Serial Number: 62
Year: 2019
Kind of Traffic: Real
Publicly Available: Yes
Count of Records: 823MB
Features Count: 14
No. of citations: 9
Attack Type: TCP FIN flood attack pattern
Download Links: https://online-journals.org/index.php/i-joe/article/view/9848
Abstract: Stiawan et.al. presented TCP FIN FLOOD dataset. The dataset originates from a testbed network containing diverse hardware elements, such as MQ2, DHT22, soil moisture, and water level sensors, in addition to a WeMos D1 microcontroller outfitted with an ESP8266 WiFi module. The accompanying software comprises a MySQL database, denial-of-service (DoS) utilities like Hping3, Apache Web Server, and Snort serving as an intrusion detection system (IDS). Hping3 carries out TCP FIN flood assaults on the network. The testbed adopts a star topology, with two laptops, four sensor nodes, and one server for sniffing and attacking purposes. Each sensor node and the server connect to the network via a wireless router using DHCP for IP address configuration. The dataset, accessible to the public, is produced by executing three scenarios: regular traffic, and TCP FIN flood attack traffic, and a combination of normal data with TCP FIN flood attack traffic. Each scenario is executed for five minutes at sensor nodes and the server, with sniffer modules capturing and saving traffic packets in raw data format (pcap).