To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.
This dataset is no longer available and has a current status of 'Withdrawn'.
Please see the catalog for a listing of currently available datasets.

Summary

DS-0653
SIP_scanning_2016
Dataset
Merit Network, Inc.
Merit Network, Inc.
08/29/2016
08/29/2016
47 (lowest rank is 51)

Category & Restrictions

Traffic Flow Data
Quasi-Restricted
true

Description


Malicious scanning related to SIP

This real-world dataset inlcludes several instances of malicious scanners that were attempting connections to the SIP port on many hosts within Merit Network. In particular, the SIP OPTIONS "ping" was being employed. More info for SIP OPTIONS ping can be found here: http://www.voip-info.org/wiki/view/SIP+method+options . This is a Netflow dataset, that contains the SIP malicious activity intermixed with regular/normal communication flows. Flows collected at Merit's monitoring location in Detroit. This is an anonymized dataset (last 11 bits of each IP stripped to zero).

Additional Details

650.0KB
true
false
merit network, inc., communication protocol, cryptographic protocol, application layer protocols, cisco protocols, transport layer security, netflow, 653, history of the internet, wikiwikiweb, internet protocol, data protection, uniform resource identifier, workgroup, videotelephony, computer network analysis, hypertext transfer protocol, data anonymization, secure communication, information privacy, history of computing, merit network, sip_scanning_2016, computer mediated communication, voice over ip, academic computer network organizations