ASNM Datasets: A Collection of Network Traffic Data for Testing of Adversarial Classifiers and Network Intrusion Detectors

Citation Author(s):
Ivan
Homoliak
Brno University of Technology
Petr
Hanacek
Brno University of Technology
Submitted by:
Ivan Homoliak
Last updated:
Tue, 05/17/2022 - 22:21
DOI:
10.21227/081t-dj23
Data Format:
Link to Paper:
Links:
License:
0
0 ratings - Please login to submit your rating.

Abstract 

ASNM datasets include records consisting of many features, that express various properties and characteristics of TCP communications. These features are called Advanced Security Network Metrics (ASNM) and were designed with the intention to discern legitimate and malicious connections (especially intrusions). ASNM features are extracted from tcpdump traces and do not perform deep packet inspection during their computation. ASNM datasets can be used for machine learning-based Network Behavioral Anomaly Detection or analysis of network traffic characteristics based on the labels indicating the presence and/or type of malicious/legitimate communication.

Instructions: 

ASNM datasets were created one by one during our long-term research. The following listing contains references to descriptions of particular datasets with their download locations:

 

  • ASNM-NPBO Dataset - contains non-payload-based obfuscation techniques applied onto malicious and some of legitimate traffic. It was created in 2015.
  • ASNM-TUN Dataset - contains tunneling obfuscation techniques applied to malicious traffic. It was created in 2014.
  • ASNM-CDX-2009 Dataset - contains ASNM features extracted from tcpdumps of CDX 2009 dataset. It misses few newer ASNM features. It was created in 2013.

Comments

Hi

Submitted by Prahlad Nayak on Thu, 03/18/2021 - 04:57

thanks

Submitted by minseok Seo on Tue, 08/03/2021 - 03:16