A Survey of Network-based Intrusion Detection Data Sets

[1]  Adams County,et al.  Comprehensive , 2020, Encyclopedia of the UN Sustainable Development Goals.

[2]  Tarrah R. Glass-Vanderlan,et al.  A Survey of Intrusion Detection Systems Leveraging Host Data , 2018, ACM Comput. Surv..

[3]  Andreas Hotho,et al.  Flow-based Network Traffic Generation using Generative Adversarial Networks , 2018, Comput. Secur..

[4]  Andreas Hotho,et al.  Detection of slow port scans in flow-based network traffic , 2018, PloS one.

[5]  Falko Dressler,et al.  How to Test an IDS?: GENESIDS: An Automated System for Generating Attack Traffic , 2018, WTMC@SIGCOMM.

[6]  Paul D. Yoo,et al.  From Intrusion Detection to Attacker Attribution: A Comprehensive Survey of Unsupervised Methods , 2018, IEEE Communications Surveys & Tutorials.

[7]  Tomás Jirsík,et al.  Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets , 2018, 2018 Network Traffic Measurement and Analysis Conference (TMA).

[8]  Shengli Liu,et al.  An enhancing framework for botnet detection using generative adversarial networks , 2018, 2018 International Conference on Artificial Intelligence and Big Data (ICAIBD).

[9]  Xianbin Wang,et al.  INSECS-DCS: A Highly Customizable Network Intrusion Dataset Creation Framework , 2018, 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE).

[10]  Roberto Therón,et al.  UGR'16: A new dataset for the evaluation of cyclostationarity-based network IDSs , 2018, Comput. Secur..

[11]  Alexander D. Kent,et al.  Unified Host and Network Data Set , 2017, Security Science and Technology.

[12]  Ajay Guleria,et al.  A New Labeled Flow-based DNS Dataset for Anomaly Detection: PUF Dataset , 2018 .

[13]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[14]  Aiko Pras,et al.  Flow-Based Compromise Detection: Lessons Learned , 2018, IEEE Security & Privacy.

[15]  Murat Aydos,et al.  A review on cyber security datasets for machine learning algorithms , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[16]  Luiz Eduardo Soares de Oliveira,et al.  Toward a reliable anomaly-based intrusion detection in real-world environments , 2017, Comput. Networks.

[17]  Ali A. Ghorbani,et al.  Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling , 2017, Comput. Networks.

[18]  Jing Wang,et al.  Botnet Detection Based on Anomaly and Community Detection , 2017, IEEE Transactions on Control of Network Systems.

[19]  Jiankun Hu,et al.  Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling , 2017, J. Netw. Comput. Appl..

[20]  Valérie Viet Triem Tong,et al.  Sharing and replaying attack scenarios with Moirai , 2017 .

[21]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[22]  Victor I. Chang,et al.  From Intrusion Detection to an Intrusion Response System: Fundamentals, Requirements, and Future Directions , 2017, Algorithms.

[23]  Frank Beer,et al.  A new Attack Composition for Network Security , 2017, DFN-Forum Kommunikationstechnologien.

[24]  Andreas Hotho,et al.  Flow-based benchmark data sets for intrusion detection , 2017 .

[25]  Ali A. Ghorbani,et al.  Towards a Reliable Intrusion Detection Benchmark Dataset , 2017 .

[26]  Andreas Hotho,et al.  A Toolset for Intrusion and Insider Threat Detection , 2017 .

[27]  A. Nur Zincir-Heywood,et al.  Benchmarking the Effect of Flow Exporters and Protocol Filters on Botnet Traffic Classification , 2016, IEEE Systems Journal.

[28]  Alexander D. Kent,et al.  Cyber security data sources for dynamic network research , 2016 .

[29]  Max Mühlhäuser,et al.  Towards the creation of synthetic, yet realistic, intrusion detection datasets , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.

[30]  Erik Schultes,et al.  The FAIR Guiding Principles for scientific data management and stewardship , 2016, Scientific Data.

[31]  Georgios Kambourakis,et al.  Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset , 2016, IEEE Communications Surveys & Tutorials.

[32]  Ghazi Al-Naymat,et al.  Detecting Distributed Denial of Service Attacks Using Data Mining Techniques , 2016 .

[33]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[34]  Jens Myrup Pedersen,et al.  An analysis of network traffic classification for botnet detection , 2015, 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA).

[35]  Alexander D. Kent,et al.  Comprehensive, Multi-Source Cyber-Security Events Data Set , 2015 .

[36]  Aiko Pras,et al.  Booters — An analysis of DDoS-as-a-service attacks , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[37]  Harish Kumar,et al.  A Reference Dataset for Network Traffic Activity Based Intrusion Detection System , 2015, Int. J. Comput. Commun. Control.

[38]  Taghi M. Khoshgoftaar,et al.  A New Intrusion Detection Benchmarking System , 2015, FLAIRS Conference.

[39]  Mitsuaki Akiyama,et al.  Empowering Anti-malware Research in Japan by Sharing the MWS Datasets , 2015, J. Inf. Process..

[40]  M. Malowidzki,et al.  Network Intrusion Detection : Half a Kingdom for a Good Dataset , 2015 .

[41]  Jugal K. Kalita,et al.  Towards Generating Real-life Datasets for Network Intrusion Detection , 2015, Int. J. Netw. Secur..

[42]  Ali A. Ghorbani,et al.  Towards effective feature selection in machine learning-based botnet detection approaches , 2014, 2014 IEEE Conference on Communications and Network Security.

