Hornet 40: Network Dataset of Geographically Placed Honeypots

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F22%3A00354948" target="_blank" >RIV/68407700:21230/22:00354948 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1016/j.dib.2022.107795" target="_blank" >https://doi.org/10.1016/j.dib.2022.107795</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.dib.2022.107795" target="_blank" >10.1016/j.dib.2022.107795</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Hornet 40: Network Dataset of Geographically Placed Honeypots

Popis výsledku v původním jazyce

Deception technologies, and honeypots in particular, have been used for decades to understand how cyber attacks and attackers work. A myriad of factors impact the effectiveness of a honeypot. However, very few is known about the impact of the geographical location of honeypots on the amount and type of attacks. Hornet 40 is the first dataset designed to help understand how the geolocation of honeypots may impact the inflow of network attacks. The data consists of network flows in binary and text format, with up to 118 features, including 480 bytes of the content of each flow. They were created using the Argus flow collector. The passive honeypots are IP addresses connected to the Internet and do not have any honeypot software running, so attacks are not interactive. The data was collected from identically configured honeypot servers in eight locations: Amsterdam, Bangalore, Frankfurt, London, New York, San Francisco, Singapore, and Toronto. The dataset contains over 4.7 million network flows collected during forty days throughout April, May, and June 2021.

Název v anglickém jazyce

Hornet 40: Network Dataset of Geographically Placed Honeypots

Popis výsledku anglicky

Deception technologies, and honeypots in particular, have been used for decades to understand how cyber attacks and attackers work. A myriad of factors impact the effectiveness of a honeypot. However, very few is known about the impact of the geographical location of honeypots on the amount and type of attacks. Hornet 40 is the first dataset designed to help understand how the geolocation of honeypots may impact the inflow of network attacks. The data consists of network flows in binary and text format, with up to 118 features, including 480 bytes of the content of each flow. They were created using the Argus flow collector. The passive honeypots are IP addresses connected to the Internet and do not have any honeypot software running, so attacks are not interactive. The data was collected from identically configured honeypot servers in eight locations: Amsterdam, Bangalore, Frankfurt, London, New York, San Francisco, Singapore, and Toronto. The dataset contains over 4.7 million network flows collected during forty days throughout April, May, and June 2021.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Data in Brief

ISSN

2352-3409

e-ISSN

—

Svazek periodika

40

Číslo periodika v rámci svazku

February

Stát vydavatele periodika

CH - Švýcarská konfederace

Počet stran výsledku

10

Strana od-do

1-10

Kód UT WoS článku

000787646200036

EID výsledku v databázi Scopus

2-s2.0-85123934105