6/16/2023 0 Comments Online wireshark pcap viewer![]() Network traffic was captured by a single probe situated to capture all communication between clients outside and web servers inside the university network. Collection of network traffic and web server logs took place for seven days, from the 30th of July to the 6th of August 2021. The data were acquired during normal operation in the campus network of Masaryk University, Brno, Czech Republic. Guide and settings for exporting IP flows from the packet traces. Python scripts used for anonymization of the data capture. Network traffic captured as packet traces divided into multiple PCAP files.Įvents logged by web servers structured as a newline-delimited JSON (JSON Lines) file. ![]() Network and host-based monitoring of encrypted web traffic in a campus network. We also add tools, settings, and a guide to convert the packet traces to IP flows that are often preferred for network traffic analysis. The dataset is suitable mainly for training machine learning techniques for anomaly detection and the identification of relationships between network traffic and events on web servers. Anonymization of all features in the dataset has been carefully carried out to prevent private information leakage while preserving the information value of the dataset. The events are generated by the Internet Information Services (IIS) logging and include both the IIS default features and custom features, such as client port and transferred data volume. The second set of data is an event log captured directly on the web servers. The traces contain encrypted HTTP over TLS 1.2 communication between clients and web servers. The first set of data are packet traces collected by a probe situated on the network link in front of the web servers. The dataset contains data from network monitoring and host-based monitoring. We present a dataset that captures seven days of monitoring data from eight servers hosting more than 800 sites across a large campus network.
0 Comments
Leave a Reply. |