The Network Intrusion Detection System (NIDS) Dataset Creation framework is designed to generate labeled PCAP files that that can be used to create datasets for assessment of intrusion detection systems. The framework is implemented in OMNeT++ and is based on the INET framework. NIDSDatasetCreation enables generation of detailed labeled network traces with integrated abnormal interactions.
- Labeling: The framework able to label individual packets and phases and integrate them in a labeled PCAP file.
- Abnormal Traffic: The framework able to generate abnormal traffic, implemented modules support delay, elimination, injection, manipulation, and reordering of packets before and/or after link layer queueing.
- Download OMNeT++ 6.0.2
- Install OMNeT++
- Get INET framework fork
- https://github.com/CoRE-RG/inet/tree/core/nids
- Clone repository, checkout core/nids branch, and import it in OMNEST/OMNeT++
- Get NIDSDatasetCreation framework
- Clone this repository and import it in OMNEST/OMNeT++
- Working with the framework
- Build the framework
- Look for the simulation
simulations/caras a comprehensive example - Use generated labeled datasets to train, validate, and/or test NIDS
- For example: The PyNADS framework is able process generated datasets for assessment of network anomaly detection systems (NADS).
The NIDSDatasetCreation model is under continuous development: new parts are added, bugs are corrected, and so on. We cannot assert that the implementation will work fully according to your specifications. YOU ARE RESPONSIBLE YOURSELF TO MAKE SURE THAT THE MODELS YOU USE IN YOUR SIMULATIONS WORK CORRECTLY, AND YOU'RE GETTING VALID RESULTS.