To request access this dataset you will need to login with an IMPACT
account. Accounts are free. If you don't have one please
register.
This dataset is no longer available and has a current status of
'Withdrawn'.
Please see the catalog for a listing of currently available datasets.
Please see the catalog for a listing of currently available datasets.
Summary
DS-0325
PAM13 dataset (Reputation Block Lists)
Dataset
Merit Network, Inc.
Merit Network, Inc.
06/20/2012
06/26/2012
53 (lowest rank is 56)
Description
Blacklisted IPs
This dataset was used to analyze the impact of network reputation on Merit's traffic (related publication is "Jing Zhang et al., Characterization of Blacklists and Tainted Network Traffic" (PAM'13)).
Using NetFlow collected at Merit from June 20, 2012 to June 26, 2012, and based on 12 commonly used reputation blacklists (that cover spam, phishing/malware and active attacks), we treated Netflow traffic as "tainted" if one or both of the source and destination IPs are listed by the Reputation Black Lists (RBLs).
Each directory includes the traffic (anonymized) tainted by the corresponding RBL (as indicated by the directory name). *all* directory contains tainted traffic by the union of all the blacklists. The NetFlow is aggregated by hour.
The blacklists used are: brbl cbl dshield hphosts phisht sbl surbl uce wpbl
Additional Details
N/A
false
false
merit, network, reputation, dataset, lists, pam13 dataset (reputation block lists), block, pam13, 325, 2012, merit network, inc., ips, blacklisted, traffic, tainted, blacklists, directory, netflow, june, black, spam, destination, sbl, characterization, phisht, listed, hour, wpbl, cover, hphosts, cbl, malware, union, dshield, traffic flow data, rbl, pam, publication, uce, attacks, surbl, source, zhang, collected, jing, anonymized, flow, based, analyze, brbl, aggregated, al, includes, active, impact, commonly, treated, phishing, rbls