[43]  Sangeeta Bhattacharya,et al.  SSENet-2014 Dataset: A Dataset for Detection of Multiconnection Attacks , 2014, 2014 3rd International Conference on Eco-friendly Computing and Communication Systems.

[44]  Taghi M. Khoshgoftaar,et al.  A Session Based Approach for Aggregating Network Traffic Data -- The SANTA Dataset , 2014, 2014 IEEE International Conference on Bioinformatics and Bioengineering.

[45]  Taghi M. Khoshgoftaar,et al.  Machine Learning for Detecting Brute Force Attacks at the Network Level , 2014, 2014 IEEE International Conference on Bioinformatics and Bioengineering.

[46]  Aiko Pras,et al.  SSH Compromise Detection using NetFlow/IPFIX , 2014, CCRV.

[47]  Konstantinos G. Kyriakopoulos,et al.  Automatic Dataset Labelling and Feature Selection for Intrusion Detection Systems , 2014, 2014 IEEE Military Communications Conference.

[48]  Alejandro Zunino,et al.  An empirical comparison of botnet detection methods , 2014, Comput. Secur..

[49]  Gabi Dreo Rodosek,et al.  Behavior-based intrusion detection in encrypted environments , 2014, IEEE Communications Magazine.

[50]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[51]  Vern Paxson,et al.  Detecting stealthy, distributed SSH brute-forcing , 2013, CCS.

[52]  Sándor Molnár,et al.  How to validate traffic generators? , 2013, 2013 IEEE International Conference on Communications Workshops (ICC).

[53]  Jiankun Hu,et al.  Generation of a new IDS test dataset: Time to retire the KDD collection , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[54]  Giuseppe Di Battista,et al.  26 Computer Networks , 2004 .

[55]  Jugal K. Kalita,et al.  Packet and Flow Based Network Intrusion Dataset , 2012, IC3.

[56]  Aiko Pras,et al.  SSHCure: A Flow-Based SSH Intrusion Detection System , 2012, AIMS.

[57]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[58]  S. Selvakumar,et al.  SSENet-2011: A Network Intrusion Detection System dataset and its comparison with KDD CUP 99 dataset , 2011, 2011 Second Asian Himalayas International Conference on Internet (AH-ICI).

[59]  Joshua Ojo Nehinbe,et al.  A critical evaluation of datasets for investigating IDSs and IPSs researches , 2011, 2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS).

[60]  George Kesidis,et al.  Salting Public Traces with Attack Traffic to Test Flow Classifiers , 2011, CSET.

[61]  Andreas Haeberlen,et al.  Challenges in Experimenting with Botnet Detection Systems , 2011, CSET.

[62]  Ali A. Ghorbani,et al.  Detecting P2P botnets through network behavior analysis and machine learning , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[63]  Hiroki Takakura,et al.  Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation , 2011, BADGERS '11.

[64]  David Wetherall,et al.  Computer networks, 5th Edition , 2011 .

[65]  Kensuke Fukuda,et al.  MAWILab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking , 2010, CoNEXT.

[66]  Brian Trammell,et al.  YAF: Yet Another Flowmeter , 2010, LISA.

[67]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[68]  Torsten Braun,et al.  A flow trace generator using graph-based traffic classification techniques , 2010, IWCMC.

[69]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[70]  Aiko Pras,et al.  A Labeled Data Set for Flow-Based Intrusion Detection , 2009, IPOM.

[71]  Aiko Pras,et al.  Hidden Markov Model Modeling of SSH Brute-Force Attacks , 2009, DSOM.

[72]  Niccolo Cascarano,et al.  GT: picking up the truth from the ground for internet traffic , 2009, CCRV.

[73]  Haibo He,et al.  Learning from Imbalanced Data , 2009, IEEE Transactions on Knowledge and Data Engineering.

[74]  Gregory J. Conti,et al.  Toward Instrumenting Network Warfare Competitions to Generate Labeled Datasets , 2009, CSET.

[75]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[76]  Barry E. Mullins,et al.  A survey of state-of-the-art in anonymity metrics , 2008, NDA '08.

[77]  Mohammad Zulkernine,et al.  Random-Forests-Based Network Intrusion Detection Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[78]  Martin May,et al.  FLAME: A Flow-Level Anomaly Modeling Engine , 2008, CSET.

[79]  István Szabó,et al.  On the Validation of Traffic Classification Algorithms , 2008, PAM.

[80]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[81]  Martin Rehak,et al.  CAMNEP: An intrusion detection system for high-speed networks , 2008 .

[82]  Fabio Roli,et al.  Intrusion detection in computer networks by a modular ensemble of one-class classifiers , 2008, Inf. Fusion.

[83]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.

[84]  Tao Ye,et al.  Connectionless port scan detection on the backbone , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[85]  Jason Lee,et al.  The devil and packet trace anonymization , 2006, CCRV.

[86]  György J. Simon,et al.  Data Mining for Cyber Security , 2006 .

[87]  Jason Lee,et al.  A first look at modern enterprise traffic , 2005, IMC '05.

[88]  Benoit Claise,et al.  Cisco Systems NetFlow Services Export Version 9 , 2004, RFC.

[89]  Hari Balakrishnan,et al.  Fast portscan detection using sequential hypothesis testing , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[90]  Matthew V. Mahoney,et al.  Network traffic anomaly detection based on packet bytes , 2003, SAC '03.

[91]  M. Ammar,et al.  Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[92]  Stuart Staniford-Chen,et al.  Practical Automated Detection of Stealthy Portscans , 2002, J. Comput. Secur..

[93]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[94]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[95]  Jiawei Han,et al.  Data Mining: Concepts and Techniques , 2000 .

[96]  R.K. Cunningham,et al.  Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.