EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Introducing UWF-ZeekData22: A Comprehensive Network Traffic Dataset Based on the MITRE ATT&CK Framework

Sikha S. Bagui (), Dustin Mink, Subhash C. Bagui, Tirthankar Ghosh, Russel Plenkers, Tom McElroy, Stephan Dulaney and Sajida Shabanali
Additional contact information
Sikha S. Bagui: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Dustin Mink: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Subhash C. Bagui: Department of Mathematics and Statistics, University of West Florida, Pensacola, FL 32514, USA
Tirthankar Ghosh: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Russel Plenkers: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Tom McElroy: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Stephan Dulaney: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA
Sajida Shabanali: Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA

Data, 2023, vol. 8, issue 1, 1-18

Abstract: With the rapid rate at which networking technologies are changing, there is a need to regularly update network activity datasets to accurately reflect the current state of network infrastructure/traffic. The uniqueness of this work was that this was the first network dataset collected using Zeek and labelled using the MITRE ATT&CK framework. In addition to identifying attack traffic, the MITRE ATT&CK framework allows for the detection of adversary behavior leading to an attack. It can also be used to develop user profiles of groups intending to perform attacks. This paper also outlined how both the cyber range and hadoop’s big data platform were used for creating this network traffic data repository. The data was collected using Security Onion in two formats: Zeek and PCAPs. Mission logs, which contained the MITRE ATT&CK data, were used to label the network attack data. The data was transferred daily from the Security Onion virtual machine running on a cyber range to the big-data platform, Hadoop’s distributed file system. This dataset, UWF-ZeekData22, is publicly available at datasets.uwf.edu.

Keywords: network traffic dataset; Zeek logs; MITRE ATT&CK framework; netflow traffic analyzer; big data; hadoop; spark (search for similar items in EconPapers)
JEL-codes: C8 C80 C81 C82 C83 (search for similar items in EconPapers)
Date: 2023
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/2306-5729/8/1/18/pdf (application/pdf)
https://www.mdpi.com/2306-5729/8/1/18/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jdataj:v:8:y:2023:i:1:p:18-:d:1032471

Access Statistics for this article

Data is currently edited by Ms. Cecilia Yang

More articles in Data from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jdataj:v:8:y:2023:i:1:p:18-:d:1032471