FILES

Download: files Zip File

Abstract

Number of Instances:	139034	Security Area:	Files
Number of Attributes:	23	Date Donated:	2012
Missing Values?	-	Associated ML Tasks:	Network Analysis

Source

Mike Sconzo

Security Repository

Secrepo.com

Dataset Information

An interface for driving the analysis of files, possibly independent of any network protocol over which they’re transported.

Attribute Information

	Data Type	Count	Unique Values	Missing Values
ts	float64	139034	139002	0
fuid	object	139034	139009	0
tx_hosts	object	139034	10879	0
rx_hosts	object	139034	625	0
conn_uids	object	139034	57785	0
source	object	139034	1	0
depth	int64	139034	1	0
analyzers	object	139034	3	0
mime_type	object	139007	38	27
filename	object	7740	4849	131294
duration	float64	139034	37688	0
local_orig	float64	0	0	139034
is_orig	object	139034	2	0
seen_bytes	int64	139034	31326	0
total_bytes	float64	100416	25802	38618
missing_bytes	int64	139034	77	0
overflow_bytes	int64	139034	1	0
timedout	object	139034	2	0
parent_fuid	float64	0	0	139034
md5	object	138925	87146	109
sha1	object	138925	87146	109
sha256	float64	0	0	139034
extracted	float64	0	0	139034

Relevant Papers

Bro Logs http://gauss.ececs.uc.edu/Courses/c6055/pdf/bro_log_vars.pdf

Neise, Patrick. "Intrusion Detection Through Relationship Analysis". Oct 2016 https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-relationship-analysis-37352

Frances Bernadette C. De Ocampo, Trisha Mari L. Del Castillo, Miguel Alberto N. Gomez. "AUTOMATED SIGNATURE CREATOR FOR A SIGNATURE BASED INTRUSION DETECTION SYSTEM WITH NETWORK ATTACK DETECTION CAPABILITIES". 2013 http://sdiwc.net/digital-library/automated-signature-creator-for-a-signature-based-intrusion-detection-system-with-network-attack-detection-capabilities-pancakes.html

Associate Data Science Notebook