Skip to main content

Datasets

Standard Dataset

Zero Trust Architecture Dataset (ZTAD)

Tag image
Citation Author(s):
Tarik GUEMMAH
Submitted by:
Tarik GUEMMAH
Last updated:
DOI:
10.21227/nqhd-1078
Data Format:
*.csv
Links:
ZTAD
10 views
Categories:
Keywords:
zero trust security
digital forensics
Attack Detection
No Ratings Yet
ACCESS DATASET CITE SHARE/EMBED

Abstract

Data Format: The format of the dataset is CSV format.
- Size of Dataset: The size of the dataset is 3.84 Go with 7,068,103 rows and 18 columns.
- The summary of the attributes:
1) Date: Date of the event, in the format MM/DD/YYYY.
2) Time: Time of day, expressed in 24-hour format HH:MM.
3) Timezone: Time zone specified during processing.
4) MACB: Associated with actions performed on a file in a file system: M for modification, A for access, C for change, B for creation.
5) Source: Short name of the source.
6) Sourcetype: More detailed description of the source.
7) Type: Type of event, for example, network connection, file modification, program execution, etc.
8) User: Username associated with the entry.
9) Host: Hostname associated with the entry.
10) Short: Brief description of the entry, typically containing less text than the full description field.
11) Desc: Description.
12) Version: Version number of the timestamped object.
13) Filename: Filename with the full path of the artifact that was analyzed.
14) Inode: Node index; metadata address of the file being analyzed; used in Unix file systems to uniquely identify files.
15) Notes: Some input modules insert additional information as a note.
16) Format: Name of the module used to analyze the file.
17) Extra: Additional analyzed information.
-- Filesize: The file size in bytes.
-- File_system_type: The type of file system where the file is stored, e.g., ext4, NTFS, etc.
-- Is_allocated: An indicator showing whether the disk space allocated for the file is used or not.
-- Sha256_hash: The SHA-256 hash of the file content, used to uniquely identify the file content.
-- Reporter: Refers to the source or origin of the data, such as a program or system that generated a specific record during a forensic analysis.
-- Attribute Names: Corresponds to the names of various characteristics or information, such as date, time, and type of activity recorded for each event analyzed in a digital investigation.
18) Label of the MITRE ATT&CK Tactics.

Instructions:

The dataset can be downloaded directly as csv file.

Dataset Files

Files have not been uploaded for this dataset

QUESTIONS?