<a href="https://colab.research.google.com/github/hananbahtiti/Hybrid-Intrusion-detection-Systems/blob/main/data_preprocessing.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

#Download Dataset

In [None]:
!wget -O NGIDS-DS.rar https://unsworks.unsw.edu.au/bitstreams/0ac2820a-5131-43ab-90b2-c624c8d73649/download

--2025-04-26 08:47:38--  https://unsworks.unsw.edu.au/bitstreams/0ac2820a-5131-43ab-90b2-c624c8d73649/download
Resolving unsworks.unsw.edu.au (unsworks.unsw.edu.au)... 54.253.215.118
Connecting to unsworks.unsw.edu.au (unsworks.unsw.edu.au)|54.253.215.118|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://unsworks.unsw.edu.au/server/api/core/bitstreams/0ac2820a-5131-43ab-90b2-c624c8d73649/content [following]
--2025-04-26 08:47:40--  https://unsworks.unsw.edu.au/server/api/core/bitstreams/0ac2820a-5131-43ab-90b2-c624c8d73649/content
Reusing existing connection to unsworks.unsw.edu.au:443.
HTTP request sent, awaiting response... 200 200
Length: unspecified [application/x-rar-compressed]
Saving to: ‘NGIDS-DS.rar’

NGIDS-DS.rar            [                <=> ] 941.51M  17.3MB/s    in 56s     

2025-04-26 08:48:36 (16.8 MB/s) - ‘NGIDS-DS.rar’ saved [987249484]



In [None]:
!unrar x /content/NGIDS-DS.rar


UNRAR 6.11 beta 1 freeware      Copyright (c) 1993-2022 Alexander Roshal


Extracting from /content/NGIDS-DS.rar

Creating    NGIDS                                                     OK
Creating    NGIDS/NGIDS-DS-v1                                         OK
Extracting  NGIDS/NGIDS-DS-v1/feature_descr.csv                            0%  OK 
Extracting  NGIDS/NGIDS-DS-v1/ground_truth.csv                             0%  OK 
Creating    NGIDS/NGIDS-DS-v1/host logs                               OK
Extracting  NGIDS/NGIDS-DS-v1/host logs/1.csv                              0%  OK 
Extracting  NGIDS/NGIDS-DS-v1/host logs/10.csv                             0%  1%  OK 
Extracting  NGIDS/NGIDS-DS-v1/host logs/11.csv                             1%  OK 
Extracting  NGIDS/NGIDS-DS-v1/host logs/12.csv                             1%  2%  OK 
Extracting  NGIDS/NGIDS-DS-v1/host logs/13.csv                             2%  OK 
Extrac

#Host data processing

In [None]:
!pip install tqdm



In [None]:
!rm -rf /content/NGIDS

In [1]:
import pandas as pd
import numpy as np
import os
import glob
import math
from tqdm import tqdm
from sklearn.preprocessing import LabelEncoder

In [20]:
class HostPreprocessing():
  def __init__(self):
    pass

  def __file_path_collection(self, folder_path, ends='.csv'):
    try:
      joined_list = []
      for file_name in os.listdir(folder_path):
        file_name = os.path.join(folder_path, file_name)
        if os.path.isfile(file_name) and file_name.endswith(ends):
          joined_list.append(file_name)
      return joined_list

    except Exception as e:
      return f"An error occurred: {e}"


  def rename_columns(self, folder_path):
    files = self.__file_path_collection(folder_path)
    try:
      for file in tqdm(files, desc="Renaming columns") :
        df = pd.read_csv(file)
        column_name = df.columns.tolist()
        df.rename(columns={
            column_name[0]:'Date',
            column_name[1]:'Time',
            column_name[2]:'Unique_Identification',
            column_name[3]:'Execution_Path',
            column_name[4]:'System_Calls_Identifiers',
            column_name[5]:"Event's_Unique_Identification",
            column_name[6]:'attacks',
            column_name[7]:"Sub_Type_Attack",
            column_name[8]:"Label"
            }, inplace=True)
        df.to_csv(file, index=False)
      return f"done files..."

    except Exception as e:
      return f"An error occurred: {e}"


  def data_encoding(self, folder_path, column_number : int):
    files = self.__file_path_collection(folder_path)
    encoder = LabelEncoder()
    all_value = []
    try:
      for file in tqdm(files, desc="Extract all values from files"):
        df = pd.read_csv(file)
        if column_number < df.shape[1]:
                all_value.extend(df.iloc[:, column_number].dropna().unique())
        else:
            print(f"❌ Skipped (no column {column_number}): {file}")

        #print( len(df.iloc[:, column_number].dropna().unique()) , file )
      encoder.fit(all_value)

      for file in tqdm(files, desc="encoder data"):
        df = pd.read_csv(file)
        df.iloc[:, column_number] = encoder.transform(df.iloc[:, column_number])
        #df.drop(columns=[df.columns[column_number]], inplace=True)
        #print(len(df.iloc[:, column_number].dropna().unique()), df.iloc[:, column_number].dropna().unique(), file )
        df.to_csv(file, index=False)
      return f"done file..."

    except Exception as e:
      return f"An error occurred: {e}"



  def paths_encoding(self, folder_path, column_number: int):
    files = self.__file_path_collection(folder_path)
    unique_parts_set = set()
    max_parts_len = 0

    try:
        # Step 1: Collect unique path parts and max length
        for file in tqdm(files, desc="Collecting unique path parts"):
            for chunk in pd.read_csv(file, chunksize=10000):
                paths = chunk.iloc[:, column_number].dropna().astype(str)
                for path in paths:
                    parts = path.strip("/").split("/")
                    unique_parts_set.update(parts)
                    if len(parts) > max_parts_len:
                        max_parts_len = len(parts)

        # Step 2: Create a dictionary to map parts to indices
        part_to_index = {part: idx for idx, part in enumerate(unique_parts_set)}

        # Step 3: Encode paths and write to new files
        for file in tqdm(files, desc="Encoding and saving data"):
            output_file = file
            first = True

            for chunk in pd.read_csv(file, chunksize=10000):
                paths = chunk.iloc[:, column_number].fillna("").astype(str)

                # Encode paths and pad
                encoded_matrix = np.full((len(paths), max_parts_len), -1, dtype=int)
                for i, path in enumerate(paths):
                    parts = path.strip("/").split("/")
                    encoded = [part_to_index.get(part, -1) for part in parts]
                    encoded_matrix[i, :len(encoded)] = encoded

                encoded_df = pd.DataFrame(encoded_matrix, index=chunk.index,
                                          columns=[f"path_part_{i+1}" for i in range(max_parts_len)])
                chunk.drop(chunk.columns[column_number], axis=1, inplace=True)

                final_df = pd.concat([chunk.reset_index(drop=True), encoded_df], axis=1)

                final_df.to_csv(file, mode='w' if first else 'a', header=first, index=False)
                first = False

        return "✅ Path encoding and file saving completed successfully."

    except Exception as e:
        return f"❌ An error occurred: {e}"





  def extract_datetime_features(self, folder_path, date_col, time_col ):
    files = self.__file_path_collection(folder_path) # Assign the output of __file_path_collection to files
    try:
      for file in tqdm(files, desc="read all files"): # Iterate through the 'files' list, not 'file_paths'
        df = pd.read_csv(file) # Read each file into a DataFrame
        if date_col in df.columns and time_col in df.columns :
          df[date_col] = pd.to_datetime(df[date_col], format='%d/%m/%Y', errors='coerce', dayfirst=True)

          df['year'] = df[date_col].dt.year
          df['month'] = df[date_col].dt.month
          df['day'] = df[date_col].dt.day

