Geolocation IP Datasets G7, G15, and G40 for Hornet 7, Hornet 15, and Hornet 40 Datasets
Description
Geolocation IP Datasets G7, G15, and G40 for Hornet 7, Hornet 15, and Hornet 40 Datasets The G7.csv, G15.csv, and G40.csv files contain geolocation Information for all resolvable Distinct Source IP Addresses for Hornet 7 [1], Hornet 15 [2], and Hornet 40 [3] datasets created by Valeros, Veronica in 2021. The influence of geo-economics on cyberattacks is being investigated. The datasets consists of eight fields: status,continent,continentCode,country,countryCode,region,regionName,city,lat,lon,timezone,offset,currency,isp,org,as,asname,mobile,proxy,hosting,query,SrcAdd,Count (a) SrcAdd - distinct attacking source IPs, and (2) Count - corresponding attack counts (the number of net-flow records per distinct source IP). The meaning of other fields can be checked at IP-API.com (IP geolocation API web service) Ref: [1] Valeros, Veronica (2021), “Hornet 7: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V3, doi: 10.17632/w6yskg3ffy.3 [2] Valeros, Veronica (2021), “Hornet 15: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V2, doi: 10.17632/rry7bhc2f2.2 [3] Valeros, Veronica (2021), “Hornet 15: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V2, doi: 10.17632/rry7bhc2f2.2
Files
Steps to reproduce
(1) The latest versions of the three Hornet landmark datasets (Hornet 7, Hornet 15, and Hornet 40) were downloaded and the netflow-v5 archives were extracted. (2) The following attacking source information was extracted: (a) distinct attacking source IPs, and (2) corresponding attack counts (the number of net-flow records per distinct source IP). (3) Using the IP-API.com (IP geolocation API web service) the geolocation information about the extracted attacking source IP addresses was collected for each dataset.