Encrypted Web Traffic Dataset: Event Logs and Packet Traces

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F22%3A00125749" target="_blank" >RIV/00216224:14610/22:00125749 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1016/j.dib.2022.108188" target="_blank" >https://doi.org/10.1016/j.dib.2022.108188</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.dib.2022.108188" target="_blank" >10.1016/j.dib.2022.108188</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Encrypted Web Traffic Dataset: Event Logs and Packet Traces

Popis výsledku v původním jazyce

We present a dataset that captures seven days of monitoring data from eight servers hosting more than 800 sites across a large campus network. The dataset contains data from network monitoring and host-based monitoring. The first set of data are packet traces collected by a probe situated on the network link in front of the web servers. The traces contain encrypted HTTP over TLS 1.2 communication between clients and web servers. The second set of data is an event log captured directly on the web servers. The events are generated by the Internet Information Services (IIS) logging and include both the IIS default features and custom features, such as client port and transferred data volume. Anonymization of all features in the dataset has been carefully carried out to prevent private information leakage while preserving the information value of the dataset. The dataset is suitable mainly for training machine learning techniques for anomaly detection and the identification of relationships between network traffic and events on web servers. We also add tools, settings, and a guide to convert the packet traces to IP flows that are often preferred for network traffic analysis.

Název v anglickém jazyce

Encrypted Web Traffic Dataset: Event Logs and Packet Traces

Popis výsledku anglicky

We present a dataset that captures seven days of monitoring data from eight servers hosting more than 800 sites across a large campus network. The dataset contains data from network monitoring and host-based monitoring. The first set of data are packet traces collected by a probe situated on the network link in front of the web servers. The traces contain encrypted HTTP over TLS 1.2 communication between clients and web servers. The second set of data is an event log captured directly on the web servers. The events are generated by the Internet Information Services (IIS) logging and include both the IIS default features and custom features, such as client port and transferred data volume. Anonymization of all features in the dataset has been carefully carried out to prevent private information leakage while preserving the information value of the dataset. The dataset is suitable mainly for training machine learning techniques for anomaly detection and the identification of relationships between network traffic and events on web servers. We also add tools, settings, and a guide to convert the packet traces to IP flows that are often preferred for network traffic analysis.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Data in Brief

ISSN

2352-3409

e-ISSN

—

Svazek periodika

42

Číslo periodika v rámci svazku

June

Stát vydavatele periodika

NL - Nizozemsko

Počet stran výsledku

10

Strana od-do

1-10

Kód UT WoS článku

000795935500014

EID výsledku v databázi Scopus

2-s2.0-85129507189