HTTP

Download: http Zip File

Abstract

Number of Instances:	159346	Security Area:	Network Protocols
Number of Attributes:	27	Date Donated:	2012
Missing Values?	-	Associated ML Tasks:	Network Analysis

Source

Mike Sconzo

Security Repository

Secrepo.com

Dataset Information

Implements base functionality for HTTP analysis. The logging model is to log request/response pairs and all relevant metadata together in a single record.

Attribute Information

	Data Type	Count	Unique Values	Missing Values
ts	float64	159346	159336	0
uid	object	159346	67478	0
id.orig_h	object	159346	128	0
id.orig_p	int64	159346	1079	0
id.resp_h	object	159346	11820	0
id.resp_p	int64	159346	65	0
trans_depth	int64	159346	186	0
method	object	159277	6	69
host	object	157769	10969	1577
uri	object	159277	91578	69
referrer	object	128257	9908	31089
user_agent	object	158088	410	1258
request_body_len	int64	159346	417	0
response_body_len	int64	159346	31314	0
status_code	float64	157452	26	1894
status_msg	object	157452	65	1894
info_code	float64	15	1	159331
info_msg	object	15	1	159331
filename	float64	0	0	159346
tags	object	159346	2	0
username	object	2	1	159344
password	float64	0	0	159346
proxied	object	3	1	159343
orig_fuids	object	2448	2448	156898
orig_mime_types	object	2448	7	156898
resp_fuids	object	136587	136560	22759
resp_mime_types	object	136587	40	22759

Relevant Papers

Bro Logs http://gauss.ececs.uc.edu/Courses/c6055/pdf/bro_log_vars.pdf

Neise, Patrick. "Intrusion Detection Through Relationship Analysis". Oct 2016 https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-relationship-analysis-37352

Frances Bernadette C. De Ocampo, Trisha Mari L. Del Castillo, Miguel Alberto N. Gomez. "AUTOMATED SIGNATURE CREATOR FOR A SIGNATURE BASED INTRUSION DETECTION SYSTEM WITH NETWORK ATTACK DETECTION CAPABILITIES". 2013 http://sdiwc.net/digital-library/automated-signature-creator-for-a-signature-based-intrusion-detection-system-with-network-attack-detection-capabilities-pancakes.html

Associate Data Science Notebook