Advanced Persistent Threat (APT)

Identifying patterns in the modus operandi of attackers is an essential requirement in the study of Advanced Persistent Threats. Previous studies have been hampered by the lack of accurate, relevant, and representative datasets of current threats. System logs and network traffic captured during attacks on real companies’ information systems are the best data sources to build such datasets. Unfortunately, for apparent reasons of companies’ reputation, privacy, and security, such data is seldom available.

Categories:
955 Views

The dataset has been developed in Smart Connected Vehicles Innovation Centre (SCVIC) of the University of Ottawa in Kanata North Technology Park.

In order to define a benchmark for Machine Learning (ML)-based Advanced Persistent Threat (APT) detection in the network traffic, we create a dataset named SCVIC-APT-2021, that can realistically represent the contemporary network architecture and APT characteristics.  Please cite the following original article where this work was initially presented:

Categories:
3305 Views

We constructed a rich AttackDB that consists of CTI from the MITRE ATT\&CK Enterprise knowledge base, the AlienVault Open Threat Exchange, the IBM X-Force Exchange and VirusTotal.

Categories:
1063 Views
Disclaimer 
DARPA is releasing these files in the public domain to stimulate further research. Their release implies no obligation or desire to support additional work in this space. The data is released as-is. DARPA makes no warranties as to the correctness, accuracy, or usefulness of the released data. In fact, since the data was produced by research prototypes, it is practically guaranteed to be imperfect.
Categories:
3437 Views