          # Assuming 'Time' column is string and needs to be converted to datetime
          df[time_col] = pd.to_datetime(df[time_col], format='%H:%M:%S', errors='coerce', dayfirst=True)

          df['hour'] = df[time_col].dt.hour
          df['minute'] = df[time_col].dt.minute
          df['second'] = df[time_col].dt.second

          df.drop(columns=[date_col, time_col], inplace=True)

          df.to_csv(file, index=False) # Save changes back to the original file
          print(f"✅ Processed: {df.head(3)}")

    except Exception as e:
        print(f"❌ Error in {file}: {e}") # Print the error and the file name



  def delete_data(self, folder_path):
    file_paths = self.__file_path_collection(folder_path, ends='_encoded.csv')
    try:
       for file in tqdm(file_paths, desc="read all files"):
          df = pd.read_csv(file)
          df = df.loc[:, df.nunique() > 1]
          df.to_csv(file, index=False)
       return f"Columns containing only one value are deleted..."
    except Exception as e:
      return f"An error occurred: {e}"



  def file_collection(self, folder_path):
    try:
      file_paths = self.__file_path_collection(folder_path)
      if file_paths:
        output_folder = os.path.join(os.getcwd(),'files')
        os.makedirs(output_folder ,exist_ok=True)
        output_file = os.path.join(output_folder,"final.csv")

        for file in tqdm(file_paths, desc="read all files"):

          first = True
          chunk = pd.read_csv(file, chunksize=10000)
          for part in chunk:
            part.to_csv(output_file, mode='a', header=first, index=False)
            first = False

      return  f"done file..."

    except Exception as e:
      return f"An error occurred: {e}"


a = HostPreprocessing()
#a.file_path_collection("/content/NGIDS/NGIDS-DS-v1/host logs")
#a.file_collection("/content/NGIDS/NGIDS-DS-v1/host logs")
#a.rename_columns( '/content/NGIDS/NGIDS-DS-v1/host logs')
#a.data_encoding('/content/NGIDS/NGIDS-DS-v1/host logs', column_number=6)
#a.data_encoding('/content/NGIDS/NGIDS-DS-v1/host logs', column_number=7)

#c=a.paths_encoding('/content/NGIDS/NGIDS-DS-v1/host logs', column_number=3)

a.extract_datetime_features(  folder_path='/content/NGIDS/NGIDS-DS-v1/host logs'
                           ,date_col='Date',
                            time_col='Time' )
#a.delete_data( folder_path='/content/NGIDS/NGIDS-DS-v1/host logs')

read all files:   1%|          | 1/99 [00:05<09:44,  5.97s/it]

✅ Processed:    Unique_Identification                      Execution_Path  \
0                   1834                /usr/bin/ibus-daemon   
1                  16516  /usr/lib/unity/unity-panel-service   
2                   2114                     /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                       86128462        7   
1                       168                       86101141        7   
2                       168                       86101227        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   15    10       8      44  
1               52      0  2016      3   15    10      10       0  
2               52      0  2016      3   15    10      10       0  


read all files:   2%|▏         | 2/99 [00:14<11:42,  7.24s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                       256   
2                   4519  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       38342331        7               52      0  2016   
1                       38342112        7               52      0  2016   
2                       38342278        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    22       3      30  
1      3   12    22       3      30  
2      3   12    22       3      30  


read all files:   3%|▎         | 3/99 [00:17<08:47,  5.50s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       102   
1                   2110  /usr/bin/compiz                       102   
2                   2110  /usr/bin/compiz                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       35616550        7               52      0  2016   
1                       35616717        7               52      0  2016   
2                       35616468        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    19      22      29  
1      3   12    19      22      29  
2      3   12    19      22      29  


read all files:   4%|▍         | 4/99 [00:23<09:06,  5.76s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       102   
1                   1081  /usr/bin/Xorg                       102   
2                   1081  /usr/bin/Xorg                       104   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       59085296        7               52      0  2016   
1                       59085476        7               52      0  2016   
2                       59085521        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    18      42      44  
1      3   13    18      42      44  
2      3   13    18      42      44  


read all files:   5%|▌         | 5/99 [00:27<08:11,  5.23s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       102   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       85791482        7               52      0  2016   
1                       85475717        7               52      0  2016   
2                       85475719        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15     9      32      29  
1      3   15     8      52      15  
2      3   15     8      52      15  


read all files:   6%|▌         | 6/99 [00:33<08:28,  5.47s/it]

✅ Processed:    Unique_Identification               Execution_Path  \
0                  11378            /usr/sbin/apache2   
1                   1520  /usr/lib/rtkit/rtkit-daemon   
2                   2110              /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                        78                       77328014        7   
1                         3                       77328006        7   
2                       102                       77327918        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   14    18       0      51  
1               52      0  2016      3   14    18       0      51  
2               52      0  2016      3   14    18       0      51  


read all files:   7%|▋         | 7/99 [00:39<08:22,  5.46s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                  11378  /usr/sbin/apache2                        78   
2                  11378  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       73368656        7               52      0  2016   
1                       73368554        7               52      0  2016   
2                       73368561        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     9      45      12  
1      3   14     9      45      12  
2      3   14     9      45      12  


read all files:   8%|▊         | 8/99 [00:46<09:08,  6.03s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       28801504        7               52      0  2016   
1                       28801506        7               52      0  2016   
2                       28801517        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    12      35       1  
1      3   12    12      35       1  
2      3   12    12      35       1  


read all files:   9%|▉         | 9/99 [00:52<09:12,  6.14s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                  11364  /usr/sbin/apache2                        78   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       99520853        7               52      0  2016   
1                       99520896        7               52      0  2016   
2                       99520929        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16    12      33      15  
1      3   16    12      33      15  
2      3   16    12      33      15  


read all files:  10%|█         | 10/99 [01:00<09:33,  6.44s/it]

✅ Processed:    Unique_Identification                         Execution_Path  \
0                   2365  /usr/lib/i386-linux-gnu/zeitgeist-fts   
1                   4493                      /usr/sbin/apache2   
2                   4493                      /usr/sbin/apache2   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       265                       13998711        7   
1                       256                       13998691        7   
2                        78                       13998498        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   11    21      53      46  
1               52      0  2016      3   11    21      53      46  
2               52      0  2016      3   11    21      53      46  


read all files:  11%|█         | 11/99 [01:06<09:12,  6.28s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       102   
1                   1081  /usr/bin/Xorg                       142   
2                   1081  /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       80266316        7               52      0  2016   
1                       80266276        7               52      0  2016   
2                       80266429        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    23      29      25  
1      3   14    23      29      25  
2      3   14    23      29      25  


read all files:  12%|█▏        | 12/99 [01:13<09:34,  6.60s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                        54   
1                   2110  /usr/bin/compiz                        54   
2                   2110  /usr/bin/compiz                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       81478023        7               52      0  2016   
1                       81478024        7               52      0  2016   
2                       81478026        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15     0      54      40  
1      3   15     0      54      40  
2      3   15     0      54      40  


read all files:  13%|█▎        | 13/99 [01:19<09:10,  6.40s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       104   
1                   1081  /usr/bin/Xorg                       142   
2                   1081  /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       48286673        7               52      0  2016   
1                       48286820        7               52      0  2016   
2                       48286496        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     7      52      52  
1      3   13     7      52      52  
2      3   13     7      52      52  


read all files:  14%|█▍        | 14/99 [01:24<08:38,  6.10s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       146   
2                   1081    /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       70928536        7               52      0  2016   
1                       70188453        7               52      0  2016   
2                       70950378        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     6      32      22  
1      3   14     5      49       3  
2      3   14     6      33      38  


read all files:  15%|█▌        | 15/99 [01:27<06:57,  4.97s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                   2110    /usr/bin/compiz                       265   
2                  11378  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       98120160        7               52      0  2016   
1                       98120163        7               52      0  2016   
2                       97838597        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16     9      41      19  
1      3   16     9      41      19  
2      3   16     9       5      41  


read all files:  16%|█▌        | 16/99 [01:33<07:17,  5.28s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   1081    /usr/bin/Xorg                       142   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       47289043        7               52      0  2016   
1                       47289044        7               52      0  2016   
2                       47281836        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     6      53      39  
1      3   13     6      53      39  
2      3   13     6      53      18  


read all files:  17%|█▋        | 17/99 [01:41<08:22,  6.13s/it]

