To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.
This dataset is no longer available and has a current status of 'Withdrawn'.
Please see the catalog for a listing of currently available datasets.

Summary

DS-0323
Conficker Botnet Sinkhole Connection Data
Dataset
Georgia Tech
Georgia Tech
09/01/2012
09/30/2012
40 (lowest rank is 50)

Category & Restrictions

Geolocation Data
Restricted
true

ICC/Researcher    MOA

Description


Conficker Client Connection Data

Client connection data from a Conficker sinkhole. One CSV file per day. Each line contains a timestamp at minute granularity, the IPv4 address of the connecting client (bot), and the number of attempted connections from that IP address in that minute. Number of attempted connections measured by the number of TCP packets received with the TCP SYN flag set. Sorted by time ascending, then by IP ascending.

Additional Details

306.7MB
false
false
cybercrime, malware, computer worm, spamming, transport layer protocols, bot, transmission control protocol, cyberwarfare, packets, conficker, 323, georgia tech, ipv4, ip address, domain name system, internet protocol, botnet, network packet, conficker botnet sinkhole connection data, dns sinkhole