Hi, I am using WEKA as a machine learning tool to process the NSL KDD dataset in order to produces rules that can distinguish the anomaly and the legitimate traffic. I need to translate the produced rules into SNORT rules. Just writing SNORT rules that can present the generated rules by WEKA. I am attaching a file that contains the WEKA rules (in red color) that were generated by using the J48 algorithm. It is not necessarily to have an interface to automate the process. Manually written SNORT rules (10 rules could be enough) is enough for me as long as they reflect the WEKA rules.
So, you should make sure that the extracted NSL KDD features can be represented in SNORT.
Thanks,
0 comments