✅ Processed:    Unique_Identification              Execution_Path  \
0                   2110             /usr/bin/compiz   
1                   2111             /usr/bin/compiz   
2                   2318  /usr/bin/zeitgeist-datahub   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       265                      100943061        7   
1                       265                      100943036        7   
2                       292                      100942995        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   16    15      30      38  
1               52      0  2016      3   16    15      30      38  
2               52      0  2016      3   16    15      30      38  


read all files:  18%|█▊        | 18/99 [01:47<08:11,  6.07s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       265   
2                   2110    /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       97295806        7               52      0  2016   
1                       97369567        7               52      0  2016   
2                       97369571        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16     8       2      12  
1      3   16     8       9      24  
2      3   16     8       9      24  


read all files:  19%|█▉        | 19/99 [01:54<08:47,  6.59s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       104   
1                   1081  /usr/bin/Xorg                       142   
2                   1081  /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       26271512        7               52      0  2016   
1                       26271666        7               52      0  2016   
2                       26271515        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    10       0       0  
1      3   12    10       0       0  
2      3   12    10       0       0  


read all files:  20%|██        | 20/99 [02:00<08:29,  6.45s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       142   
1                   1081  /usr/bin/Xorg                       102   
2                   1081  /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        6073394        7               52      0  2016   
1                        6035644        7               52      0  2016   
2                        6073265        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    12      28       0  
1      3   11    12      24       6  
2      3   11    12      28       0  


read all files:  21%|██        | 21/99 [02:08<08:57,  6.89s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   1081    /usr/bin/Xorg                       142   
2                   2110  /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       52691545        7               52      0  2016   
1                       52929878        7               52      0  2016   
2                       53029993        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    12      14      43  
1      3   13    12      28      25  
2      3   13    12      34      16  


read all files:  22%|██▏       | 22/99 [02:12<07:38,  5.96s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       104   
1                   1081  /usr/bin/Xorg                       104   
2                   1081  /usr/bin/Xorg                       142   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       58284099        7               52      0  2016   
1                       58284279        7               52      0  2016   
2                       58284121        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    17      54      28  
1      3   13    17      54      28  
2      3   13    17      54      28  


read all files:  23%|██▎       | 23/99 [02:20<08:15,  6.51s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                  11364  /usr/sbin/apache2                        78   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                      102253162        7               52      0  2016   
1                      102253207        7               52      0  2016   
2                      102253219        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16    18      15      30  
1      3   16    18      15      30  
2      3   16    18      15      30  


read all files:  24%|██▍       | 24/99 [02:26<07:56,  6.36s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                        54   
1                   2110  /usr/bin/compiz                        54   
2                   2110  /usr/bin/compiz                        91   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       10791126        7               52      0  2016   
1                       10791133        7               52      0  2016   
2                       10791130        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    18      44       8  
1      3   11    18      44       8  
2      3   11    18      44       8  


read all files:  25%|██▌       | 25/99 [02:30<06:49,  5.53s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        7982839        7               52      0  2016   
1                        8248143        7               52      0  2016   
2                        8143463        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    15      57      26  
1      3   11    16      14      22  
2      3   11    16       7      24  


read all files:  26%|██▋       | 26/99 [02:37<07:28,  6.15s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                   2110    /usr/bin/compiz                       265   
2                   4519  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        4094310        7               52      0  2016   
1                        3690347        7               52      0  2016   
2                        4113692        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11     8      21      57  
1      3   11     7      30      32  
2      3   11     8      23      56  


read all files:  27%|██▋       | 27/99 [02:43<07:20,  6.12s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4519  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                        78   
2                   4519  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       24192858        7               52      0  2016   
1                       24193011        7               52      0  2016   
2                       24193059        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     7      55      59  
1      3   12     7      55      59  
2      3   12     7      55      59  


read all files:  28%|██▊       | 28/99 [02:49<07:02,  5.94s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   1081    /usr/bin/Xorg                        54   
2                   2110  /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       13734061        7               52      0  2016   
1                       13606861        7               52      0  2016   
2                       14862030        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    21      37      44  
1      3   11    21      30      31  
2      3   11    22      44      28  


read all files:  29%|██▉       | 29/99 [02:55<06:59,  5.99s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       265   
2                   2110    /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       20257465        7               52      0  2016   
1                       21017395        7               52      0  2016   
2                       20841355        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     4       2      40  
1      3   12     4      48      34  
2      3   12     4      37      52  


read all files:  30%|███       | 30/99 [03:03<07:37,  6.64s/it]

✅ Processed:    Unique_Identification                                     Execution_Path  \
0                   2264  /usr/lib/i386-linux-gnu/unity-scope-home/unity...   
1                   2133             /usr/lib/i386-linux-gnu/gconf/gconfd-2   
2                   1885                 /usr/lib/unity/unity-panel-service   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                       75218590        7   
1                       168                       75184562        7   
2                       168                       75185917        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   14    13      31      48  
1               52      0  2016      3   14    13      31      51  
2               52      0  2016      3   14    13      32       0  


read all files:  31%|███▏      | 31/99 [03:16<09:35,  8.46s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                  11364  /usr/sbin/apache2                        78   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       89038143        7               52      0  2016   
1                       89038145        7               52      0  2016   
2                       89038293        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    14      56      45  
1      3   15    14      56      45  
2      3   15    14      56      45  


read all files:  32%|███▏      | 32/99 [03:23<08:54,  7.98s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                  11378  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       64043721        7               52      0  2016   
1                       62767356        7               52      0  2016   
2                       63134161        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    23      38       3  
1      3   13    22      22      10  
2      3   13    22      44      36  


read all files:  33%|███▎      | 33/99 [03:30<08:27,  7.69s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                  11364  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       94293064        7               52      0  2016   
1                       94625313        7               52      0  2016   
2                       94276017        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16     1      52      41  
1      3   16     2      33      30  
2      3   16     1      49      49  


read all files:  34%|███▍      | 34/99 [03:36<08:00,  7.40s/it]

✅ Processed:    Unique_Identification              Execution_Path  \
0                   2111             /usr/bin/compiz   
1                   2318  /usr/bin/zeitgeist-datahub   
2                   4493           /usr/sbin/apache2   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                        8441500        7   
1                       168                        8441325        7   
2                        78                        8440867        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   11    16      25      47  
1               52      0  2016      3   11    16      25      47  
2               52      0  2016      3   11    16      25      49  


read all files:  35%|███▌      | 35/99 [03:43<07:42,  7.23s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                  11378  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       74675981        7               52      0  2016   
1                       74675995        7               52      0  2016   
2                       74676059        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    12      29      32  
1      3   14    12      29      32  
2      3   14    12      29      32  


read all files:  36%|███▋      | 36/99 [03:50<07:32,  7.18s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4493  /usr/sbin/apache2                        78   
2                   4493  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       23240994        7               52      0  2016   
1                       23241000        7               52      0  2016   
2                       23241125        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     6      59      38  
1      3   12     6      59      38  
2      3   12     6      59      38  


read all files:  37%|███▋      | 37/99 [03:57<07:12,  6.98s/it]

✅ Processed:    Unique_Identification               Execution_Path  \
0                   2319  /usr/bin/unity-scope-loader   
1                   2319  /usr/bin/unity-scope-loader   
2                  11364            /usr/sbin/apache2   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       265                       83582900        7   
1                       292                       83582899        7   
2                       256                       83583076        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   15     5       2      35  
1               52      0  2016      3   15     5       2      35  
2               52      0  2016      3   15     5       2      36  


read all files:  38%|███▊      | 38/99 [04:04<07:19,  7.20s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   1081    /usr/bin/Xorg                       265   
1                   1081    /usr/bin/Xorg                        54   
2                   2110  /usr/bin/compiz                        91   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       34836867        7               52      0  2016   
1                       34836679        7               52      0  2016   
2                       34532642        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    18      35      39  
1      3   12    18      35      39  
2      3   12    18      17      38  


read all files:  39%|███▉      | 39/99 [04:11<06:59,  7.00s/it]

✅ Processed:    Unique_Identification               Execution_Path  \
0                   1519  /usr/lib/rtkit/rtkit-daemon   
1                   1519  /usr/lib/rtkit/rtkit-daemon   
2                   2110              /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       265                       93360621        7   
1                         4                       93360629        7   
2                       102                       93360509        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   15    23      55      48  
1               52      0  2016      3   15    23      55      48  
2               52      0  2016      3   15    23      55      48  


read all files:  40%|████      | 40/99 [04:18<06:59,  7.11s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       168   
1                   2110  /usr/bin/compiz                        78   
2                   1081    /usr/bin/Xorg                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       44685024        7               52      0  2016   
1                       44962340        7               52      0  2016   
2                       44776582        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     4      18      53  
1      3   13     4      35      45  
2      3   13     4      24      29  


read all files:  41%|████▏     | 41/99 [04:24<06:34,  6.81s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4461  /usr/sbin/apache2                       142   
1                   4461  /usr/sbin/apache2                         7   
2                   4493  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       16623125        7               52      0  2016   
1                       16622761        7               52      0  2016   
2                       16623094        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     0      28      57  
1      3   12     0      28      57  
2      3   12     0      28      57  


read all files:  42%|████▏     | 42/99 [04:30<05:58,  6.29s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       25786423        7               52      0  2016   
1                       25786428        7               52      0  2016   
2                       25786517        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     9      30      42  
1      3   12     9      30      42  
2      3   12     9      30      42  


read all files:  43%|████▎     | 43/99 [04:32<04:47,  5.13s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                       256   
1                  11378  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       93307128        7               52      0  2016   
1                       93306989        7               52      0  2016   
2                       93087484        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    23      49      10  
1      3   15    23      49      10  
2      3   15    23      21       2  


read all files:  44%|████▍     | 44/99 [04:37<04:35,  5.01s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       88600105        7               52      0  2016   
1                       88600108        7               52      0  2016   
2                       88600165        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    14       1      42  
1      3   15    14       1      42  
2      3   15    14       1      42  


read all files:  45%|████▌     | 45/99 [04:45<05:20,  5.94s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   1081    /usr/bin/Xorg                       265   
1                   1081    /usr/bin/Xorg                       265   
2                   2110  /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       69017227        7               52      0  2016   
1                       69017261        7               52      0  2016   
2                       69595978        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     4      39      38  
1      3   14     4      39      38  
2      3   14     5      13      24  


read all files:  46%|████▋     | 46/99 [04:51<05:17,  6.00s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   1081      /usr/bin/Xorg                       146   
1                   1081      /usr/bin/Xorg                       265   
2                   4519  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        7444181        7               52      0  2016   
1                        7444191        7               52      0  2016   
2                        7445673        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    15      19      28  
1      3   11    15      19      28  
2      3   11    15      19      38  


read all files:  47%|████▋     | 47/99 [04:59<05:41,  6.56s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       142   
1                   1081  /usr/bin/Xorg                       265   
2                   1081  /usr/bin/Xorg                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       12462137        7               52      0  2016   
1                       12462042        7               52      0  2016   
2                       12462044        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    20      22      56  
1      3   11    20      22      56  
2      3   11    20      22      56  


read all files:  48%|████▊     | 48/99 [05:05<05:26,  6.40s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       142   
1                   1081  /usr/bin/Xorg                       142   
2                   1081  /usr/bin/Xorg                       146   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                      100042602        7               52      0  2016   
1                      100042634        7               52      0  2016   
2                      100042560        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16    13      38       0  
1      3   16    13      38       0  
2      3   16    13      38       0  


read all files:  49%|████▉     | 49/99 [05:13<05:43,  6.88s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                        54   
1                   1081  /usr/bin/Xorg                        54   
2                   1081  /usr/bin/Xorg                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       66441267        7               52      0  2016   
1                       66441270        7               52      0  2016   
2                       66441298        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     2       6      28  
1      3   14     2       6      28  
2      3   14     2       6      28  


read all files:  51%|█████     | 50/99 [05:19<05:25,  6.65s/it]

✅ Processed:    Unique_Identification           Execution_Path  System_Calls_Identifiers  \
0                   2110          /usr/bin/compiz                       168   
1                   2110          /usr/bin/compiz                       265   
2                   2360  /usr/bin/gnome-terminal                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       76043382        7               52      0  2016   
1                       76043258        7               52      0  2016   
2                       76043288        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    15      19      54  
1      3   14    15      19      54  
2      3   14    15      19      54  


read all files:  52%|█████▏    | 51/99 [05:27<05:38,  7.05s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                       256   
1                  11364  /usr/sbin/apache2                       256   
2                  11378  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       95502749        7               52      0  2016   
1                       95502810        7               52      0  2016   
2                       95125819        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16     4      23      35  
1      3   16     4      23      35  
2      3   16     3      36       2  


read all files:  53%|█████▎    | 52/99 [05:33<05:17,  6.75s/it]

✅ Processed:    Unique_Identification                                     Execution_Path  \
0                   1951  /usr/lib/i386-linux-gnu/indicator-datetime/ind...   
1                   2114                                    /usr/bin/compiz   
2                   9000                 /usr/lib/unity/unity-panel-service   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                       50468627        7   
1                       168                       50468880        7   
2                       168                       50468656        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   13    10       2       0  
1               52      0  2016      3   13    10       2       0  
2               52      0  2016      3   13    10       2       0  


read all files:  54%|█████▎    | 53/99 [05:41<05:25,  7.07s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       102   
1                   2110  /usr/bin/compiz                       102   
2                   2110  /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       98285899        7               52      0  2016   
1                       98285995        7               52      0  2016   
2                       98286012        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16    10       0      26  
1      3   16    10       0      26  
2      3   16    10       0      26  


read all files:  55%|█████▍    | 54/99 [05:47<05:06,  6.82s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       91133532        7               52      0  2016   
1                       91133543        7               52      0  2016   
2                       91133615        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    19      18      41  
1      3   15    19      18      41  
2      3   15    19      18      41  


read all files:  56%|█████▌    | 55/99 [05:55<05:14,  7.14s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       102   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        1532507        7               52      0  2016   
1                        1349760        7               52      0  2016   
2                        1451411        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11     4      16      11  
1      3   11     4       4      53  
2      3   11     4      10      49  


read all files:  57%|█████▋    | 56/99 [06:01<04:52,  6.80s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                       256   
2                   4519  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       27452119        7               52      0  2016   
1                       27452095        7               52      0  2016   
2                       27452130        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    11      14      39  
1      3   12    11      14      39  
2      3   12    11      14      39  


read all files:  58%|█████▊    | 57/99 [06:09<05:00,  7.15s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                   1081      /usr/bin/Xorg                       265   
2                   2110    /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       60283016        7               52      0  2016   
1                       59773491        7               52      0  2016   
2                       60133037        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    19      53      52  
1      3   13    19      23      10  
2      3   13    19      45      28  


read all files:  59%|█████▊    | 58/99 [06:15<04:41,  6.87s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       265   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       90066970        7               52      0  2016   
1                       90066628        7               52      0  2016   
2                       90066972        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    17       5      47  
1      3   15    17       5      46  
2      3   15    17       5      47  


read all files:  60%|█████▉    | 59/99 [06:23<04:47,  7.19s/it]

✅ Processed:    Unique_Identification           Execution_Path  System_Calls_Identifiers  \
0                   2360  /usr/bin/gnome-terminal                       265   
1                   4461        /usr/sbin/apache2                         7   
2                  11364        /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       64376342        7               52      0  2016   
1                       64376622        7               52      0  2016   
2                       64376732        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    23      58      56  
1      3   13    23      58      56  
2      3   13    23      58      57  


read all files:  61%|██████    | 60/99 [06:29<04:29,  6.90s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                       256   
1                  11364  /usr/sbin/apache2                        78   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       91891402        7               52      0  2016   
1                       91891437        7               52      0  2016   
2                       91891474        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    20      54      26  
1      3   15    20      54      26  
2      3   15    20      54      26  


read all files:  62%|██████▏   | 61/99 [06:37<04:33,  7.20s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                   4519  /usr/sbin/apache2                        78   
2                   1081      /usr/bin/Xorg                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       37429856        7               52      0  2016   
1                       37213795        7               52      0  2016   
2                       37129990        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    21       9      13  
1      3   12    20      56      39  
2      3   12    20      51      25  


read all files:  63%|██████▎   | 62/99 [06:43<04:14,  6.87s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       102   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       67489621        7               52      0  2016   
1                       67489463        7               52      0  2016   
2                       67489559        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     3       8      22  
1      3   14     3       8      22  
2      3   14     3       8      22  


read all files:  64%|██████▎   | 63/99 [06:51<04:20,  7.22s/it]

