Friday, August 14, 2009

Link to 2009 Inter-Service Academy Datasets

Here is a link to the datasets and West Point logs from the 2009 Inter-Service Academy Cyber Defense Exercise.

http://www.itoc.usma.edu/research/dataset/

14 comments:

  1. Hi,
    I have been looking on the datasets but I really don't understand in what sense they are labeled. Is it the Snort log that is the labeling?

    ReplyDelete
  2. The use of the logs (such as Snort) is as close to labeling as we have right now. We have begun the process of labeling the dataset, but aren't at a point to release a "labeled" product.

    ReplyDelete
  3. OK, I guess it was Richard's post at Taosecurity that made me think that the data was completely labeled. Thanks for your work. I am looking forward to the labeled product.

    ReplyDelete
  4. This dataset is a perfect candidate for bittorrent. Any plans for that?

    ReplyDelete
  5. I'll look into it and post something this afternoon or tomorrow.

    ReplyDelete
  6. All these pcaps and then some are now fully indexed for contextual search and extract at
    http://www.pcapr.net/forensics. We call this Collaborative Network Forensics.

    ReplyDelete
  7. The Snort Intrusion Detection Log file is for Data Capture from National Security Agency (NSA), or Data Capture Outside West Point Network Border?

    ReplyDelete
  8. The Snort log file is from the border router for the West Point network. Most alerts triggered are from attacks launched from the NSA Red Cell...but there may be a few from other academies IF and ONLY IF the NSA compromised a machine on another academy's network and launched the attack from there. There was no inter-academy attacks.

    ReplyDelete
  9. Has anyone else experienced MD5 checksum mismatches with the datasets?

    I am downloading the dumps using Orbit Downloader and checksummed them with MD5ContextMenu.

    Unluckily I dont have any other Linux/BSD box to double check.

    Should I fetch the sets again or the post in the website contains wrong checksums (I assume this is not the case)?

    Thanks a lot for this datasets, luckily we can all move forward and stop using the decade old Darpa sets.

    ReplyDelete
  10. After a quick and dirty test I can it seems pausing and resuming the download alters the checksum. I am redownloading the sets, sorry for the noise!

    ReplyDelete
  11. Sorry I am new to this site I am have trouble in knowing how to open or view these data set in which viewer i should open it. System gets hanged when I tries to open in notepad; Should I open it in linux? Please help me out....

    ReplyDelete
  12. Could Someone please just say how to view the dataset.... in which viewer..... Please.... I am an M.Tech Student.... I am asking this for doing some project related with IDS...... Someone Please help me out.... Please

    ReplyDelete