Cyber Attack Evaluation Dataset for Deep Packet Inspection and Analysis

Shandilya, Shishir Kumar and Ganguli, Chirag and Izonin, Ivan and Nagar, Atulya K. (2022) Cyber Attack Evaluation Dataset for Deep Packet Inspection and Analysis. Data in Brief, 46. ISSN 2352-3409

[thumbnail of Dataset_Paper_Final_J4_unmarked.pdf]
Preview
 Text
Dataset_Paper_Final_J4_unmarked.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Download (1MB) | Preview

Abstract

To determine the effectiveness of any defense mechanism, there is a need for comprehensive real-time network data that solely references various attack scenarios based on older software versions or unprotected ports, and so on. This presented dataset has entire network data at the time of several cyber attacks to enable experimentation on challenges based on implementing defense mechanisms on a larger scale. For collecting the data, we captured the network traffic of configured virtual machines using Wireshark and tcpdump. To analyze the impact of several cyber attack scenarios, this dataset presents a set of ten computers connected to Router1 on VLAN1 in a Docker Bridge network, that try and exploit each other. It includes browsing the web and downloading foreign packages including malicious ones. Also, services like File Transfer Protocol (FTP) and Secure Shell (SSH) were exploited using several attack mechanisms. The presented dataset shows the importance of updating and patching systems to protect themselves to a greater extent, by following attack tactics on older versions of packages as compared to the newer and updated ones. This dataset also includes an Apache Server hosted on the different subset on VLAN2 which is connected to the VLAN1 to demonstrate isolation and cross- VLAN communication. The services on this web server were also exploited by the previously stated ten computers. The attack types include: Distributed Denial of Service, SQL Injection, Account Takeover, Service Exploitation (SSH, FTP), DNS and ARP Spoofing, Scanning and Firewall Searching and Indexing (using Nmap), Hammering the services to brute-force passwords and usernames, Malware attacks, Spoofing, and Man-in-the-Middle Attack. The attack scenarios also show various scanning mechanisms and the impact of Insider Threats on the entire network.

Item Type: Article
Additional Information and Comments: © 2022 The Author(s). Published by Elsevier Inc. This version of the article was accepted for publication in Data in Brief. The final version is available open access from https://www.sciencedirect.com/science/article/pii/S235234092200974X
Keywords: Cyber Attacks, Evaluation Dataset, Attack Techniques, Defense Mechanisms
Faculty / Department: Faculty of Human and Digital Sciences > Mathematics and Computer Science
Depositing User: Atulya Nagar
Date Deposited: 03 Jan 2023 11:54
Last Modified: 03 Jan 2023 11:54
URI: https://hira.hope.ac.uk/id/eprint/3732

Actions (login required)

View Item View Item
Altmetric
Hope's Institutional Research Archive (HIRA) is powered by EPrints 3.4 which is developed by the School of Electronics and Computer Science at the University of Southampton. About EPrints | Accessibility