✅ Processed:    Unique_Identification             Execution_Path  System_Calls_Identifiers  \
0                   2294  /usr/bin/zeitgeist-daemon                       168   
1                  11364          /usr/sbin/apache2                       256   
2                  11364          /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       78494420        7               52      0  2016   
1                       78467232        7               52      0  2016   
2                       78467334        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    20      21      24  
1      3   14    20      23      22  
2      3   14    20      23      22  


read all files:  65%|██████▍   | 64/99 [06:55<03:34,  6.12s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       102   
1                   2110    /usr/bin/compiz                       102   
2                  11378  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       49944722        7               52      0  2016   
1                       49944775        7               52      0  2016   
2                       49906421        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     9      31      42  
1      3   13     9      31      42  
2      3   13     9      28      44  


read all files:  66%|██████▌   | 65/99 [06:58<03:01,  5.35s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       51861480        7               52      0  2016   
1                       51861567        7               52      0  2016   
2                       51861574        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    11      25      26  
1      3   13    11      25      26  
2      3   13    11      25      26  


read all files:  67%|██████▋   | 66/99 [07:06<03:21,  6.12s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                       256   
2                   4519  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       17855652        7               52      0  2016   
1                       17855410        7               52      0  2016   
2                       17855468        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     1      40      46  
1      3   12     1      40      46  
2      3   12     1      40      46  


read all files:  68%|██████▊   | 67/99 [07:12<03:15,  6.10s/it]

✅ Processed:    Unique_Identification               Execution_Path  \
0                   1804             /bin/dbus-daemon   
1                   1832    /sbin/upstart-dbus-bridge   
2                   1519  /usr/lib/rtkit/rtkit-daemon   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       256                       29082731        7   
1                       142                       29246138        7   
2                       168                       29081803        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   12    12      51       0  
1               52      0  2016      3   12    12      51       8  
2               52      0  2016      3   12    12      51      49  


read all files:  69%|██████▊   | 68/99 [07:20<03:24,  6.61s/it]

✅ Processed:    Unique_Identification            Execution_Path  System_Calls_Identifiers  \
0                   9127  /usr/lib/udisks2/udisksd                        85   
1                   9127  /usr/lib/udisks2/udisksd                        85   
2                   9127  /usr/lib/udisks2/udisksd                        91   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       30527222        7               52      0  2016   
1                       30527225        7               52      0  2016   
2                       30527182        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    14      21       8  
1      3   12    14      21       8  
2      3   12    14      21       8  


read all files:  70%|██████▉   | 69/99 [07:26<03:13,  6.45s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   1081      /usr/bin/Xorg                       265   
1                  11364  /usr/sbin/apache2                        78   
2                   1081      /usr/bin/Xorg                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       62208071        7               52      0  2016   
1                       61711142        7               52      0  2016   
2                       62208081        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    21      49      11  
1      3   13    21      19      10  
2      3   13    21      49      11  


read all files:  71%|███████   | 70/99 [07:34<03:18,  6.86s/it]

✅ Processed:    Unique_Identification                                     Execution_Path  \
0                   2144                           /usr/lib/udisks2/udisksd   
1                   1853  /usr/lib/unity-settings-daemon/unity-settings-...   
2                   2111                                    /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                       15478233        7   
1                       168                       15361572        7   
2                       168                       15354595        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   11    23      11       7  
1               52      0  2016      3   11    23      13      52  
2               52      0  2016      3   11    23      13      58  


read all files:  72%|███████▏  | 71/99 [07:40<03:05,  6.62s/it]

✅ Processed:    Unique_Identification                             Execution_Path  \
0                   2139  /usr/lib/gvfs/gvfs-udisks2-volume-monitor   
1                   1081                              /usr/bin/Xorg   
2                   2144                   /usr/lib/udisks2/udisksd   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       168                       57559776        7   
1                       102                       57532982        7   
2                       168                       57559509        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   13    17       1      12  
1               52      0  2016      3   13    17       9      55  
2               52      0  2016      3   13    17       1      12  


read all files:  73%|███████▎  | 72/99 [07:48<03:09,  7.02s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                       256   
1                  11378  /usr/sbin/apache2                        78   
2                  11378  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       71878785        7               52      0  2016   
1                       71878643        7               52      0  2016   
2                       71878780        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     7      29       3  
1      3   14     7      29       3  
2      3   14     7      29       3  


read all files:  74%|███████▎  | 73/99 [07:54<02:54,  6.71s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4493  /usr/sbin/apache2                        78   
2                   1081      /usr/bin/Xorg                       104   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       19109536        7               52      0  2016   
1                       19109538        7               52      0  2016   
2                       19109814        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12     2      54      59  
1      3   12     2      54      59  
2      3   12     2      55       0  


read all files:  75%|███████▍  | 74/99 [08:02<02:57,  7.08s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11378  /usr/sbin/apache2                        78   
1                   1081      /usr/bin/Xorg                       142   
2                   1081      /usr/bin/Xorg                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       73482491        7               52      0  2016   
1                       73483805        7               52      0  2016   
2                       73483026        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    10       0      19  
1      3   14    10       0      23  
2      3   14    10       0      23  


read all files:  76%|███████▌  | 75/99 [08:08<02:42,  6.77s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                   2121  /usr/bin/nautilus                       102   
2                   2121  /usr/bin/nautilus                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       79439552        7               52      0  2016   
1                       79439463        7               52      0  2016   
2                       79439456        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    22      25      28  
1      3   14    22      25      28  
2      3   14    22      25      28  


read all files:  77%|███████▋  | 76/99 [08:16<02:43,  7.10s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       102   
1                   2110  /usr/bin/compiz                       168   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       65245086        7               52      0  2016   
1                       65245246        7               52      0  2016   
2                       65245024        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14     0      56      12  
1      3   14     0      56      12  
2      3   14     0      56      12  


read all files:  78%|███████▊  | 77/99 [08:22<02:29,  6.79s/it]

✅ Processed:    Unique_Identification Execution_Path  System_Calls_Identifiers  \
0                   1081  /usr/bin/Xorg                       102   
1                   1081  /usr/bin/Xorg                       104   
2                   1081  /usr/bin/Xorg                       104   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        4884112        7               52      0  2016   
1                        4883722        7               52      0  2016   
2                        4883900        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    10       0      32  
1      3   11    10       0      32  
2      3   11    10       0      32  


read all files:  79%|███████▉  | 78/99 [08:30<02:29,  7.10s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        9606449        7               52      0  2016   
1                        9606498        7               52      0  2016   
2                        9606512        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11    17      34      24  
1      3   11    17      34      24  
2      3   11    17      34      24  


read all files:  80%|███████▉  | 79/99 [08:38<02:26,  7.34s/it]

✅ Processed:    Unique_Identification                      Execution_Path  \
0                   1872  /usr/lib/unity/unity-panel-service   
1                   1872  /usr/lib/unity/unity-panel-service   
2                   2110                     /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                         5                       45985968        7   
1                         6                       45985971        7   
2                       102                       45985726        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   13     5      37       1  
1               52      0  2016      3   13     5      37       1  
2               52      0  2016      3   13     5      37       1  


read all files:  81%|████████  | 80/99 [08:45<02:21,  7.45s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   1081    /usr/bin/Xorg                       102   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       51878817        7               52      0  2016   
1                       51968320        7               52      0  2016   
2                       51729340        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    11      26      15  
1      3   13    11      31      42  
2      3   13    11      17      28  


read all files:  82%|████████▏ | 81/99 [08:49<01:50,  6.13s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4493  /usr/sbin/apache2                        78   
1                   4493  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                       168   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       21466752        7               52      0  2016   
1                       21821504        7               52      0  2016   
2                       21988590        0               24      1  2016   

   month  day  hour  minute  second  
0      3   12     5      14      37  
1      3   12     5      35      21  
2      3   12     5      45      36  


read all files:  83%|████████▎ | 82/99 [08:56<01:53,  6.67s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   1081      /usr/bin/Xorg                       102   
1                  11378  /usr/sbin/apache2                       256   
2                   1081      /usr/bin/Xorg                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       55713105        7               52      0  2016   
1                       54750040        7               52      0  2016   
2                       54154666        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    15      20      44  
1      3   13    14      23      30  
2      3   13    13      47      29  


read all files:  84%|████████▍ | 83/99 [09:03<01:43,  6.49s/it]

