Running Profile Generator

Profile Generator for SNORT AnomalyDetection

 

Usage: ad_profilegenerator.r [-[-help|h]] [-[-verbose|v]] [-[-log|l] <character>] [-[-profile|p] <character>] [-[-evaluator|e] <character>] [-[-pattern|P] <character>] [-[-save|s] <character>] [-[-method|m] <character>] [-[-ahead|a] <character>] [-[-deviation|d] <integer>] [-[-avg|NA] <character>] [-[-naive|NA] <character>] [-[-ar|NA] <character>] [-[-hw|NA] <character>]

    -h|--help         Show this help

    -v|--verbose      Verbose mode

    -l|--log          Log file path

    -p|--profile      Create profile file (path)

    -e|--evaluator    Create profile file for AD_Evaluator (path)

    -P|--pattern      Create pattern file (path)

    -s|--save         Save model parameters (path)

    -m|--method       Method of profile generation (see below)

    -a|--ahead        Number of future periods to predict

    -d|--deviation    Percentage deviation

      |--avg          AVG model parameters

      |--naive        NAIVE model parameters

      |--ar           AR model parameters

      |--hw           HW model parameters

 

Methods of profile generation:

 AVGMoving average (default)

 NAIVENaive method

 ARAutoregressive time series model

 HWHolt-Winters model

 

Number of future periods to predict:

 WEEKCreate profile for one week (default)

 MONTHCreate profile for four weeks

 <integer>Set number of future periods 

 

AVG model parameters:

    format: "<type>,<n>"

  where <type> in:

 LASTCompute moving average from <n> last values

 DAILYCompute moving average for <n> lat hour-of-day

 WEEKLYCompute moving average for <n> last day-of-weeks (default, n=3)

 

NAIVE model parameters:

    format: "<type>"

  where <type> in:

 LASTCompute naive model for <n> last values

 DAILYCompute naive model for <n> lat hour-of-day

 WEEKLYCompute naive model for <n> last day-of-weeks (default, n=3)

 

AR model parameters:

    format: "<periodicity>,<fit_method>"

  where <periodicity> in:

 DAILYCompute model with daily periodicity

 WEEKLYCompute model with weekly periodicity (default)

        <fit_method> in:

 YWYule-Walker's method (default)

 BURGBurg's method

 MLEMaximum Likelihood Estimation 

 OLSOrdinary Least Squares

 

HW model parameters:

 DAILYCompute model with daily periodicity

 WEEKLYCompute model with weekly periodicity (default)