This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1281
ISOT Botnet Dataset
External Dataset
External Data Source
University of Victoria
Unknown
Unknown
56 (lowest rank is 56)
Description
The ISOT Botnet dataset is the combination of several existing publicly available malicious and non-malicious datasets.
Two separate datasets containing malicious traffic from the French chapter of the honeynet project [1] involving the Storm and Waledac botnets were used. Waledac is currently one of the most prevalent P2P botnets and is widely considered as the successor of the Storm botnet with a more decentralized communication protocol. Unlike Storm using overnet as a communication channel, Waledac utilizes HTTP communication and a fast-flux based DNS network exclusively. To represent non-malicious, everyday usage traffic, two different were incorporated datasets, one from the Traffic Lab at Ericsson Research in Hungary [2] and the other from the Lawrence Berkeley National Lab (LBNL) [3]. The Ericsson Lab dataset contains a large number of general traffic from a variety of applications, including HTTP web browsing behavior, World of Warcraft gaming packets, and packets from popular bittorrent clients such as Azureus. We also incorporated all the datasets from the LBNL trace data to provide additional non-malicious background traffic.
Additional Details
N/A
false
Unknown
dataset, botnet, isot, 1281, isot botnet dataset, inferlink, external, corporation, external data source, inferlink corporation, source, malicious, datasets, existing, combination, publicly, traffic, communication, lab, storm, waledac, packets, http, ericsson, lbnl, botnets, incorporated, gaming, popular, behavior, national, project, web, variety, trace, channel, applications, p2p, represent, azureus, prevalent, considered, usage, berkeley, fast, flux, everyday, bittorrent, hungary, network, exclusively, based, background, provide, browsing, utilizes, warcraft, decentralized, including, overnet, separate, french, protocol, involving, honeynet, additional, lawrence, clients, successor, other, chapter, dns