✅ Processed:    Unique_Identification                      Execution_Path  \
0                   1872  /usr/lib/unity/unity-panel-service   
1                   2110                     /usr/bin/compiz   
2                   2110                     /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                        91                       84538880        7   
1                       102                       84538778        7   
2                       102                       84538844        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   15     7       3       1  
1               52      0  2016      3   15     7       3       1  
2               52      0  2016      3   15     7       3       1  


read all files:  85%|████████▍ | 84/99 [09:10<01:43,  6.89s/it]

✅ Processed:    Unique_Identification               Execution_Path  \
0                   1081                /usr/bin/Xorg   
1                   1520  /usr/lib/rtkit/rtkit-daemon   
2                   2110              /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                        54                       32434693        7   
1                       265                       32434576        7   
2                       102                       32434378        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   12    16      13      27  
1               52      0  2016      3   12    16      13      27  
2               52      0  2016      3   12    16      13      27  


read all files:  86%|████████▌ | 85/99 [09:12<01:15,  5.40s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                  11364  /usr/sbin/apache2                       256   
1                  11378  /usr/sbin/apache2                        78   
2                  11364  /usr/sbin/apache2                       256   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       78407495        7               52      0  2016   
1                       77888593        7               52      0  2016   
2                       78165943        7               52      0  2016   

   month  day  hour  minute  second  
0      3   14    20      16       7  
1      3   14    19      10      40  
2      3   14    19      45      52  


read all files:  87%|████████▋ | 86/99 [09:18<01:12,  5.58s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4519  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                        78   
2                   4519  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       41664164        7               52      0  2016   
1                       41664165        7               52      0  2016   
2                       41664205        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     1      19      12  
1      3   13     1      19      12  
2      3   13     1      19      12  


read all files:  88%|████████▊ | 87/99 [09:19<00:49,  4.17s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4519  /usr/sbin/apache2                        78   
1                   4519  /usr/sbin/apache2                        78   
2                   4519  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        3528225        7               52      0  2016   
1                        3528229        7               52      0  2016   
2                        3528261        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11     7      10      56  
1      3   11     7      10      56  
2      3   11     7      10      56  


read all files:  89%|████████▉ | 88/99 [09:27<00:57,  5.24s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   4519  /usr/sbin/apache2                        78   
1                   2110    /usr/bin/compiz                       265   
2                   2110    /usr/bin/compiz                       102   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                        2877607        7               52      0  2016   
1                        2799449        7               52      0  2016   
2                        2906064        7               52      0  2016   

   month  day  hour  minute  second  
0      3   11     5      49      52  
1      3   11     5      40      49  
2      3   11     5      53      55  


read all files:  90%|████████▉ | 89/99 [09:33<00:55,  5.52s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       168   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       55277144        7               52      0  2016   
1                       56078168        7               52      0  2016   
2                       55277145        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    14      54      59  
1      3   13    15      43      12  
2      3   13    14      54      59  


read all files:  91%|█████████ | 90/99 [09:41<00:55,  6.22s/it]

✅ Processed:    Unique_Identification                      Execution_Path  \
0                   1830           /sbin/upstart-dbus-bridge   
1                   9000  /usr/lib/unity/unity-panel-service   
2                   2110                     /usr/bin/compiz   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       142                       35925908        7   
1                       168                       35925898        7   
2                       102                       35911365        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   12    19      40       0  
1               52      0  2016      3   12    19      40       0  
2               52      0  2016      3   12    19      40      17  


read all files:  92%|█████████▏| 91/99 [09:47<00:49,  6.19s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       168   
1                   2110  /usr/bin/compiz                       168   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       39670117        7               52      0  2016   
1                       39670274        7               52      0  2016   
2                       39670014        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    23      21      17  
1      3   12    23      21      17  
2      3   12    23      21      17  


read all files:  93%|█████████▎| 92/99 [09:55<00:46,  6.70s/it]

✅ Processed:    Unique_Identification                      Execution_Path  \
0                   2114                     /usr/bin/compiz   
1                   2110                     /usr/bin/compiz   
2                   1872  /usr/lib/unity/unity-panel-service   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                         4                       86015801        7   
1                         3                       86015852        7   
2                       168                       86016682        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   15    10       0       0  
1               52      0  2016      3   15    10       0       0  
2               52      0  2016      3   15    10       0       1  


read all files:  94%|█████████▍| 93/99 [10:01<00:39,  6.52s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       102   
1                   2110  /usr/bin/compiz                       265   
2                  12038  /usr/bin/compiz                         6   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       53358394        7               52      0  2016   
1                       54337827        7               52      0  2016   
2                       53038014        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13    12      59       6  
1      3   13    13      58      53  
2      3   13    12      34      34  


read all files:  95%|█████████▍| 94/99 [10:09<00:34,  6.96s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                       265   
1                   2110  /usr/bin/compiz                       265   
2                   2110  /usr/bin/compiz                       265   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       31106169        7               52      0  2016   
1                       31106172        7               52      0  2016   
2                       31106210        7               52      0  2016   

   month  day  hour  minute  second  
0      3   12    14      56       6  
1      3   12    14      56       6  
2      3   12    14      56       6  


read all files:  96%|█████████▌| 95/99 [10:11<00:21,  5.46s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                         3   
1                  11364  /usr/sbin/apache2                       256   
2                  11364  /usr/sbin/apache2                        78   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       96271783        7               52      0  2016   
1                       96271958        7               52      0  2016   
2                       96181288        7               52      0  2016   

   month  day  hour  minute  second  
0      3   16     5      59      20  
1      3   16     5      59      21  
2      3   16     5      48      58  


read all files:  97%|█████████▋| 96/99 [10:18<00:17,  5.80s/it]

✅ Processed:    Unique_Identification   Execution_Path  System_Calls_Identifiers  \
0                   2110  /usr/bin/compiz                        54   
1                   2110  /usr/bin/compiz                        54   
2                   2110  /usr/bin/compiz                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       41268430        7               52      0  2016   
1                       41268431        7               52      0  2016   
2                       41268433        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     0      56      42  
1      3   13     0      56      42  
2      3   13     0      56      42  


read all files:  98%|█████████▊| 97/99 [10:21<00:10,  5.19s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2111    /usr/bin/compiz                       265   
1                   4519  /usr/sbin/apache2                        78   
2                   1081      /usr/bin/Xorg                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       43704600        7               52      0  2016   
1                       43740996        7               52      0  2016   
2                       43142317        7               52      0  2016   

   month  day  hour  minute  second  
0      3   13     3      21       7  
1      3   13     3      22      53  
2      3   13     2      48       6  


read all files:  99%|█████████▉| 98/99 [10:27<00:05,  5.48s/it]

✅ Processed:    Unique_Identification     Execution_Path  System_Calls_Identifiers  \
0                   2110    /usr/bin/compiz                       265   
1                  11364  /usr/sbin/apache2                        78   
2                   2110    /usr/bin/compiz                        54   

   Event's_Unique_Identification  attacks  Sub_Type_Attack  Label  year  \
0                       87003500        7               52      0  2016   
1                       87437695        7               52      0  2016   
2                       87003179        7               52      0  2016   

   month  day  hour  minute  second  
0      3   15    11      45      42  
1      3   15    12      10      56  
2      3   15    11      45      42  


read all files: 100%|██████████| 99/99 [10:35<00:00,  6.42s/it]

✅ Processed:    Unique_Identification                          Execution_Path  \
0                   1804                        /bin/dbus-daemon   
1                   2133  /usr/lib/i386-linux-gnu/gconf/gconfd-2   
2                   4528                      /usr/bin/python3.4   

   System_Calls_Identifiers  Event's_Unique_Identification  attacks  \
0                       256                          45352        7   
1                       168                          45372        7   
2                         3                          39459        7   

   Sub_Type_Attack  Label  year  month  day  hour  minute  second  
0               52      0  2016      3   11     2      45       6  
1               52      0  2016      3   11     2      45       6  
2               52      0  2016      3   11     2      45      35  





