A Labeled Data Set For Flow-based Intrusion Detection

Anna Sperotto, R. Sadre, Frank van Vliet, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    74 Citations (Scopus)
    345 Downloads (Pure)

    Abstract

    Flow-based intrusion detection has recently become a promising security mechanism in high speed networks (1-10 Gbps). Despite the richness in contributions in this field, benchmarking of flow-based IDS is still an open issue. In this paper, we propose the first publicly available, labeled data set for flow-based intrusion detection. The data set aims to be realistic, i.e., representative of real traffic and complete from a labeling perspective. Our goal is to provide such enriched data set for tuning, training and evaluating ID systems. Our setup is based on a honeypot running widely deployed services and directly connected to the Internet, ensuring attack-exposure. The final data set consists of 14.2M flows and more than 98% of them has been labeled.
    Original languageEnglish
    Title of host publicationIP Operations and Management
    Subtitle of host publication9th IEEE International Workshop, IPOM 2009, Venice, Italy, October 29-30, 2009. Proceedings
    EditorsGiorgio Nunzi, Caterina Scoglio, Xing Li
    Place of PublicationBerlin
    PublisherSpringer
    Pages39-50
    Number of pages12
    ISBN (Electronic)978-3-642-04968-2
    ISBN (Print)978-3-642-04967-5
    DOIs
    Publication statusPublished - 21 Oct 2009
    Event9th IEEE International Workshop on IP Operations and Management, IPOM 2009 - Venice, Italy
    Duration: 29 Oct 200930 Oct 2009
    Conference number: 9

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer
    Volume5843
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Workshop

    Workshop9th IEEE International Workshop on IP Operations and Management, IPOM 2009
    Abbreviated titleIPOM
    CountryItaly
    CityVenice
    Period29/10/0930/10/09

    Keywords

    • METIS-264132
    • EWI-16472
    • IR-68310

    Fingerprint Dive into the research topics of 'A Labeled Data Set For Flow-based Intrusion Detection'. Together they form a unique fingerprint.

  • Cite this

    Sperotto, A., Sadre, R., van Vliet, F., & Pras, A. (2009). A Labeled Data Set For Flow-based Intrusion Detection. In G. Nunzi, C. Scoglio, & X. Li (Eds.), IP Operations and Management: 9th IEEE International Workshop, IPOM 2009, Venice, Italy, October 29-30, 2009. Proceedings (pp. 39-50). (Lecture Notes in Computer Science; Vol. 5843). Berlin: Springer. https://doi.org/10.1007/978-3-642-04968-2_4