LANDER:NCCDC logs-20110408 From Predict README version: 8429, last modified: 2018-02-13. This file describes the trace dataset "NCCDC_logs-20110408" provided by the LANDER project. Contents • 1 LANDER Metadata • 2 Dataset Contents • 3 Dataset Generation • 3.1 Background • 3.2 Setup • 4 Citation • 5 Results Using This Dataset • 6 User Annotations LANDER Metadata ┌───────────────────────────┬────────────────────────────────────────────────────────────────────────────────────┐ │ dataSetName │ NCCDC_logs-20110408 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ status │ usc-web-and-predict │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ shortDesc │ 2011 NC Cyber Defense Competition │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ longDesc │ These log files are packet captures from the 2011 National Collegiate Cyber │ │ │ Defense Competition (nccdc.org). CCDC is a multi-day competition that specifically │ │ │ focuses on the operational aspects of managing and protecting an existing │ │ │ "commercial" network infrastructure. Teams of undergraduate/graduate students are │ │ │ provided with a fully functional (but insecure) small business network they must │ │ │ secure, maintain, and defend against a live Red Team. │ │ │ │ │ │ Teams must also respond to business tasks called "injects" throughout the │ │ │ competition. │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ datasetClass │ Quasi-Restricted │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ commercialAllowed │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ requestReviewRequired │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ productReviewRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ ongoingMeasurement │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ submissionMethod │ Upload │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartDate │ 2011-04-08 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndDate │ 2011-04-10 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartDate │ 2018-03-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndDate │ 2030-01-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ anonymization │ none │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ archivingAllowed │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ keywords │ category:synthetically-generated-data, subcategory:experimental-data, synthetic │ │ │ data, nccdc │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ format │ │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ access │ https │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ hostName │ USC-LANDER │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ providerName │ USC │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingId │ │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingSummaryFlag │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ retrievalInstructions │ download │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ byteSize │ 392134918144 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ expirationDays │ 14 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ uncompressedSize │ 392133868115 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ impactDoi │ 10.23721/115/1354739 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ useAgreement │ dua-ni-160816 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ irbRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ privateAccessInstructions │ See http://www.isi.edu/ant/traces/index.html#getting_datasets for information on │ │ │ obtaining this dataset. │ │ │ See │ └───────────────────────────┴────────────────────────────────────────────────────────────────────────────────────┘ Dataset Contents NCCDC_logs-20110408.README.txt     copy of this README dayone/     dayone.NNN.pcap sequentially numbered pcap traces from the day 1 of competition     .sha1sum SHA-1 checksum daytwo/     daytwo.NNN.pcap sequentially numbered pcap traces from the day 2 of competition     .sha1sum SHA-1 checksum daythree/     daythree.NNN.pcap sequentially numbered pcap traces from the day 3 of competition     .sha1sum SHA-1 checksum The file ".sha1sum" contains SHA1 checksums of individual compressed files. The integrity of the distribution thus can be checked by independently calculating SHA1 sums of files and comparing them with those listed in the file. If you have the sha1sum utility installed on your system, you can do that by executing: sha1sum --check .sha1sum This has to be done before files are uncompressed. Dataset Generation Background These packet captures were obtained from the 2011 National Collegiate Cyber Defense Competition (NCCDC) held April in San Antonio, TX (http://www.nccdc.org). The NCCDC is the National Championship event for the Collegiate Cyber Defense Competition (CCDC) program. CCDC is the first competition system that focuses on the operational aspect of managing and protecting an existing commercial network infrastructure. CCDC allows teams of undergraduate and graduate students at universities across the United States to exercise their academic and technical education and compete in a business oriented, defensive information assurance competition. CCDC is a tiered competition with qualifying and regional events leading to a national championship. CCDC competitions ask student teams to assume administrative and protective duties for an existing commercial network typically a small company with 50+ users, 10 to 12 servers, and common Internet services such as a web server, mail server, and an e-commerce site. Each team begins the competition with an identical set of hardware and software and is scored on their ability to detect and respond to outside threats, maintain availability of existing services, respond to business requests such as the creation of a new e-commerce site, and balance security best practices against business needs. The competition is scored based on several factors including availability of services, response to business tasks, and defense of the network against attack. A Red Team provides the real-world, external threat all Internet based services face and allows the teams to match their defensive skills against live opponents. Teams must also respond to business tasks called "injects" throughout the competition. Setup The competing teams were assigned the following networks: 10.10.10.X Team 1 10.20.20.X Team 2 10.30.30.X Team 3 10.40.40.X Team 4 10.50.50.X Team 5 10.60.60.X Team 6 10.70.70.X Team 7 10.80.80.X Team 8 10.90.90.X Team 9 172.16.10.X Team 1 172.16.20.X Team 2 172.16.30.X Team 3 172.16.40.X Team 4 172.16.50.X Team 5 172.16.60.X Team 6 172.16.70.X Team 7 172.16.80.X Team 8 172.16.90.X Team 9 The Red Team was allowed to use any valid source address in the following subnets: 10.160.0.1 192.168.1.1 192.168.12.1 192.168.31.1 192.168.32.1 192.168.33.1 192.168.41.1 192.168.42.1 192.168.43.1 192.168.51.1 192.168.52.1 192.168.53.1 192.168.54.1 192.168.57.1 192.168.58.1 192.168.59.1 192.168.60.1 192.168.65.1 192.168.66.1 192.168.67.1 192.168.6.1 192.168.8.1 192.168.231.1 192.168.239.1 10.130.0.1 Citation If you use this trace to conduct additional research, please cite it as: NCCDC Logs, IMPACT ID: USC-LANDER/NCCDC_logs-20110408/rev8429 . Traces taken 2011-04-08 to 2013-04-10. Provided by the Center for Infrastructure Assurance and Security (UTSA/CIAS) and hosted by the USC/LANDER project (http://www.isi.edu/ant/lander). Results Using This Dataset No results yet. User Annotations Currently no annotations. Categories: • LANDER • LANDER:Datasets • LANDER:Datasets:PCH • LANDER:Datasets:NCCDCLogs • Datasets