Ports scan dataset contains approximately 50% benign flow data and 50% malicious flow data. Benign flow data have been generated with the same python scripts used in D1 and has been labeled as '0'. Malicious flow data has been labeled as '1'. Malicious flow data has been generated using Nmap tool. Different types of slow port scans have been launched on both TCP and UDP ports. The scans carried out were: TCP SYN scanning; TCP Connect scanning; UDP scanning; TCP NULL; FIN; Xmas scanning; TCP ACK scanning; TCP Window scanning; and TCP Maimon scanning. Slow port-scanning attacks have been carried out by 100 attack nodes that scanned 65536 ports on 200 victim nodes. Requests are launched with 5 to 10 seconds of slack time among them
It is important to efficiently and correctly be able to detect and classify network traffic, both le...
Existing research suggests that it is possible to detect dictionary attacks using IP flows. This typ...
Port scans are typically at the begin of a chain of events that will lead to the attack and exploita...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
ENGLISH: Today’s society relies on computer networks. More and more data of vital importance are tra...
Attackers perform port scan to find reachability, liveness and running services in a system or netwo...
This paper describes an experimental approach to determine the correlation between port scans and at...
Scans are often used by adversaries to determine the potential weaknesses in a target network or sys...
Dataset of Probing Attacks (Port Scan) performed with nmap, unicornscan, hping3, zmap and massca
The file contains 4 datasets namely: emulated, LAN, MAN_IF, and MAN_PAL. Each of them has legitimate...
Packet sampling is commonly deployed in highspeed backbone routers to minimize resources used for ne...
The extensive use of the internet has resulted in novel technologies and protocol improvisation. Hyp...
Port scans are continuously used by both worms and human attackers to probe for vulnerabilities in I...
Port scanning is prevalent in today’s Internet and often has malicious intent. Although many algo-ri...
It is important to efficiently and correctly be able to detect and classify network traffic, both le...
Existing research suggests that it is possible to detect dictionary attacks using IP flows. This typ...
Port scans are typically at the begin of a chain of events that will lead to the attack and exploita...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of...
ENGLISH: Today’s society relies on computer networks. More and more data of vital importance are tra...
Attackers perform port scan to find reachability, liveness and running services in a system or netwo...
This paper describes an experimental approach to determine the correlation between port scans and at...
Scans are often used by adversaries to determine the potential weaknesses in a target network or sys...
Dataset of Probing Attacks (Port Scan) performed with nmap, unicornscan, hping3, zmap and massca
The file contains 4 datasets namely: emulated, LAN, MAN_IF, and MAN_PAL. Each of them has legitimate...
Packet sampling is commonly deployed in highspeed backbone routers to minimize resources used for ne...
The extensive use of the internet has resulted in novel technologies and protocol improvisation. Hyp...
Port scans are continuously used by both worms and human attackers to probe for vulnerabilities in I...
Port scanning is prevalent in today’s Internet and often has malicious intent. Although many algo-ri...
It is important to efficiently and correctly be able to detect and classify network traffic, both le...
Existing research suggests that it is possible to detect dictionary attacks using IP flows. This typ...
Port scans are typically at the begin of a chain of events that will lead to the attack and exploita...