five

Cyber Attack Evaluation Dataset for Deep Packet Inspection and Analysis

收藏
Mendeley Data2024-03-27 更新2024-06-28 收录
下载链接:
https://ieee-dataport.org/documents/cyber-attack-evaluation-dataset-deep-packet-inspection-and-analysis
下载链接
链接失效反馈
官方服务:
资源简介:
To determine the effectiveness of any defense mechanism, there is a need for comprehensive real-time network data that solely references various attack scenarios based on older software versions or unprotected ports, and so on. This presented dataset has entire network data at the time of several cyber attacks to enable experimentation on challenges based on implementing defense mechanisms on a larger scale. For collecting the data, we captured the network traffic of configured virtual machines using Wireshark and tcpdump. To analyze the impact of several cyber attack scenarios, this dataset presents a set of ten computers connected to Router1 on VLAN1 in a Docker Bridge network, that try and exploit each other. It includes browsing the web and downloading foreign packages including malicious ones. Also, services like FTP and SSH were exploited using several attack mechanisms. The presented dataset shows the importance of updating and patching systems to protect themselves to a greater extent, by following attack tactics on older versions of packages as compared to the newer and updated ones. This dataset also includes an Apache Server hosted on the different subset on VLAN2 which is connected to the VLAN1 to demonstrate isolation and cross-VLAN communication. The services on this web server were also exploited by the previously stated ten computers. The attack types include: Distributed Denial of Service, SQL Injection, Account Takeover, Service Exploitation (SSH, FTP), DNS and ARP Spoofing, Scanning and Firewall Searching and Indexing (using Nmap), Hammering the services to brute-force passwords and usernames, Malware attack, Spoofing and Man-in-the-Middle Attack. The attack scenarios also show various scanning mechanisms and the impact of Insider Threats on the entire network.

若要评估任意防御机制的有效性,需依托基于旧版软件或未保护端口等场景构建的各类攻击场景,获取全面的实时网络数据。本数据集收录了多起网络攻击发生时的完整网络流量数据,可用于开展大规模部署防御机制相关的挑战性实验。 数据采集阶段,我们通过Wireshark(Wireshark)和tcpdump(tcpdump)工具捕获了配置完成的虚拟机的网络流量。为分析多类网络攻击场景的影响,本数据集构建了Docker桥接网络(Docker Bridge network)中虚拟局域网(VLAN)1网段下连接至Router1的10台计算机集群,该集群内的主机将互相尝试实施漏洞利用。该集群包含网页浏览行为以及对外软件包(含恶意软件包)的下载操作;此外,集群内的FTP、SSH等服务也通过多种攻击手段遭到利用。 本数据集通过对比新旧版本软件包的攻击利用效果,凸显了及时更新与打补丁对提升系统防护能力的重要性。本数据集还包含部署于VLAN2网段的Apache服务器(Apache Server),该网段通过链路与VLAN1连通,用于演示网络隔离与跨VLAN通信场景;前述10台计算机同样对该Web服务器上的服务实施了漏洞利用。 本次攻击涵盖的攻击类型包括:分布式拒绝服务(Distributed Denial of Service)、SQL注入、账号接管、服务漏洞利用(SSH、FTP)、DNS与ARP欺骗、扫描与防火墙探测及索引(使用Nmap(Nmap)工具)、通过暴力破解账号与密码冲击目标服务的攻击、恶意软件攻击、欺骗与中间人攻击(Man-in-the-Middle Attack)。本次攻击场景还涵盖了多种扫描手段,并展示了内部威胁对整个网络的影响。
创建时间:
2023-06-28
搜集汇总
数据集介绍
main_image_url
背景与挑战
背景概述
该数据集是一个用于深度包检测和分析的网络安全评估数据集,旨在通过模拟多种网络攻击场景(如分布式拒绝服务、SQL注入和账户接管等)来测试防御机制的有效性。它包含详细的网络流量数据(如PCAP文件),基于虚拟机和Docker网络环境构建,适用于无线网络、安全和计算智能领域的研究。
以上内容由遇见数据集搜集并总结生成
二维码
社区交流群
二维码
科研交流群
商业服务