Contributors
Rochester Institute of Technology
Resource Type
Dataset
Abstract
This document describes the content of the security traffic datasets included in this collection and the conditions under which the packets were collected. These datasets were assembled from 2023 onward. There will be periodic updates or additions to the dataset collection. The current collection includes a variety of nmap intense scans, an Address Resolution Protocol Man in the Middle (ARP MITM) attack, an Internet Control Message Protocol (ICMP) Redirect MITM and an active directory enumeration attack.
New additions include two DNS Covert channel projects. The first builds the covert channel and exploits the DNS TXT resource records. The second includes traffic from various packages including covenant, posh, empire, merlin, metasploit and sliver.
When referencing these datasets, please use the following DOI: 10.57673/gccis-qj60
DOI
10.57673/gccis-qj60
Publication Date
Fall 11-17-2023
Disciplines
Digital Communications and Networking
Recommended Citation
https://doi.org/10.57673/gccis-qj60
Format
pdf, txt, pcapng
College
Golisano College of Computing and Information Sciences
Campus
RIT – Main Campus
ICMP Redir MITM - final-20240228T200837Z-001.zip (2229 kB)
ARP MITM - final-20240228T201412Z-001.zip (8443 kB)
ldap enum - final-20240307T162122Z-001.zip (197 kB)
net-user enum - final-20240307T162124Z-001.zip (305 kB)
DNS C2 Covert Channel Dataset Description.docx (59 kB)
DNS C2 Covert Channel Captures.zip (161 kB)
C2 Dataset Descriptions.docx (223 kB)
covenant.zip (7563 kB)
posh.zip (5291 kB)
empire.zip (2152 kB)
merlin.zip (2680 kB)
metasploit.zip (3223 kB)
sliver.zip (1544 kB)
