LANDER:Mirai-FRGP-scanning-20160908 From Predict Jump to navigation Jump to search The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead. README version: 10326, last modified: 2019-03-4. This file describes the trace dataset "Mirai-FRGP-scanning-20160908" provided by the LANDER project. The most recent version of this file can be found on-line at https://wiki.isi.edu/predict/index.php?title=LANDER:Mirai-FRGP-scanning-20160908. [ ] Contents • 1 LANDER Metadata • 2 Dataset Contents • 3 Dataset Generation • 4 Citation • 5 Results Using This Dataset • 6 User Annotations LANDER Metadata (https://wiki.isi.edu/predict/index.php?title=LANDER:Mirai-FRGP-scanning-20160908/landermeta) ┌───────────────────────────┬────────────────────────────────────────────────────────────────────────────────────┐ │ dataSetName │ Mirai-FRGP-scanning-20160908 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ status │ usc-web-and-predict │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ shortDesc │ Mirai scanning observed at a regional ISP │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ longDesc │ The dataset represents flows that match the Mirai scanning signature. It includes │ │ │ CSV files showing information extracted from only Mirai-identified Argus TCP flows │ │ │ with destination ports 23 and 2323. The dataset is collected at a regional ISP │ │ │ during the months of September and October of 2016. │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ datasetClass │ Quasi-Restricted │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ commercialAllowed │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ requestReviewRequired │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ productReviewRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ ongoingMeasurement │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ submissionMethod │ Upload │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartDate │ 2016-09-08 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndDate │ 2016-10-31 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartDate │ 2017-05-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndDate │ 2030-01-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ anonymization │ cryptopan/host │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ archivingAllowed │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ keywords │ category:traffic-flow-data, subcategory:continuous-flow-data, internet, botnet, │ │ │ scanning, mirai │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ format │ CSV │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ access │ https │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ hostName │ USC-LANDER │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ providerName │ USC │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingId │ │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingSummaryFlag │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ retrievalInstructions │ download │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ byteSize │ 608672153600 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ expirationDays │ 14 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ uncompressedSize │ 2061760010424 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ impactDoi │ 10.23721/109/1354226 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ useAgreement │ dua-ni-160816 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ irbRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ privateAccessInstructions │ See http://www.isi.edu/ant/traces/index.html#getting_datasets for information on │ │ │ obtaining this dataset. │ │ │ See │ │ │ https://wiki.isi.edu/predict/index.php?title=LANDER:Mirai-FRGP-scanning-20160908 │ │ │ for details on this dataset. │ └───────────────────────────┴────────────────────────────────────────────────────────────────────────────────────┘ Dataset Contents Mirai-FRGP-scanning-20160908.README.txt copy of this README      Data/ CSV files (compressed with gzip); Each file has 24 hours worth of data. The     YYYY-MM-DD.csv.gz data includes the following Argus fields for each Mirai-identified flow: stime(Unix Timestamp),proto,saddr,daddr,sport,dport,spkts,dpkts,sbytes,dbytes,stcpb,state The corresponding Argus files with background traffic for this dataset are also available as part of the daily Argus datasets provided by the USC/LANDER project (http://www.isi.edu/ant/lander) and can be requested separately. Dataset Generation The dataset represents flows that match the Mirai scanning signature. It includes CSV files showing information extracted from only Mirai-identified Argus TCP flows with destination ports 23 and 2323. The dataset is collected at a regional ISP during the months of September and October of 2016. The data is anonymized by scrambling the last byte of each IP address in a prefix preserving manner. The anonymization key changes every two weeks. For this dataset the anonymization is consistent for each of the following periods: 2016-09-08 to 2016-09-13 2016-09-14 to 2016-09-27 2016-09-28 to 2016-10-12 2016-10-13 to 2016-10-25 2016-10-26 to 2016-10-31 Citation If you use this trace to conduct additional research, please cite it as: FRGP (www.frgp.net) Continuous Flow Dataset, IMPACT ID: USC-LANDER/Mirai-FRGP-scanning-20160908/rev10326 . Traces taken 2016-09-08 to 2016-10-31. Provided by the USC/LANDER project (http://www.isi.edu/ant/lander). Results Using This Dataset None to date. User Annotations Suggestion: Edit the annotations at https://wiki.isi.edu/predict/index.php?title=LANDERNOTES:Mirai-FRGP-scanning-20160908&action=edit Currently no annotations. Retrieved from "https://wiki.isi.edu/predict/index.php?title=LANDER:Mirai-FRGP-scanning-20160908&oldid=10326" Categories: • Datasets • LANDER • LANDER:Datasets • LANDER:Datasets:CSU • LANDER:Datasets:CSU:FRGP Navigation menu Personal tools • Wikiexport • Talk • Preferences • Watchlist • Contributions • Log out Namespaces • LANDER • Discussion [ ] English Views • Read • Edit • View history • Watch [ ] More • Move _____________________ [ Search ] [ Go ] Navigation • Main page • Providers • Datasets • Results • Categories • Recent changes • Random page • Help Tools • What links here • Related changes • Upload file • Special pages • Permanent link • Page information • This page was last edited on 4 March 2019, at 18:07. • Content is available under Attribution-Share Alike 3.0 Unported unless otherwise noted. • Privacy policy • About Predict • Disclaimers • Attribution-Share Alike 3.0 Unported • Powered by MediaWiki