A0280
Title: Computer network security datasets
Authors: Kate Highnam - Imperial College London (United Kingdom) [presenting]
Abstract: As cyber threats continue to advance, new defences utilise intelligent statistical solutions. However, the required domain expertise can prevent statisticians from applying their methods to cyber security applications. To bridge this gap, we present our publicly available datasets collected from honeypots, intentionally vulnerable systems exposed to the Internet to observe real-world attacks. Our honeypots recorded millions of data points from internal host processes and network traffic, containing highly structured but heterogeneous features. The dataset also includes simultaneous logging of multiple identical systems, where only some were exploited by adversaries, for control comparison. By deploying in environments that limit the noise in the data, we enable non-security experts to demonstrate their methods ability against real adversaries in real systems. We will describe our honeypots and their data, compare with other publicly available datasets, and discuss important research questions in network security.
