To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.
This dataset is no longer available and has a current status of 'Withdrawn'.
Please see the catalog for a listing of currently available datasets.

Summary

DS-0324
Flashback Botnet Sinkhole Connection Data
Dataset
Georgia Tech
Georgia Tech
04/16/2012
07/19/2012
46 (lowest rank is 55)

Category & Restrictions

Geolocation Data
Restricted
true

ICC/Researcher    MOA

Description


Flashback Client Connection Data

Client connection data from a Flashback sinkhole. One CSV file per day. Each line contains a timestamp at minute granularity, the IPv4 address of the connecting client (bot), and the number of attempted connections from that IP address in that minute. Number of attempted connections measured by the number of TCP SYN/ACK packets sent to clients as step two of the TCP three-way handshake. Sorted by time ascending, then by IP ascending.

Additional Details

215.2MB
false
false
flashback botnet sinkhole connection data, transport layer protocols, transmission control protocol, packets, flashback, georgia tech, macos malware, ipv4, 324, ip address, domain name system, internet protocol, network packet, trojan horses, dns sinkhole