In [21]:

file = '/content/NGIDS/NGIDS-DS-v1/host logs/1.csv'

df = pd.read_csv(file)

df.info()
df.head(3)

<class 'pandas.core.frame.DataFrame'>
RangeIndex: 1000000 entries, 0 to 999999
Data columns (total 13 columns):
 #   Column                         Non-Null Count    Dtype 
---  ------                         --------------    ----- 
 0   Unique_Identification          1000000 non-null  int64 
 1   Execution_Path                 1000000 non-null  object
 2   System_Calls_Identifiers       1000000 non-null  int64 
 3   Event's_Unique_Identification  1000000 non-null  int64 
 4   attacks                        1000000 non-null  int64 
 5   Sub_Type_Attack                1000000 non-null  int64 
 6   Label                          1000000 non-null  int64 
 7   year                           1000000 non-null  int64 
 8   month                          1000000 non-null  int64 
 9   day                            1000000 non-null  int64 
 10  hour                           1000000 non-null  int64 
 11  minute                         1000000 non-null  int64 
 12  second                       

Unnamed: 0,Unique_Identification,Execution_Path,System_Calls_Identifiers,Event's_Unique_Identification,attacks,Sub_Type_Attack,Label,year,month,day,hour,minute,second
0,1804,/bin/dbus-daemon,256,45352,7,52,0,2016,3,11,2,45,6
1,2133,/usr/lib/i386-linux-gnu/gconf/gconfd-2,168,45372,7,52,0,2016,3,11,2,45,6
2,4528,/usr/bin/python3.4,3,39459,7,52,0,2016,3,11,2,45,35


In [19]:
!cp -r "/content/drive/MyDrive/hybrid_IDS/dataset/host logs" /content/NGIDS/NGIDS-DS-v1/

In [18]:
!rm -rf "/content/NGIDS/NGIDS-DS-v1/host logs"

In [None]:

import pandas as pd
import seaborn as sns
import matplotlib.pyplot as plt

file = '/content/NGIDS/NGIDS-DS-v1/host logs/61.csv'


# 1. تحميل البيانات
df = pd.read_csv(file)  # ← غيّر اسم الملف

# 2. اختيار الأعمدة الرقمية فقط
numeric_df = df.select_dtypes(include=['number'])

# 3. التأكد من وجود العمود الهدف
target_col = 'Label'
if target_col not in numeric_df.columns:
    raise ValueError(f"العمود '{target_col}' غير موجود في البيانات!")

# 4. حساب الارتباط مع العمود الهدف فقط
correlation_with_target = numeric_df.corr()[target_col].drop(target_col).sort_values(ascending=False)

# 5. عرض النتائج بالرسم
plt.figure(figsize=(10, 6))
sns.barplot(x=correlation_with_target.values, y=correlation_with_target.index, palette='coolwarm')
plt.title(f'Correlation with "{target_col}"')
plt.xlabel('Correlation Coefficient')
plt.ylabel('Feature')
plt.tight_layout()
plt.show()

ValueError: العمود 'Label' غير موجود في البيانات!

In [None]:
correlation_with_target = numeric_df.corr()[target_col].drop(target_col).sort_values(ascending=False)
correlation_with_target

Unnamed: 0,Label
path_part_4,0.259518
path_part_5,0.128456
path_part_2,0.122674
hour,0.010651
path_part_1,0.00884
Event's_Unique_Identification,0.005089
Unique_Identification,0.002967
second,0.001407
System_Calls_Identifiers,-0.001347
minute,-0.011156


In [None]:
import pandas as pd


file = '/content/NGIDS/NGIDS-DS-v1/host logs/21.csv'
# Load the data
data = pd.read_csv(file)
data.info()

<class 'pandas.core.frame.DataFrame'>
RangeIndex: 521304 entries, 0 to 521303
Data columns (total 9 columns):
 #   Column                         Non-Null Count   Dtype 
---  ------                         --------------   ----- 
 0   Date                           521304 non-null  object
 1   Time                           521304 non-null  object
 2   Unique_Identification          521304 non-null  int64 
 3   Execution_Path                 521304 non-null  object
 4   System_Calls_Identifiers       521304 non-null  int64 
 5   Event's_Unique_Identification  521304 non-null  int64 
 6   attacks                        521304 non-null  object
 7   Sub_Type_Attack                521304 non-null  object
 8   Label                          521304 non-null  int64 
dtypes: int64(4), object(5)
memory usage: 35.8+ MB


In [None]:
df['year'].value_counts()

Unnamed: 0_level_0,count
year,Unnamed: 1_level_1
2016.0,1000000


In [None]:
file = '/content/NGIDS/NGIDS-DS-v1/host logs/10_encoded.csv'
df = pd.read_csv(file)
df.info()
df.head()

<class 'pandas.core.frame.DataFrame'>
RangeIndex: 1990000 entries, 0 to 1989999
Data columns (total 17 columns):
 #   Column                         Dtype  
---  ------                         -----  
 0   Unique_Identification          float64
 1   System_Calls_Identifiers       float64
 2   Event's_Unique_Identification  float64
 3   attacks                        float64
 4   Sub_Type_Attack                float64
 5   Label                          float64
 6   path_part_1                    float64
 7   path_part_2                    float64
 8   path_part_3                    float64
 9   path_part_4                    float64
 10  path_part_5                    float64
 11  year                           float64
 12  month                          float64
 13  day                            float64
 14  hour                           float64
 15  minute                         float64
 16  second                         float64
dtypes: float64(17)
memory usage: 258.1 MB


Unnamed: 0,Unique_Identification,System_Calls_Identifiers,Event's_Unique_Identification,attacks,Sub_Type_Attack,Label,path_part_1,path_part_2,path_part_3,path_part_4,path_part_5,year,month,day,hour,minute,second
0,2111.0,168.0,8441500.0,7.0,52.0,0.0,102.0,87.0,76.0,-1.0,-1.0,2016.0,3.0,11.0,16.0,25.0,47.0
1,2318.0,168.0,8441325.0,7.0,52.0,0.0,102.0,87.0,49.0,-1.0,-1.0,2016.0,3.0,11.0,16.0,25.0,47.0
2,4493.0,78.0,8440867.0,7.0,52.0,0.0,102.0,104.0,60.0,-1.0,-1.0,2016.0,3.0,11.0,16.0,25.0,49.0
3,4493.0,78.0,8440875.0,7.0,52.0,0.0,102.0,104.0,60.0,-1.0,-1.0,2016.0,3.0,11.0,16.0,25.0,49.0
4,4519.0,78.0,8440865.0,7.0,52.0,0.0,102.0,104.0,60.0,-1.0,-1.0,2016.0,3.0,11.0,16.0,25.0,49.0


In [None]:
df = pd.read_csv('/content/NGIDS/NGIDS-DS-v1/host logs/21_encoded.csv')
df['Time'].value_counts() # Changed 'vaule_counts()' to 'value_counts()'

Unnamed: 0_level_0,count
Time,Unnamed: 1_level_1
6:00:00,748
5:46:00,622
5:57:00,585
5:48:00,551
5:52:00,541
...,...
4:42:00,1
4:24:15,1
4:24:00,1
5:31:07,1


#network




In [None]:
pip install scapy

Collecting scapy
  Downloading scapy-2.6.1-py3-none-any.whl.metadata (5.6 kB)
Downloading scapy-2.6.1-py3-none-any.whl (2.4 MB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m2.4/2.4 MB[0m [31m14.3 MB/s[0m eta [36m0:00:00[0m
[?25hInstalling collected packages: scapy
Successfully installed scapy-2.6.1


In [None]:
import csv
import json
import os
import re
from tqdm import tqdm
from scapy.all import PcapReader

In [None]:
class NetworkPreprocessing:
  def __init__(self):
    pass


  def extract_tcp_option(self, option, key):
    for opt in option:
      if opt[0] == key:
        return opt[1]
    return None


  def delete_data(self, file_path):
    df = pd.read_csv(file_path)
    df = df.loc[:, df.nunique() > 1]
    df.to_csv(file_path, index=False)
    return f"Columns containing only one value are deleted..."

  def convert_pcap_csv(self, pcap_file, csv_file):
    try:
      print("Countig packages...")
      with PcapReader(pcap_file) as count_reader:
        total_packets = sum(1 for _ in count_reader)
        print(f"Total number of packages: {total_packets}")

      print("Start converting to csv file...")
      with PcapReader(pcap_file) as packets:
        with open(csv_file, mode='w', newline="") as file:
          writer = csv.writer(file)
          writer.writerow([
              "Packet Number", "Ethernet DST", "Ethernet SRC", "Ethernet Type",
              "IP Version", "IP IHL", "IP TOS", "IP Length", "IP ID", "IP Flags",
              "IP Fragmentation", "IP TTL", "IP Proto", "IP Checksum",
              "IP Src", "IP Dst", "TCP Src Port", "TCP Dst Port", "TCP Seq",
              "TCP Ack", "TCP Data Offset", "TCP Reserved", "TCP Flags",
              "TCP Window", "TCP Checksum", "TCP Urgent Pointer", "TCP Options MSS",
              "TCP Options WScale", "TCP Options NOP","Hexdump"
          ])

          for i, packet in enumerate(tqdm(packets,total=total_packets, desc="Packet processing")):
            if packet.haslayer('Ethernet'):
              eth_dst = packet['Ethernet'].dst
              eth_src = packet['Ethernet'].src
              eth_type = packet['Ethernet'].type
            else:
              eth_dst = eth_src = eth_type = None

            if packet.haslayer('IP'):
              ip_version = packet['IP'].version
              ip_ihl = packet['IP'].ihl
              ip_tos = packet['IP'].tos
              ip_len = packet['IP'].len
              ip_id = packet['IP'].id
              ip_flags = packet['IP'].flags
              ip_frag = packet['IP'].frag
              ip_ttl = packet['IP'].ttl
              ip_proto = packet['IP'].proto
              ip_chksum = packet['IP'].chksum
              ip_src = packet['IP'].src
              ip_dst = packet['IP'].dst
            else:
              ip_version = ip_ihl = ip_tos = ip_len = ip_id = ip_flags = ip_frag = ip_ttl = ip_proto = ip_chksum = ip_src = ip_dst = None

            if packet.haslayer('TCP'):
              tcp_sport = packet['TCP'].sport
              tcp_dport = packet['TCP'].dport
              tcp_seq = packet['TCP'].seq
              tcp_ack = packet['TCP'].ack
              tcp_dataofs = packet['TCP'].dataofs
              tcp_reserved = packet['TCP'].reserved
              tcp_flags = packet['TCP'].flags
              tcp_window = packet['TCP'].window
              tcp_chksum = packet['TCP'].chksum
              tcp_urgptr = packet['TCP'].urgptr
              tcp_options = packet['TCP'].options

              tcp_mss = self.extract_tcp_option(tcp_options, 'MSS')
              tcp_wscale = self.extract_tcp_option(tcp_options, 'WScale')
              tcp_nop_count = self.extract_tcp_option(tcp_options, 'NOP')

            else:
              tcp_sport = tcp_dport = tcp_seq = tcp_ack = tcp_dataofs = tcp_reserved = tcp_flags = tcp_window = tcp_chksum = tcp_urgptr = tcp_mss = tcp_wscale = tcp_nop_count = None

            raw_data = packet.original.hex()
            writer.writerow([
                i + 1, eth_dst, eth_src, eth_type,
                  ip_version, ip_ihl, ip_tos, ip_len, ip_id, ip_flags,
                  ip_frag, ip_ttl, ip_proto, ip_chksum,
                  ip_src, ip_dst, tcp_sport, tcp_dport, tcp_seq,
                  tcp_ack, tcp_dataofs, tcp_reserved, tcp_flags,
                  tcp_window, tcp_chksum, tcp_urgptr, tcp_mss, tcp_wscale, tcp_nop_count,
                  raw_data
            ])

      return f"The file has been converted to csv successfully."
    except Exception as e:
      return f"An error occurred: {e}"

a = NetworkPreprocessing()
#a.convert_pcap_csv(pcap_file='/content/NGIDS/NGIDS-DS-v1/NGIDS.pcap',
#                   csv_file='/content/drive/MyDrive/hybrid_IDS/network.csv')
#a.delete_data(file_path='/content/drive/MyDrive/hybrid_IDS/network.csv')

'Columns containing only one value are deleted...'

In [None]:
class PcapFileProcessing:
  def __init__(self) -> None:
    pass



  def delete_data(self, file_path):
    df = pd.read_csv(file_path)
    df = df.loc[:, df.nunique() > 1]
    df.to_csv(file_path, index=False)
    return f"Columns containing only one value are deleted..."


  def date_time_columns(self, file_path, csv_file):
    try:
        df = pd.read_csv(file_path, dtype=str)
        df.columns = df.columns.str.strip()
        if 'timestamp' not in df.columns:
            return "Error: The 'timestamp' column is missing from the file."

        df['timestamp'] = df['timestamp'].astype(str).str.strip()

        df['timestamp'] = pd.to_datetime(df['timestamp'], errors='coerce', dayfirst=True)

        if df['timestamp'].isnull().all():
            return "All values in 'timestamp' are invalid and could not be converted."

        # Extract date and time
        df['date'] = df['timestamp'].dt.strftime('%d/%m/%Y')
        df['time'] = df['timestamp'].dt.strftime('%H:%M:%S')

        # Save the result
        df.to_csv(csv_file, index=False)

        return "Successfully converted 'timestamp' to 'date' and 'time'."

    except Exception as e:
        return f"An error occurred during conversion: {e}"





  def convert_log_csv(self, log_file, csv_file):
    try:
      print("Start converting to csv file...")
      with open(log_file, "r") as logfile:
        log_data = logfile.read()
      pattern = re.compile(
          r'(?P<timestamp>\d{2}/\d{2}/\d{4}-\d{2}:\d{2}:\d{2}\.\d+)\s+\[\*\*\]\s+\[(?P<sid>[^]]+)\]\s+(?P<signature>.*?)\s+\[\*\*\]\s+\[Classification:\s+(?P<classification>.*?)\]\s+\[Priority:\s+(?P<priority>\d+)\]\s+\{(?P<protocol>\w+)\}\s+(?P<src_ip>\d+\.\d+\.\d+\.\d+):(?P<src_port>\d+)\s+->\s+(?P<dst_ip>\d+\.\d+\.\d+\.\d+):(?P<dst_port>\d+)'
          )
      with open(csv_file, "w", newline="") as csvfile:
        fieldnames = ['timestamp', 'sid', 'signature', 'classification',
                      'priority', 'protocol','src_ip', 'src_port', 'dst_ip', 'dst_port']
        writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
        writer.writeheader()

        for match in pattern.finditer(log_data):
          writer.writerow(match.groupdict())

      return f"The file has been converted to csv successfully."

    except Exception as e:
      return f"An error occurred: {e}"


  def convert_json_csv(self, json_file, csv_file):
    try:
      print("Start converting JSON to CSV...")
      with open(json_file, 'r') as f:
        data = [json.loads(line) for line in f if line.strip()]

      fieldnames = set()
      for row in data:
          fieldnames.update(row.keys())

      fieldnames = list(fieldnames)

      with open(csv_file, 'w', newline='') as csvfile:
        writer = csv.writer(csvfile)
        writer.writerow(fieldnames)

        for row in data:
          writer.writerow(row.get(field, '') for field in fieldnames)

      return f"The file has been converted to csv successfully."

    except Exception as e:
      return f"An error occurred: {e}"



a = PcapFileProcessing()
#a.convert_log_csv( log_file="/content/drive/MyDrive/hybrid_IDS/fast.log",
#                  csv_file="/content/drive/MyDrive/hybrid_IDS/alerts.csv")

#a.convert_json_csv(json_file='/content/drive/MyDrive/hybrid_IDS/eve.json',
#                   csv_file='/content/drive/MyDrive/hybrid_IDS/eve.csv')

#a.delete_data( file_path='/content/drive/MyDrive/hybrid_IDS/eve.csv')
a.date_time_columns(file_path='/content/drive/MyDrive/hybrid_IDS/eve.csv',
                    csv_file='/content/drive/MyDrive/hybrid_IDS/dataset/eve.csv')

'تم تحويل timestamp بنجاح إلى date و time.'