Author
Listed:
- Sikha S. Bagui
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Dustin Mink
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Subhash C. Bagui
(Department of Mathematics and Statistics, University of West Florida, Pensacola, FL 32514, USA)
- Tirthankar Ghosh
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Russel Plenkers
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Tom McElroy
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Stephan Dulaney
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
- Sajida Shabanali
(Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA)
Abstract
With the rapid rate at which networking technologies are changing, there is a need to regularly update network activity datasets to accurately reflect the current state of network infrastructure/traffic. The uniqueness of this work was that this was the first network dataset collected using Zeek and labelled using the MITRE ATT&CK framework. In addition to identifying attack traffic, the MITRE ATT&CK framework allows for the detection of adversary behavior leading to an attack. It can also be used to develop user profiles of groups intending to perform attacks. This paper also outlined how both the cyber range and hadoop’s big data platform were used for creating this network traffic data repository. The data was collected using Security Onion in two formats: Zeek and PCAPs. Mission logs, which contained the MITRE ATT&CK data, were used to label the network attack data. The data was transferred daily from the Security Onion virtual machine running on a cyber range to the big-data platform, Hadoop’s distributed file system. This dataset, UWF-ZeekData22, is publicly available at datasets.uwf.edu.
Suggested Citation
Sikha S. Bagui & Dustin Mink & Subhash C. Bagui & Tirthankar Ghosh & Russel Plenkers & Tom McElroy & Stephan Dulaney & Sajida Shabanali, 2023.
"Introducing UWF-ZeekData22: A Comprehensive Network Traffic Dataset Based on the MITRE ATT&CK Framework,"
Data, MDPI, vol. 8(1), pages 1-18, January.
Handle:
RePEc:gam:jdataj:v:8:y:2023:i:1:p:18-:d:1032471
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jdataj:v:8:y:2023:i:1:p:18-:d:1032471. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jdataj/v8y2023i1p18-d1032471.html
