网络流数据集

网络安全数据集可以参考https://blog.youkuaiyun.com/answer3lin/article/details/82966360

网络流数据集

    HTTP DATASET CSIC 2010

     是针对WEB服务的请求，已标注，分三块：正常训练集、正常测试集和异常测试集。

• What is this?
• The HTTP dataset CSIC 2010 contains thousands of web requests automatically generated.
• It can be used for the testing of web attack protection systems.
• It was developed at the “Information Security Institute” of CSIC (Spanish Research National Council).
• The HTTP dataset CSIC 2010 contains the generated traffic targeted to an e- Commerce web application developed at our department.
• The dataset is generated automatically and contains 36,000 normal requests and more than 25,000 anomalous requests. 
• The traffic is generated following the next steps: 
          First, real data are collected for all the parameters of the web application. All the data (names, surnames, addresses, etc.) are extracted from real databases. These values are stored in two databases: one for the normal values and other for the anomalous ones. Additionally, all the public available pages of the web application are listed. 
          Next, normal and anomalous requests are generated for every web page. In the case that normal requests have parameters, the parameter values are filled out with data taken from the normal database randomly. The process is analogous for anomalous requests, where the values of the parameters are taken from the anomalous database.

• The dataset is divided into three different subsets. One subset for the training phase, which has only normal traffic. And two subsets for the test phase, one with normal traffic and the other one with malicious traffic.

• Download: 
  
  Normal Traffic (Training) 
  
  Normal Traffic (Test) 
  
  Anomalous Traffic (Test)