Detailed Information on Publication Record
2020
Dataset of intrusion detection alerts from a sharing platform
HUSÁK, Martin, Martin ŽÁDNÍK, Václav BARTOŠ and Pavol SOKOLBasic information
Original name
Dataset of intrusion detection alerts from a sharing platform
Authors
HUSÁK, Martin (203 Czech Republic, guarantor, belonging to the institution), Martin ŽÁDNÍK (203 Czech Republic), Václav BARTOŠ (203 Czech Republic) and Pavol SOKOL (703 Slovakia)
Edition
Data in Brief, Elsevier, 2020, 2352-3409
Other information
Language
English
Type of outcome
Článek v odborném periodiku
Field of Study
10200 1.2 Computer and information sciences
Country of publisher
Netherlands
Confidentiality degree
není předmětem státního či obchodního tajemství
RIV identification code
RIV/00216224:14610/20:00116889
Organization unit
Institute of Computer Science
UT WoS
000600652300195
Keywords in English
Cyber security;Intrusion detection alerts;Information exchange;Geolocation;Reputation
Tags
Tags
International impact, Reviewed
Změněno: 27/4/2021 12:04, Mgr. Alena Mokrá
Abstract
V originále
The dataset contains intrusion detection alerts obtained via an alert sharing platform (SABU) for one week. A plethora of heterogeneous intrusion detection systems deployed across several organizations contributed to the sharing platform. The alerts are stored in the intrusion Detection Extensible Alert (IDEA) format and categorized using the eCSIRT.net Incident Taxonomy. Dataset can be used in several areas of cybersecurity research for the analysis of intrusion detection alerts including temporal and spatial correlations, reputation scoring, attack scenario reconstruction, and attack projection. The network identifiers (e.g., IP addresses, hostnames) are anonymized. However, the list of interesting features (e.g., presence on blacklists, geolocation) of such entities at the time of data collection is provided.
Links
| EF16_019/0000822, research and development project |
|