Institute of Distributed Systems

Dataset Overview

This site provides an overview of available datasets providing network data that can be used for anomalie detection in computer networks.

Datasets Based on Research Network Traffic

Comprehensive, Multi-Source Cyber-Security Events

Link: https://csr.lanl.gov/data/cyber1/

Description: The dataset consists of network flow data collected within Los Alamos National Laboratoy's corporate, internal computer network. For more details see official website (see Link). 

Content: Anonymized network flow data exported by several key routers within the internal computer network.

Format: CSV

Features: Time, Duration, Source Computer, Source Port, Destination Computer, Destination Port, Packet Count, Byte Count

Availability: Freely available

Date: 2015

 

FRPG Continous Flow Data

Link: https://ant.isi.edu/datasets/all.html

Description: This dataset contains of flows collected on a 1 Gbps link between FRGP.net and CenturyLink. The flows have origin in several academic institutions.

Content: tbd

Format: Argus file format

Features: tbd

Availability: Needs Requesting

Date: 2009-2020

 

SimpleWeb NetFlow Data

Link: https://www.simpleweb.org/wiki/index.php/Traces#NetFlow_Traces

Description: The flows this dataset contains of were exported by the central access router connecting a university to its ISP over a 10 Gbps link with actual loads between 650 Mbps and 1 Gbps.

Content: tbd

Format: NetFlow v5 Data

Features: Ingress interface, Source IP, Destination IP, IP Protocol, Source Port Destination Port, IP Type of Service

Availability: Freely available

Date: 2007

 

Kyoto2006+ Dataset

Link: http://www.takakura.com/Kyoto_data/

Description: The raw traffic data is obtained by honeypot systems that are deployed in Kyoto University. The dataset was built on 3 years of real traffic data recorded by the reployed honeypots.

Content: tbd

Format: Tabular (CSV-like)

Features: 24 features including all the features Netflow v9 has except packet count . See link for more information.

Availability: Freely available

Date: 2009

 

UNIBS

Link: http://netweb.ing.unibs.it/~ntw/tools/traces/

Description: This dataset contains of traces that were collected by the tool tcpdump running on the edge router of the campus network of the University of Brescia. The data was collected between 30.09.2009 and 2.10.2009. The recorded traffic was simulated by several workstations running the GT client daemon. The bandwirth were around 100 Mbps.

Content: tbd

Format: PCAP

Features: Time, Duration, Source IP, Source Port, Destination IP, Destination Port, Protocol, Packet Count, Byte Count 

Availability: Needs Requesting

Date: 2009