[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3528580.3532843acmotherconferencesArticle/Chapter ViewAbstractPublication PageseiccConference Proceedingsconference-collections
research-article
Open access

VHS-22 – A Very Heterogeneous Set of Network Traffic Data for Threat Detection

Published: 21 July 2022 Publication History

Abstract

Researching new methods of detecting network threats, e.g., malware-related, requires large and diverse sets of data. In recent years, a variety of network traffic datasets have been proposed, which have been intensively used by the research community. However, most of them are quite homogeneous, which means that detecting threats using these data became relatively easy, allowing for detection accuracy close to 100%. Therefore, they are not a challenge anymore. As a remedy, in this article we propose a VHS-22 dataset – a Very Heterogeneous Set of network traffic data. We prepared it using a software network probe and a set of existing datasets. We describe the process of dataset creation, as well as its basic statistics. We also present initial experiments on attack detection, which yielded lower results than for other datasets. We claim that the data in the VHS-22 dataset are more demanding, and therefore that our dataset can better stimulate further progress in detecting network threats.

References

[1]
Amirah Alshammari and Abdulaziz Aldribi. 2021. Apply machine learning techniques to detect malicious network traffic in cloud computing. Journal of Big Data 8 (06 2021). https://doi.org/10.1186/s40537-021-00475-1
[2]
AvinashR.Sonule, Mukesh Kalla, Amit Jain, and Deepak Singh Chouhan. 2020. UNSW-NB15 Dataset and Machine Learning Based Intrusion Detection Systems. International Journal of Engineering and Advanced Technology 3, 9(2020), 2638–2648.
[3]
Ankit Bansal and Sudipta Mahapatra. 2017. A Comparative Analysis of Machine Learning Techniques for Botnet Detection. In Proceedings of the 10th International Conference on Security of Information and Networks(Jaipur, India) (SIN ’17). Association for Computing Machinery, New York, NY, USA, 91–98. https://doi.org/10.1145/3136825.3136874
[4]
Brad. 2022. Malware Traffic Analysis. https://www.malware-traffic-analysis.net
[5]
Ayesha S. Dina and D. Manivannan. 2021. Intrusion detection based on Machine Learning techniques in computer networks. Internet of Things 16(2021), 100462. https://doi.org/10.1016/j.iot.2021.100462
[6]
The Tcpdump Group. 2022. Libpcap Library. https://www.tcpdump.org/.
[7]
Riaz Khan, Xiaosong Zhang, Rajesh Kumar, Abubakar Sharif, Noorbakhsh Amiri Golilarz, and Mamoun Alazab. 2019. An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers. Applied Sciences 9 (06 2019), 2375. https://doi.org/10.3390/app9112375
[8]
McAfee Labs. 2016. McAfee Labs 2016 Threats Predictions. https://www.intel.com/content/dam/www/public/us/en/documents/reports/mcafee-2016-threats-and-predictions-report.pdf
[9]
Ivan Letteri, Giuseppe Penna, Luca Vita, and Maria Grifa. 2020. MTA-KDD’19: A Dataset for Malware Traffic Detection. In Proc. Fourth Italian Conference on Cyber Security (ITASEC 2020). CEUR, Ancona, Italy, 153–165.
[10]
Maria-Elena Mihailescu, Darius Mihai, Mihai Carabas, Mikołaj Komisarek, Marek Pawlicki, Witold Hołubowicz, and Rafał Kozik. 2021. The Proposition and Evaluation of the RoEduNet-SIMARGL2021 Network Intrusion Detection Dataset. Sensors 21, 13 (2021), 4319. https://doi.org/10.3390/s21134319
[11]
Nour Moustafa and Jill Slay. 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In Proc. Military Communications and Information Systems Conference (MilCIS 2015). IEEE, Canberra, Australia, 1–6. https://doi.org/10.1109/MilCIS.2015.7348942
[12]
Markus Ring, Sarah Wunderlich, Deniz Scheuring, Dieter Landes, and Andreas Hotho. 2019. A Survey of Network-based Intrusion Detection Data Sets. Computers & Security 86(2019), 147–167. https://doi.org/10.1016/j.cose.2019.06.005
[13]
Sherif Saad, Issa Traore, Ali Ghorbani, Bassam Sayed, David Zhao, Wei Lu, John Felix, and Payman Hakimian. 2011. Detecting P2P botnets through network behavior analysis and machine learning. In Ninth Annual International Conference on Privacy, Security and Trust. IEEE, Montreal, Canada, 174–180.
[14]
José Jair Santanna, Romain Durban, Anna Sperotto, and Aiko Pras. 2015. Inside booters: An analysis on operational databases. In International Symposium on Integrated Network Management (IM 2015). IFIP/IEEE, Ottawa, Canada, 432–440. https://doi.org/10.1109/INM.2015.7140320
[15]
Iman Sharafaldin., Arash Habibi Lashkari., and Ali A. Ghorbani.2018. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP,. INSTICC, SciTePress, Portugal, 108–116. https://doi.org/10.5220/0006639801080116
[16]
Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani. 2018. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In Proc. 4th International Conference on Information Systems Security and Privacy (ICISSP 2018). INSTICC, SciTePress, Funchal, Portugalia, 108–116. https://doi.org/10.5220/0006639801080116
[17]
Scikit-Learn Open source comunity. 2013. Scikit-Learn. Http://scikit-learn.org/stable/.

