Datasets Comparison
Version 1
BUET-DDoS2020
Description
Distributed Denial of Service (DDoS) is one of the most frequent attacks in cloud that cause significant damage, affect the performance and continue to be the predominant security challenge. Over the past decade, research on DDoS attack detection has focused on a few classes of these attacks.
To generate DDoS flooding attack we use three tools namely: hping3, mausezahn and wreckuests. UDP flood attack, TCP SYN flood attack and ICMP flood attack was performed by using hping3. For DNS flood attack mausezahn was used and for HTTP Flood attack wreckuests was used. Tcpdump, a traffic protocol analyzer is used to capture the attack traffic. Moreover, legitimate traffic was also collected using tcpdump from Lab environment network. The captured attack traffic and normal traffic were used to create a new dataset. The dataset has six classes and 1081633 records out of which 1001984 are DDoS attacks.
Distribution of Different Classes.
Types No. of Records
TCP SYN flood attack 551179
ICMP flood attack 136496
UDP flood attack 125774
DNS flood attack 114160
HTTP flood attack 74375
Legitimate traffic 79649
Institutions
Bangladesh University of Engineering and Technology
Categories
Network Security, Denial-of-Service Attack, Cloud Security
Licence
Creative Commons Attribution 4.0 International
Version 2
BUET-DDoS2020
Description
Distributed Denial of Service (DDoS) is one of the most frequent attacks in cloud that cause significant damage, affect the performance and continue to be the predominant security challenge. Over the past decade, research on DDoS attack detection has focused on a few classes of these attacks.
To generate DDoS flooding attack we use three tools namely: hping3, mausezahn and wreckuests. UDP flood attack, TCP SYN flood attack and ICMP flood attack was performed by using hping3. For DNS flood attack mausezahn was used and for HTTP Flood attack wreckuests was used. Tcpdump, a traffic protocol analyzer is used to capture the attack traffic. Moreover, legitimate traffic was also collected using tcpdump from Lab environment network. The captured attack traffic and normal traffic were used to create a new dataset. The dataset has six classes and 1081633 records out of which 1001984 are DDoS attacks.
Distribution of Different Classes.
Types No. of Records
TCP SYN flood attack 551179
ICMP flood attack 136496
UDP flood attack 125774
DNS flood attack 114160
HTTP flood attack 74375
Legitimate traffic 79649
Institutions
Bangladesh University of Engineering and Technology
Categories
Network Security, Denial-of-Service Attack, Cloud Security
Licence
Creative Commons Attribution 4.0 International