MLDM '07 Proceedings of the 5th international conference on Machine Learning and Data Mining in Pattern Recognition
Cooperation of Intelligent Honeypots to Detect Unknown Malicious Codes
WISTDCS '08 Proceedings of the 2008 WOMBAT Workshop on Information Security Threats Data Collection and Sharing
A comprehensive approach to detect unknown attacks via intrusion detection alerts
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Proceedings of the 5th ACM workshop on Security and artificial intelligence
Examining intrusion prevention system events from worldwide networks
Proceedings of the 2012 ACM Workshop on Building analysis datasets and gathering experience returns for security
A learning system for discriminating variants of malicious network traffic
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Hi-index | 0.00 |
With the rapid evolution and proliferation of botnets, large-scale cyber attacks such as DDoS, spam emails are also becoming more and more dangerous and serious cyber threats. Because of this, network based security technologies such as Network based Intrusion Detection Systems (NIDSs), Intrusion Prevention Systems (IPSs), firewalls have received remarkable attention to defend our crucial computer systems, networks and sensitive information from attackers on the Internet. In particular, there has been much effort towards high-performance NIDSs based on data mining and machine learning techniques. However, there is a fatal problem in that the existing evaluation dataset, called KDD Cup 99' dataset, cannot reflect current network situations and the latest attack trends. This is because it was generated by simulation over a virtual network more than 10 years ago. To the best of our knowledge, there is no alternative evaluation dataset. In this paper, we present a new evaluation dataset, called Kyoto 2006+, built on the 3 years of real traffic data (Nov. 2006 ~ Aug. 2009) which are obtained from diverse types of honeypots. Kyoto 2006+ dataset will greatly contribute to IDS researchers in obtaining more practical, useful and accurate evaluation results. Furthermore, we provide detailed analysis results of honeypot data and share our experiences so that security researchers are able to get insights into the trends of latest cyber attacks and the Internet situations.