Master-Program : Communication Systems and Networks
The UNSW-NB 15 data set is created in the Cyber Range Lab of the Australian Centre for Cyber Security (ACCS) for generating a hybrid of real modern normal activities and synthetic contemporary attack behaviours.
This data set has nine families of attacks, namely - Fuzzers, Analysis, Backdoors, DoS, Exploits, Generic, Reconnaissance, Shellcode and Worms.
The Argus, Bro-IDS tools are utilised and twelve algorithms are developed to generate totally 49 features with the class label.
These features are described in UNSW-NB15_freatures.csv file.
FourCSV files of the data records are provided and each CSV file contains attack and normal records.
The names of the CSV files are UNSWNB15_1.csv, UNSW-NB15_2.csv, UNSW-NB15_3.csv and UNSW-NB15_4.csv.
Each of the first three CSV files contains 700,001 records and the fourth file contains 440,044 records.
The ground truth table is named UNSWNB15_GT.csv.
The list of event file is labelled UNSWNB15_LIST_EVENTS.csv which contains attack category and subcategory.
A partition from this data set is configured as a training set and testing set, namely, UNSW_NB15_training-set.csv and UNSW_NB15_testing-set respectively.
The number of records in the training set is 175,341 records and the testing set is 82,332 records from different the types of attack and normal.
The overall features can be broadly divided into three groups. Refer to UNSW-NB15_features.csv
Flow Based (Feature 1-5).
Additional Generated Features.
Labelled Features(Feature 48-49).
Packet Based Features can be sub-divided into following:
Basic Features(Feature 6-18)
Content Based (Feature 19-26).
Time Based (Feature 27-35).
Additional Generated Features can be sub-divided into following: