网络安全数据集

网络安全数据集
整理自一度苦于找数据集的我。开个坑整理一下公开数据集。
希望有一天能填平（大概）。本文大概会同步到zhihu。

1、数据集集合
Canadian Institute for Cybersecurity datasets
来自加拿大网络安全研究所整理的数据集，包含下列数据集：

Android Malware dataset (InvesAndMal2019)
DDoS dataset (CICDDoS2019)
IPS/IDS dataset on AWS (CSE-CIC-IDS2018)
IPS/IDS dataset (CICIDS2017)
Android Malware dataset (CICAndMal2017)
Android Adware dataset (CICAAGM2017)
DoS dataset (application-layer) 2017
VPN-nonVPN traffic dataset (ISCXVPN2016)
Tor-nonTor dataset (ISCXTor2016)
ISCX-URL dataset (ISCX-URL-2016)
ISCX Android Botnet dataset 2015
ISCX Botnet dataset 2014
ISCX Android Validation dataset 2014
ISCX IDS dataset 2012
ISCX NSL-KDD dataset 2009
数据挖掘与网络安全资源网
包含以下数据集：

[入侵检测] DARPA入侵检测数据集
[入侵检测] KDD Cup 99数据集
[入侵检测] NSL-KDD数据集
[黑客攻击数据集] Honeynet数据集（数据集包括从2000年4月到2011年2月，累计11个月的Snort报警数据，每月大概60-3000多条Snort报警记录，其网络由8个IP地址通过ISDN连接到ISP）
[日志数据] Challenge 2013数据集（提供了某虚构的跨国公司内部网络两周的运行日志，日志类型有3种，分别是网络流量Netflow日志数据和Big Brother 网络健康和状态数据，日志包括：第一、二周的Netflow和Big Brother日志，第二周的入侵预防系统日志数据，通过日志的分析可以找出网络中存在的异常，网络包含的主机和服务器约1100 台，原始日志量接近10 GB，记录数超过9000万行）
恶意软件数据集
Vizsec
该网站包含下列数据集：

UGR’16: A New Dataset for the Evaluation of Cyclostationarity-Based Network IDSs
Stanford Large Network Dataset Collection (SNAP):
APTnotes
Open Malware
Shadow Server Malware Data site
Darpa CGC (known vulnerabilities)
DNS data
SecRepo
malware-traffic-analysis
NETRESEC Data
CTU Data
Digital Corpora
Impact
Kyoto: Traffic Data from Kyoto University’s Honeypots.
The Honeynet Project: Many different types of data for each of their challenges, including pcap, malware, logs.
VAST Challenge 2013: Mini-challenge 3 is related to cybersecurity and includes network flow data, network status data (via big brother), and intrusion prevention system data.
VAST Challenge 2012: This challenge has two mini-challenges, one related to situation awareness (metadata and periodic status reports from all computing equipment) and one to forensics (Firewall and IDS logs).
VAST Challenge 2011: Mini-challenge 2 is related to Cybersecurity - Situational Awareness in Computer Networks (Firewall and IDS logs).
DARPA Intrusion Detection Data: This data set has numerous issues that have been documented in the literature.
ORNL Auto-labeled corpus: A corpus of automatically labeled text data in the cyber security domain.
Industrial Control System (ICS) Cyber Attack Data Set: Data from MSU. The dataset is made up of tuples of timestamp, network protocol (MODBUS), and system information (measurements and settings), and attack attributes.