Download: dns Zip File
| Number of Instances: | 427935 | Security Area: | Network Protocols |
|---|---|---|---|
| Number of Attributes: | 23 | Date Donated: | 2012 |
| Missing Values? | - | Associated ML Tasks: | Network Analysis |
Mike Sconzo
Security Repository
Secrepo.com
Base DNS analysis script which tracks and logs DNS queries along with their responses.
| Data Type | Count | Unique Values | Missing Values | |
|---|---|---|---|---|
| ts | float64 | 427935 | 231268 | 0 |
| uid | object | 427935 | 162496 | 0 |
| id.orig_h | object | 427935 | 253 | 0 |
| id.orig_p | int64 | 427935 | 34063 | 0 |
| id.resp_h | object | 427935 | 1230 | 0 |
| id.resp_p | int64 | 427935 | 4 | 0 |
| proto | object | 427935 | 2 | 0 |
| port | int64 | 427935 | 61844 | 0 |
| query | object | 424287 | 5177 | 3648 |
| qclass | float64 | 424287 | 3 | 3648 |
| qclass_name | object | 424287 | 3 | 3648 |
| qtype | float64 | 424287 | 13 | 3648 |
| qtype_name | object | 424287 | 13 | 3648 |
| rcode | float64 | 55734 | 15 | 372201 |
| rcode_name | object | 55734 | 15 | 372201 |
| QR | object | 427935 | 2 | 0 |
| AA | object | 427935 | 1 | 0 |
| TC | object | 427935 | 2 | 0 |
| RD | object | 427935 | 2 | 0 |
| Z | int64 | 427935 | 2 | 0 |
| answers | object | 1977 | 139 | 425958 |
| TTLs | object | 1977 | 378 | 425958 |
| rejected | object | 427935 | 2 | 0 |
Bro Logs http://gauss.ececs.uc.edu/Courses/c6055/pdf/bro_log_vars.pdf
Intrusion Detection Through Relationship Analysis https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-relationship-analysis-37353