SCVIC-TS-2022: Network intrusion data with original raw network packets

Citation Author(s):
Jinxin
Liu
University of Ottawa
Murat
Simsek
University of Ottawa
Michele
Nogueira
Federal University of Minas Gerais
Burak
Kantarci
University of Ottawa
Submitted by:
Burak Kantarci
Last updated:
Sun, 09/03/2023 - 00:25
DOI:
10.21227/qm9h-8c05
Data Format:
*.csv;*.json;*.xlsx;*.pkl
License:
Creative Commons Attribution
663 Views
Categories:
Machine Learning
Communications
Security
Keywords:
Network Security; Intrusion Detection System; Time Series; Early Detection; Machine Learning; Deep Learning.
0
0 ratings - Please login to submit your rating.
ACCESS DATASET CITE SHARE/EMBED

Abstract 

SCVIC-TS-2022: Network intrusion data with original raw network packets

To apply Time Series Network Flow Meter (TS-NFM), a network intrusion dataset must have original raw network packets rather than extracted features and complete labeling information; consequently, this dataset uses the CIC-IDS-2017 dataset (I. Sharafaldin, A. Habibi Lashkari, and A. A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization:,” in Proc. of the 4th Intl. Conf. on Information Systems Security and Privacy, 2018). The raw network packets (PCAP format) are fed into the TS-NFM proposed in our paper*  with a time window of two minutes (same to the extracted features from CIC-IDS-2017), resulting in the SCVIC-TS-2022 dataset. MTS's maximum length L is 511,681 due to the network's fast speed. The number of features/dimensions d is thirteen, which includes the direction of a packet, IAT, size in bytes, and ten TCP flags. 

*If you are using the SCVIC-TS-2022 dataset, please cite the following paper:

J.Liu, M.Simsek, M. Nogueira, B. Kantarci, "Multidomain transformer-based deep learning for early detection of network intrusion," IEEE Global Communications Conference (Globecom), Kuala Lumpur, Malaysia, pp. 1-6, December 2023.

Instructions: 

SCVIC-TS-2022: Network intrusion data with original raw network packets

To apply Time Series Network Flow Meter (TS-NFM), a network intrusion dataset must have original raw network packets rather than extracted features and complete labeling information; consequently, this dataset uses the CIC-IDS-2017 dataset (I. Sharafaldin, A. Habibi Lashkari, and A. A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization:,” in Proc. of the 4th Intl. Conf. on Information Systems Security and Privacy, 2018). The raw network packets (PCAP format) are fed into the TS-NFM proposed in our paper*  with a time window of two minutes (same to the extracted features from CIC-IDS-2017), resulting in the SCVIC-TS-2022 dataset. MTS's maximum length L is 511,681 due to the network's fast speed. The number of features/dimensions d is thirteen, which includes the direction of a packet, IAT, size in bytes, and ten TCP flags. 

*If you are using the SCVIC-TS-2022 dataset, please cite the following paper:

J.Liu, M.Simsek, M. Nogueira, B. Kantarci, "Multidomain transformer-based deep learning for early detection of network intrusion," IEEE Global Communications Conference (Globecom), Kuala Lumpur, Malaysia, pp. 1-6, December 2023.

Funding Agency: 
Natural Sciences and Engineering Research Council (NSERC)- Canada
Grant Number: 
Discovery

Dataset Files

LOGIN TO ACCESS DATASET FILES

 

QUESTIONS?