DriveBy-HTTP-2026 Dataset

The DriveBy-HTTP-2026 dataset is a large-scale benchmark designed for drive-by attack detection using HTTP request-level behavioral features. It contains 45,280 samples, equally balanced between benign and malicious instances, with each sample represented as a 128-dimensional feature vector. The feature space is organized into four semantic groups capturing different aspects of web behavior: URL characteristics, JavaScript execution patterns, DOM structure properties, and network/HTTP-level attributes. These features are designed to capture both structural and behavioral indicators of malicious web activity, including obfuscation patterns, anomalous DOM manipulations, and exploit-related signatures. Benign samples are derived from Tranco top-ranked websites, reflecting typical real-world web traffic patterns. Malicious samples are constructed based on known attack behaviors, including exploit kits, malicious JavaScript, iframe injection, obfuscated payload delivery, plugin exploitation, and multi-stage redirection. The dataset is generated using statistically modeled feature distributions informed by publicly reported characteristics of benign and malicious web behavior. This approach enables controlled, reproducible experimentation while preserving realistic feature relationships and variability observed in real-world scenarios. The dataset generation pipeline is fully deterministic and is provided alongside the codebase to ensure reproducibility. This dataset is intended for evaluating machine learning, deep learning, and hybrid quantum-classical models for web security applications, particularly in scenarios requiring scalable and deployment-ready detection systems.