FILES

Download: files Zip File

Abstract

Number of Instances:	208569	Security Area:	Files
Number of Attributes:	23	Date Donated:	2012
Missing Values?	-	Associated ML Tasks:	Network Analysis

Source

Mike Sconzo

Security Repository

Secrepo.com

Dataset Information

An interface for driving the analysis of files, possibly independent of any network protocol over which they’re transported.

Attribute Information

	Data Type	Count	Unique Values	Missing Values
ts	float64	208569	208495	0
fuid	object	208569	208456	0
tx_hosts	object	208569	15487	0
rx_hosts	object	208569	769	0
conn_uids	object	208569	92431	0
source	object	208569	2	0
depth	int64	208569	1	0
analyzers	object	208569	3	0
mime_type	object	208388	40	181
filename	object	11362	7175	197207
duration	float64	208569	55757	0
local_orig	float64	0	0	208569
is_orig	object	208569	2	0
seen_bytes	int64	208569	40352	0
total_bytes	float64	153417	32804	55152
missing_bytes	int64	208569	207	0
overflow_bytes	int64	208569	1	0
timedout	object	208569	2	0
parent_fuid	float64	0	0	208569
md5	object	208271	126044	298
sha1	object	208271	126044	298
sha256	float64	0	0	208569
extracted	float64	0	0	208569

Relevant Papers

Bro Logs http://gauss.ececs.uc.edu/Courses/c6055/pdf/bro_log_vars.pdf

Neise, Patrick. "Intrusion Detection Through Relationship Analysis". Oct 2016 https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-relationship-analysis-37352

Frances Bernadette C. De Ocampo, Trisha Mari L. Del Castillo, Miguel Alberto N. Gomez. "AUTOMATED SIGNATURE CREATOR FOR A SIGNATURE BASED INTRUSION DETECTION SYSTEM WITH NETWORK ATTACK DETECTION CAPABILITIES". 2013 http://sdiwc.net/digital-library/automated-signature-creator-for-a-signature-based-intrusion-detection-system-with-network-attack-detection-capabilities-pancakes.html

Associate Data Science Notebook