mcfp DAtaset
These datasets were captured in the CTU University in Czech Republic. The files on each dataset are usually very large so they are stored in a server in the University. This web page only has links to them. The folder were each dataset is stored has more information about it, such as NetFlow files, HTTP logs, and DNS information. These files are updated regularly when new information is extracted.
An analysis of each malware behavior will be published in the Botnet Analysis page.
An analysis of each malware behavior will be published in the Botnet Analysis page.
description Paper
Datasets 42 to 54 were deeply studied and described in our paper An Empirical Comparison of Botnet Detection Methods. In the paper there is a description of the labeling process and how it was used for comparison of botnet detection methods.
ctu-13 Dataset of labeled botnet, normal and background traffic
A description of the CTU-13 dataset and the download links are in the web page CTU-13-Dataset
download
The datasets can be downloaded from from the Stratosphere IPS Project
