This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-0930
Botnet dataset
External Dataset
External Data Source
University of New Brunswick
01/01/2010
01/01/2014
56 (lowest rank is 56)
Description
Assessing performance of any detection approach requires experimentation with data that is heterogeneous enough to simulate real traffic to an acceptable level.
Botnet traces can be merged with benign data by mapping malicious data to either machines existing in the home network or machines outside of the current network. Considering the wide range of IP addresses in the traces, we mapped botnet IPs to the hosts outside of the current network using BitTwist packet generator. Malicious and benign traffic were then replayed using TCPReplay and captured by TCPdump as a single dataset. ; cic@unb.ca.
Additional Details
12.9GB
false
Unknown
botnet, dataset, 930, botnet dataset, source, corporation, external data source, inferlink, inferlink corporation, external, 2010, traffic, simulate, detection, real, performance, level, requires, assessing, heterogeneous, acceptable, approach, experimentation, network, machines, benign, traces, malicious, current, hosts, generator, mapping, mapped, range, captured, cic, other, existing, single, tcpdump, ips, bittwist, replayed, tcpreplay, wide, unb, merged, packet