You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Congratulations on the publication of your paper and the open source of your MEGR-APT project. Your research has provided a strong guidance in this field. Here are still a few details that bother us about replicating our code on a non-DARPA dataset (i.e., an APT attack simulation dataset we constructed ourselves).
We collected audit logs from windows process monitors , extracted key information (e.g., filename, ip_address and process names) and realized IOC matching. Unfortunately, we failed to deploy the stardog database locally so that we could not get the specific information of the tll format data you provided. Considering our data size is much more small than DARPA, we are curious if it is possible to complete the remaining pipeline (e.g., Query Graph Construction and Training set construction) without going through the two-step data form transformation (i.e., Postgres and Stardog). If so, which functions or python scripts should we foucs on?
Thank you again for the great help your research has provided, and we will wait for receiving your reply.
Best regards!
The text was updated successfully, but these errors were encountered:
Hello sir,
Congratulations on the publication of your paper and the open source of your MEGR-APT project. Your research has provided a strong guidance in this field. Here are still a few details that bother us about replicating our code on a non-DARPA dataset (i.e., an APT attack simulation dataset we constructed ourselves).
We collected audit logs from windows process monitors , extracted key information (e.g., filename, ip_address and process names) and realized IOC matching. Unfortunately, we failed to deploy the stardog database locally so that we could not get the specific information of the tll format data you provided. Considering our data size is much more small than DARPA, we are curious if it is possible to complete the remaining pipeline (e.g., Query Graph Construction and Training set construction) without going through the two-step data form transformation (i.e., Postgres and Stardog). If so, which functions or python scripts should we foucs on?
Thank you again for the great help your research has provided, and we will wait for receiving your reply.
Best regards!
The text was updated successfully, but these errors were encountered: