A Comparative Evaluation of Zero-Shot and Few-Shot Prompting
收藏Zenodo2026-03-18 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.19093534
下载链接
链接失效反馈官方服务:
资源简介:
## Description
This repository contains the processed dataset and evaluation code used in the study on Large Language Model (LLM)-based network traffic anomaly detection.
The original network traffic data used in this study were obtained from a publicly available dataset hosted on Kaggle (Network Intrusion Detection Dataset). The dataset was not originally created by the authors. Instead, it was used as a base for further preprocessing and transformation.
Within the scope of this study, the original dataset was:- cleaned and filtered- transformed into structured subsets- converted from tabular format into textual representations (traffic-to-text)- prepared as LLM-compatible prompt inputs
The repository therefore includes **processed and transformed versions** of the original dataset, rather than the raw dataset itself.
## Repository Contents
- Preprocessed and filtered datasets- Traffic-to-text transformed data- LLM input files used in the experiments- A detailed codebook describing variables- A Python script for performance evaluation
## Methodological Note
The LLM-based classifications used in this study were obtained through controlled experimental procedures. The repository does not include an automated LLM inference pipeline.
The included Python script (`analysis.py`) is used for post-processing and evaluation purposes. It calculates standard classification metrics such as accuracy, precision, recall, F1-score, and confusion matrix based on previously recorded model outputs.
## Data Source Attribution
The original dataset is publicly available on Kaggle and should be cited appropriately by users of this repository. This work builds upon that dataset through transformation, experimental design, and evaluation.
## Reproducibility
This repository enables partial reproducibility by providing:- the processed dataset used in the study- the transformation pipeline structure- the evaluation script used for performance analysis
Due to the nature of LLM-based systems, full reproducibility of model outputs may vary depending on model versions and configurations.
## Limitations
- The dataset originates from a publicly available intrusion detection dataset and may not represent real-world enterprise environments.- The transformation from structured data to textual format introduces abstraction.- Model outputs depend on prompt design and experimental setup.
## License
This repository is intended for academic and research use.
## Citation
If you use this dataset or code, please cite both:1. The original Kaggle dataset2. The associated research article
数据集描述
本仓库收录了本研究中用于基于大语言模型(Large Language Model,LLM)的网络流量异常检测任务的预处理数据集与评估代码。
本研究使用的原始网络流量数据源自Kaggle平台上公开的网络入侵检测数据集(Network Intrusion Detection Dataset)。该数据集并非由本研究作者原创,仅作为基础数据集供后续预处理与转换操作使用。
在本研究范围内,原始数据集经过了如下处理:
- 清洗与筛选
- 转换为结构化子集
- 从表格格式转换为文本表示形式(traffic-to-text)
- 整理为适配大语言模型的提示词输入格式
因此,本仓库仅收录原始数据集经过处理与转换后的版本,而非原始未加工的数据集。
仓库内容
- 预处理并筛选后的数据集
- 流量转文本(traffic-to-text)格式的转换数据
- 本实验中使用的大语言模型输入文件
- 详细的变量编码手册(codebook)
- 用于性能评估的Python脚本`analysis.py`
方法说明
本研究中基于大语言模型的分类结果均通过可控实验流程获取。本仓库未包含自动化的大语言模型推理流水线。
本仓库附带的Python脚本`analysis.py`用于后处理与评估工作,可基于已记录的模型输出结果,计算准确率(accuracy)、精确率(precision)、召回率(recall)、F1值(F1-score)以及混淆矩阵(confusion matrix)等标准分类评估指标。
数据源归属说明
原始数据集可在Kaggle平台公开获取,本仓库使用者需对其进行恰当引用。本研究通过数据转换、实验设计与评估流程,基于该原始数据集开展工作。
可复现性说明
本仓库通过以下内容支持部分实验结果的复现:
- 本研究中使用的预处理后数据集
- 数据转换流水线的结构
- 用于性能分析的评估脚本
由于基于大语言模型的系统特性,模型输出结果的完全复现性可能会因模型版本与配置的不同而存在差异。
局限性说明
- 该数据集源自公开的入侵检测数据集,可能无法真实反映现实企业级网络环境
- 从结构化数据到文本格式的转换过程会引入抽象性偏差
- 模型输出结果依赖于提示词设计与实验设置
许可协议
本仓库仅用于学术与研究用途。
引用说明
若您使用本仓库中的数据集或代码,请同时引用以下两项:
1. 原始Kaggle数据集
2. 本关联研究论文
提供机构:
Zenodo创建时间:
2026-03-18



