Our stide program was traced on
a UNM computer running a modified Linux 2.0.35 kernel
which allows us to collect system call traces.
These data were used in experiments
reported in the
Alternative Data Models paper.
13,726 traces of normal data were collected (part of a job running stide
to analyze our sendmail traces). Each trace is a separate
gzipped file in the tarball available
The intrusion we ran against the stide program is a
denial-of-service attack that affects any running program requesting
memory. We re-ran the same job used to collect stide normal
data, but this time the job was interrupted by the denial-of-service
attack. There are 105 traces in the intrusion data; they are all
included in a single gzipped file.
Use the linux 4.2 mapping file for these traces.