To request access this dataset you will need to login with an IMPACT
account. Accounts are free. If you don't have one please
register.
This dataset is no longer available and has a current status of
'Withdrawn'.
Please see the catalog for a listing of currently available datasets.
Please see the catalog for a listing of currently available datasets.
Summary
DS-0653
SIP_scanning_2016
Dataset
Merit Network, Inc.
Merit Network, Inc.
08/29/2016
08/29/2016
52 (lowest rank is 56)
Description
Malicious scanning related to SIP
This real-world dataset inlcludes several instances of malicious scanners that were attempting connections to the SIP port on many hosts within Merit Network. In particular, the SIP OPTIONS "ping" was being employed. More info for SIP OPTIONS ping can be found here: http://www.voip-info.org/wiki/view/SIP+method+options . This is a Netflow dataset, that contains the SIP malicious activity intermixed with regular/normal communication flows. Flows collected at Merit's monitoring location in Detroit. This is an anonymized dataset (last 11 bits of each IP stripped to zero).
Additional Details
650.0KB
true
false
2016, merit, network, sip, scanning, 653, sip_scanning_2016, anonymized, merit network, inc., malicious, options, dataset, ping, flows, info, http, traffic, attempting, normal, method, org, port, activity, monitoring, real, location, bits, hosts, flow, intermixed, scanners, instances, wiki, traffic flow data, stripped, collected, employed, view, voip, netflow, detroit, communication, connections, regular, inlcludes