b/spot-ml/DATA_SAMPLE.md
@@ -1,7 +1,7 @@
 
 # DNS Labeled Data Set
 
-An IXIA BreakingPoint box was used to simulate both normal and attack (DNS tunnelling) DNS traffic. The resulting pcaps were obtained and fields relevant to Apache Spot (incubating) were ingested. The attacks can be differentiated from the normal activity due to codes that were inserted into the Transaction ID field (upon ingestion: ‘dns_id’) which identifies either the fact that the traffic was normal or identifies the specific DNS tunneling activity being used. We provide the data schema as well as the location and specifications of the data within Amazon-S3. Information is also provided for how to interpret the dns_id field.
+An IXIA BreakingPoint box was used to simulate both normal and attack (DNS tunnelling) DNS traffic. The resulting pcaps were obtained and fields relevant to Apache Spot (incubating) were ingested and stored in parquet format. The attacks can be differentiated from the normal activity due to codes that were inserted into the Transaction ID field (upon ingestion: ‘dns_id’) which identifies either the fact that the traffic was normal or identifies the specific DNS tunneling activity being used. We provide the data schema as well as the location and specifications of the data within Amazon-S3. Information is also provided for how to interpret the dns_id field.