Los Alamos National Labs (LANL) Intrusion Detection Dataset

该数据集来自LANL实验室，记录了内部计算机网络活动长达58天的日志，涵盖了12,425名用户和17,684台计算机之间的1.6亿次认证事件，其中识别出了恶意认证事件。该数据集以图模型的形式构建，旨在检测认证事件中的恶意边。此外，该数据集极度不平衡，在4500万条边中仅包含518条恶意边，它被用于进行转导和归纳异常检测任务。其规模涉及12,425名用户、17,684台计算机以及160亿次认证事件。该数据集的任务是进行认证事件中的异常检测。

This dataset is sourced from LANL Laboratories, capturing 58 consecutive days of internal computer network activity logs. It covers 160 million authentication events occurring between 12,425 users and 17,684 computers, with malicious authentication events having been identified within the logs. Constructed as a graph model, this dataset is designed for detecting malicious edges in authentication events. Furthermore, this dataset is highly imbalanced, containing only 518 malicious edges out of 45 million total edges. It has been utilized for transductive and inductive anomaly detection tasks. In terms of scale, this dataset involves 12,425 users, 17,684 computers, and 1.6 billion authentication events. The core task of this dataset is anomaly detection in authentication events.