Back

Development of Advanced Intrusion Detection Datasets for Cybersecurity

Severity: Low (Score: 33.9)

Sources: www.unb.ca

Summary

Recent advancements in intrusion detection systems (IDS) have focused on improving dataset reliability for anomaly detection. The CSE-CIC-IDS2018 dataset has been developed to address the shortcomings of previous datasets, which often lack diversity and realism. This new dataset includes seven attack scenarios such as Brute-force, Heartbleed, and DDoS, utilizing a simulated network environment with 50 attacking machines and 420 victim machines. The dataset captures network traffic and system logs, providing 80 features extracted using CICFlowMeter-V3. In contrast, the older CICIDS2017 dataset also aimed to create realistic traffic but was limited by its time frame and the number of user profiles used. Both datasets emphasize the need for dynamic and comprehensive testing environments to enhance the performance of IDS. The ongoing evolution of network behaviors necessitates continuous updates to these datasets to reflect current attack trends. Key Points: • CSE-CIC-IDS2018 dataset includes seven attack scenarios with extensive network simulation. • Previous datasets like CICIDS2017 were criticized for lack of diversity and realism. • Dynamic datasets are essential for effective testing of anomaly detection systems.

Key Entities

  • Botnet (attack_type)
  • Brute Force (attack_type)
  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • DoS (attack_type)
  • XSS (vulnerability)
  • Heartbleed (vulnerability)
  • 172.16.0.1 (ipv4)
  • 172.16.0.11 (ipv4)
  • 192.168.10.14 (ipv4)
  • 192.168.10.15 (ipv4)
  • 192.168.10.25 (ipv4)
  • ARES (apt_group)
  • Zeus (malware)
  • Hydra (malware)
  • T1046 - Network Service Discovery (mitre_attack)
  • T1110 - Brute Force (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • AWS (company)
  • Ubuntu (company)
  • Kali Linux (platform)
  • Linux (platform)
  • Mac OS X (platform)
  • Windows (platform)
  • Windows Vista (platform)
  • Crypto-Locker (ransomware_group)
  • Medusa (ransomware_group)
  • CIC-BenignGenerator (tool)
  • CICFlowMeter (tool)
  • CICFlowMeter-V3 (tool)
  • Hashcat (tool)
  • Hashpump (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed