Large-Scale Network Cyberattacks Multiclass Dataset 2024 (LSNM2024)

We present a novel cutting-edge, large-scale multiclass dataset to improve the security of network cognition of suspicious traffic in networks. The proposed newly generated dataset contains up-to-date samples and features available to the public to help reduce the effect of upcoming cyberattacks with machine learning methods. Specifically, 6 million traffic samples with 60 features are collected and organized into two balanced classes: 50% normal traffic and 50% anomaly (attack) traffic. Furthermore, the anomaly traffic is composed of 15 different attacks including MITM-ARP-SPOOFING attack, SSH-BRUTE FORCE attack, FTP-BRUTE FORCE attack, DDOS-ICMP, DDOS-RAWIP attack, DDOS-UDP attack, DOS attack, EXPLOITING-FTP attack, FUZZING attack, ICMP FLOOD attack, SYN-FLOOD attack, PORT SCANNING attack, REMOTE CODE EXECUTION attack, SQL INJECTION attack, and XSS attack. For detailed info, Please refer to and cite our article: Q. Abu Al-Haija, Z. Masoud, A. Yasin, K. Alesawi, Y. Alkarnawi, "Revolutionizing Threat Hunting in Communication Networks: Introducing a Cutting-Edge Large-Scale Multiclass Dataset", 15th International Conference on Information and Communication Systems (ICICS 2024), IEEE, Aug. 2024.

本报告提出一项开创性的前沿技术，构建了一个大规模多类别数据集，旨在提升网络认知中可疑流量安全性的防护能力。该新近生成的数据集汇聚了最新的样本与特征，面向公众开放，以期为利用机器学习方法减轻未来网络攻击的影响提供助力。具体而言，我们收集并整理了包含600万条流量样本及60个特征的数据，并将其划分为两个平衡的类别：50%的常规流量与50%的异常（攻击）流量。此外，异常流量由15种不同的攻击构成，包括中间人攻击（MITM-ARP-SPOOFING）、SSH暴力破解攻击、FTP暴力破解攻击、DDoS-ICMP攻击、DDoS-RAWIP攻击、DDoS-UDP攻击、DOS攻击、利用FTP攻击、模糊测试攻击、ICMP洪水攻击、SYN洪水攻击、端口扫描攻击、远程代码执行攻击、SQL注入攻击以及跨站脚本攻击。欲获取详细信息，请参阅并引用我们的文章：《革命性通信网络威胁狩猎：引入前沿大规模多类别数据集》，Q. Abu Al-Haija, Z. Masoud, A. Yasin, K. Alesawi, Y. Alkarnawi，发表于2024年8月的第15届国际信息与通信系统会议（ICICS 2024），IEEE出版。