Mikołaj Komisarek, M. Pawlicki, Tomi Simic, David Kavcnik, R. Kozik, M. Choraś
{"title":"Modern NetFlow network dataset with labeled attacks and detection methods","authors":"Mikołaj Komisarek, M. Pawlicki, Tomi Simic, David Kavcnik, R. Kozik, M. Choraś","doi":"10.1145/3600160.3605094","DOIUrl":null,"url":null,"abstract":"Network Intrusion Detection Systems are an important part of cyber-defensive inventory. Currently, Machine-Learning-Based Network Intrusion Detection Systems are being researched as an effective security measure. This paper introduces a novel NetFlow-based dataset geared for the training of machine-learning-based detection systems. The dataset incorporates common cyberattacks such as Denial-of-Service, Port Scanning, and brute-force attacks, which represent significant threats to network security. The efficacy of the dataset is evaluated with the use of four machine learning algorithms, with the detection metrics reported. The dataset is an attempt to fill the vacuum for current, realistic datasets in cybersecurity research. The traffic was collected in a real network in the BTC complex in Ljubljana. The dataset can significantly contribute to enhancing the effectiveness of machine learning-based Network Intrusion Detection Systems.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3600160.3605094","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Network Intrusion Detection Systems are an important part of cyber-defensive inventory. Currently, Machine-Learning-Based Network Intrusion Detection Systems are being researched as an effective security measure. This paper introduces a novel NetFlow-based dataset geared for the training of machine-learning-based detection systems. The dataset incorporates common cyberattacks such as Denial-of-Service, Port Scanning, and brute-force attacks, which represent significant threats to network security. The efficacy of the dataset is evaluated with the use of four machine learning algorithms, with the detection metrics reported. The dataset is an attempt to fill the vacuum for current, realistic datasets in cybersecurity research. The traffic was collected in a real network in the BTC complex in Ljubljana. The dataset can significantly contribute to enhancing the effectiveness of machine learning-based Network Intrusion Detection Systems.