Don't use this data set. It's flawed. http://www.kdnuggets.com/news/2007/n18/4i.html
As a result, we strongly recommend that
(1) all researchers stop using the KDD Cup '99 dataset,
(2) The KDD Cup and UCI websites include a warning on the KDD Cup '99 dataset webpage informing researchers that there are known problems with the dataset, and
(3) peer reviewers for conferences and journals ding papers (or even outright reject them, as is common in the network security community) with results drawn solely from the KDD Cup '99 dataset.
Let me repeat this data set must not be used for network-intrusion detection. It does not reflect reality, it's simulated and old data. It looks nowhere like any current attack pattern anyway.
Other than that, the files should be ASCII text files. With good tools you don't need to extract it, because they can be decompressed on the fly (in fact, your webbrowser might be using this compression on the fly with some webservers)
For anything other than runtime benchmarking, don't use it.