Cited By

View all
  • (2024)Peer-to-peer botnets: exploring behavioural characteristics and machine/deep learning-based detectionEURASIP Journal on Information Security10.1186/s13635-024-00169-02024:1Online publication date: 27-May-2024
  • (2024)Adversarial Attacks on Network Intrusion Detection Systems Based on Federated LearningAdvanced Intelligent Computing Technology and Applications10.1007/978-981-97-5606-3_13(146-157)Online publication date: 30-Jul-2024
  • (2023)Modern NetFlow network dataset with labeled attacks and detection methodsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605094(1-8)Online publication date: 29-Aug-2023
  • Show More Cited By
  1. VHS-22 – A Very Heterogeneous Set of Network Traffic Data for Threat Detection

    Recommendations

    Comments

    Please enable JavaScript to view thecomments powered by Disqus.

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    EICC '22: Proceedings of the 2022 European Interdisciplinary Cybersecurity Conference
    June 2022
    114 pages
    ISBN:9781450396035
    DOI:10.1145/3528580
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 21 July 2022

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. DoS attacks
    2. botnets
    3. machine learning
    4. malware detection
    5. network traffic analysis
    6. network traffic dataset

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Funding Sources

    Conference

    EICC 2022

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)545
    • Downloads (Last 6 weeks)50
    Reflects downloads up to 20 Dec 2024

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Peer-to-peer botnets: exploring behavioural characteristics and machine/deep learning-based detectionEURASIP Journal on Information Security10.1186/s13635-024-00169-02024:1Online publication date: 27-May-2024
    • (2024)Adversarial Attacks on Network Intrusion Detection Systems Based on Federated LearningAdvanced Intelligent Computing Technology and Applications10.1007/978-981-97-5606-3_13(146-157)Online publication date: 30-Jul-2024
    • (2023)Modern NetFlow network dataset with labeled attacks and detection methodsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605094(1-8)Online publication date: 29-Aug-2023
    • (2023)How to Boost Machine Learning Network Intrusion Detection Performance with Encoding SchemesComputer Information Systems and Industrial Management10.1007/978-3-031-42823-4_21(283-297)Online publication date: 15-Sep-2023
    • (2022)Comparison of Hash Functions for Network Traffic Acquisition Using a Hardware-Accelerated ProbeElectronics10.3390/electronics1111168811:11(1688)Online publication date: 25-May-2022
    • (2022)Cyber Threat Detection Using Machine Learning Algorithms on Heterogeneous MiniVHS-22 Dataset2022 25th International Conference on Computer and Information Technology (ICCIT)10.1109/ICCIT57492.2022.10055036(866-869)Online publication date: 17-Dec-2022

    View Options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format.

    HTML Format

    Login options

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media