LANDER:attack-tcpsyn-20061106 From Predict Jump to navigation Jump to search The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead. README version: 4024, last modified: 2014-06-6. This file describes the trace dataset "attack-tcpsyn-20061106" provided by the LANDER project. The most recent version of this file can be found on-line at https://wiki.isi.edu/predict/index.php?title=LANDER:attack-tcpsyn-20061106. [ ] Contents • 1 LANDER Metadata • 2 Dataset Contents • 3 Citation • 4 Results Using This Dataset • 5 User Annotations LANDER Metadata (https://wiki.isi.edu/predict/index.php?title=LANDER:attack-tcpsyn-20061106/landermeta) ┌───────────────────────────┬────────────────────────────────────────────────────────────────────────────────────┐ │ dataSetName │ attack-tcpsyn-20061106 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ status │ usc-web-and-predict │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ shortDesc │ tcp syn attack with background traffic │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ longDesc │ This tcp syn attack was captured by a large hosting service. The attack lasted 22 │ │ │ sec and the attack packet rate was about twice the background traffic, 80Kpps, vs. │ │ │ 40Kpps. The trace contains all packets during the attack. │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ datasetClass │ Restricted │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ commercialAllowed │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ requestReviewRequired │ true │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ productReviewRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ ongoingMeasurement │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ submissionMethod │ Upload │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartDate │ 2006-11-06 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionStartTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndDate │ 2006-11-06 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ collectionEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartDate │ 2012-01-27 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityStartTime │ 17:04:36 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndDate │ 2030-01-01 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ availabilityEndTime │ 00:00:00 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ anonymization │ cryptopan/full │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ archivingAllowed │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ keywords │ category:ip-packet-headers, subcategory:ip-packet-headers, packet-header, dos │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ format │ pcap │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ access │ https │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ hostName │ USC-LANDER │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ providerName │ USC │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingId │ │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ groupingSummaryFlag │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ retrievalInstructions │ download │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ byteSize │ 102760448 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ expirationDays │ 14 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ uncompressedSize │ 296097785 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ impactDoi │ 10.23721/109/1353617 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ useAgreement │ dua-ni-160816 │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ irbRequired │ false │ ├───────────────────────────┼────────────────────────────────────────────────────────────────────────────────────┤ │ privateAccessInstructions │ See http://www.isi.edu/ant/traces/index.html#getting_datasets for information on │ │ │ obtaining this dataset. │ │ │ See https://wiki.isi.edu/predict/index.php?title=LANDER:attack-tcpsyn-20061106 for │ │ │ details on this dataset. │ └───────────────────────────┴────────────────────────────────────────────────────────────────────────────────────┘ Dataset Contents attack-tcpsyn-20061106.README.txt     copy of this README data/     attack-tcpsyn-20061106.pcap.gz gzip of a pcap trace     .sha1sum SHA-1 checksum Subdirectory "data" contains a gzip-compressed pcap file containing packet headers of background traffic and the tcp syn attack. The file ".sha1sum" contains SHA1 checksums of individual compressed files. The integrity of the distribution thus can be checked by independently calculating SHA1 sums of files and comparing them with those listed in the file. If you have the sha1sum utility installed on your system, you can do that by executing: sha1sum --check .sha1sum This has to be done before files are uncompressed. Citation If you use this trace to conduct additional research, please cite it as: Scrambled Internet Trace Measurement dataset, PREDICT ID USC-LANDER/attack-tcpsyn-20061106. Traces taken 2006-11-06. Provided by the USC/LANDER project http://www.isi.edu/ant/lander. Results Using This Dataset Traces similar to this one have been used the following previously published work: [ None as yet ] User Annotations Suggestion: Edit the annotations at https://wiki.isi.edu/predict/index.php?title=LANDERNOTES:attack-tcpsyn-20061106&action=edit First malicious packet is No. 1146292 at Time: 50.869864 . From a single host to a single victim. Attack seems to be a Synscan { nmap -sS -O -A } with OS and version detection. Ends at Time: 62.304764 . Retrieved from "https://wiki.isi.edu/predict/index.php?title=LANDER:attack-tcpsyn-20061106&oldid=4024" Categories: • LANDER • LANDER:Datasets • Datasets Navigation menu Personal tools • Wikiexport • Talk • Preferences • Watchlist • Contributions • Log out Namespaces • LANDER • Discussion [ ] English Views • Read • Edit • View history • Watch [ ] More • Move _____________________ [ Search ] [ Go ] Navigation • Main page • Providers • Datasets • Results • Categories • Recent changes • Random page • Help Tools • What links here • Related changes • Upload file • Special pages • Permanent link • Page information • This page was last edited on 6 June 2014, at 14:31. • Content is available under Attribution-Share Alike 3.0 Unported unless otherwise noted. • Privacy policy • About Predict • Disclaimers • Attribution-Share Alike 3.0 Unported • Powered by MediaWiki