CSE-CIC-IDS2018: Network Traffic with 7 Attack Scenarios and 80 Features

A collaborative project between the Communications Security Establishment and the Canadian Institute for Cybersecurity generated this dataset using profiles to systematically create realistic network traffic. It includes seven distinct attack scenarios—Brute-force, Heartbleed, Botnet, DoS, DDoS, Web attacks, and infiltration—simulated across an infrastructure of 50 attacking machines and a victim organization with 420 PCs and 30 servers. The data comprises network traffic and log files, with 80 features extracted using CICFlowMeter-V3.

Use Cases

• Train machine learning models for intrusion detection based on the 80 extracted network traffic features.
• Benchmark anomaly detection algorithms against the seven distinct attack scenarios described.
• Analyze network behavior patterns for specific attacks like DDoS or Botnet using the provided traffic logs.
• Study the characteristics of modern cyber attacks, such as Heartbleed or Web attacks, in a controlled environment.

Strengths

• Includes seven distinct, realistic attack scenarios (Brute-force, Heartbleed, Botnet, DoS, DDoS, Web attacks, infiltration).
• Features 80 network traffic metrics extracted using CICFlowMeter-V3.
• Simulates a substantial victim infrastructure with 420 PCs and 30 servers across 5 departments.
• Generated systematically using profiles, as described in a cited academic paper.

Limitations

• Column-level documentation is absent; field semantics must be inferred after download.
• Row count, file size, and last update date are unknown, which may limit suitability assessment.

Provenance

Source

Canadian Institute for Cybersecurity (CIC) and Communications Security Establishment (CSE).

Collection Method

Generated using profiles to systematically create network traffic and attack simulations in a lab environment.

Time Range

null

Freshness

Last update date is unknown; freshness unverified.

Geography

null