To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.
This dataset is no longer available and has a current status of 'Withdrawn'.
Please see the catalog for a listing of currently available datasets.

Summary

DS-0325
PAM13 dataset (Reputation Block Lists)
Dataset
Merit Network, Inc.
Merit Network, Inc.
06/20/2012
06/26/2012
52 (lowest rank is 55)

Category & Restrictions

Traffic Flow Data
Quasi-Restricted
true

Description


Blacklisted IPs

This dataset was used to analyze the impact of network reputation on Merit's    traffic (related publication is "Jing Zhang et al., Characterization of Blacklists and Tainted Network Traffic" (PAM'13)).

Using NetFlow    collected at Merit from June 20, 2012 to June 26, 2012, and based on 12 commonly used reputation blacklists (that cover spam, phishing/malware and active attacks),    we treated Netflow traffic as "tainted" if one or both of the source and destination IPs are listed by the Reputation Black Lists (RBLs).

Each directory includes the traffic (anonymized) tainted by the corresponding RBL (as indicated by the directory name). *all* directory contains tainted traffic by the union of all the blacklists. The NetFlow is aggregated by hour.

The blacklists used are:    brbl    cbl    dshield    hphosts    phisht       sbl    surbl    uce    wpbl

Additional Details

N/A
false
false
merit network, inc., cybercrime, phishing, malware, spamming, computer network analysis, linux pam, data anonymization, cisco protocols, computer security procedures, information privacy, netflow, 325, information operations and warfare, blacklisting, data protection, dshield, exploit, pam13 dataset (reputation block lists)