Dataset Open Access

Host network traffic time series 2019/01

Jirsik, Tomas; Smeriga, Juraj

General info

Dataset was collected over one month period in January 2019. The observation points for the collection of IP flows were located at the borders of the university campus network. The campus university network has /16 CIDR IPv4 network range at disposal and contains various network segments from segments connecting dormitories, over server segments, to a segment containing working stations of university administrative workers. The size of the raw IP flows used to create the dataset was over 860GB. A host in our dataset is identified by its source IPv4 address.  
 

Variables

The dataset contains the following variables:

  • Aggregations - created from five-minute total volumes aggregated over one-hour disjoint windows using mean/max/min aggregation functions
    • # of flows (FL) - number of flows for a given source IP 
    • # of packets (PKT) - number of packets for a given source IP
    • # of bytes (BYT) - number of packets for a given source IP
    • flow duration (DUR) - average flow duration in seconds
  • Distinct Counts - count of distinct values for each variable in five-minute window aggregated over one-hour disjoint windows using mean/max/min aggregation functions
    • # of peers (PEER) - number of distinct communication peers for a given source IP
    • # of ports (PORTS) - number of distinct destination ports for a given source IP
    • # of protocols (PROTO) - number of distinct communication protocols for a given source IP
    • # of AS numbers (AS) - number of distinct destination AS numbers for a given source IP
    • # of countries (CTRY) - number of distinct destination countries for a given source IP
  • Labels
    • Range (RNG) - a network range a host belongs to (anonymized)
    • Unit (UNT) - an administrative unit owning the network range
    • Sub-unit (SUB-UNT) - a sub-unit of the unit

 

Dataset format

  • The dataset is in comma-separated values (CSV) format. 
  • Header - multilevel, first 3 lines
    • 1 level - aggregation type {mean|min|max}
    • 2 level - variable {see above}
    • 3 level - hour of a day {00,01,02,03,...,22,23}
  • Lablels - last 4 columns
  • Dataset size 
    • rows: 65536 host records + 3 headers
    • columns: 648 variables + 4 labels

 

Files (158.7 MB)
Name Size
host-network-traffic-time-series-2019-01-annon.csv
md5:1a72f130f9bfd95c3107309419221ad2 		158.7 MB Download
374
349
views
downloads
All versions This version
Views 374374
Downloads 349349
Data volume 55.4 GB55.4 GB
Unique views 330330
Unique downloads 241241
More info on how stats are collected.
Indexed in
Publication date:
May 6, 2019
DOI:
10.5281/zenodo.2669079

Zenodo DOI Badge

DOI 

10.5281/zenodo.2669079

Markdown 

[![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.2669079.svg)](https://doi.org/10.5281/zenodo.2669079)

reStructedText 

.. image:: https://zenodo.org/badge/DOI/10.5281/zenodo.2669079.svg
   :target: https://doi.org/10.5281/zenodo.2669079

HTML 

<a href="https://doi.org/10.5281/zenodo.2669079"><img src="https://zenodo.org/badge/DOI/10.5281/zenodo.2669079.svg" alt="DOI"></a>

Image URL 

https://zenodo.org/badge/DOI/10.5281/zenodo.2669079.svg

Target URL 

https://doi.org/10.5281/zenodo.2669079

Keyword(s):
network traffic time series host clustering classification
License (for files):
Creative Commons Attribution 4.0 International

Versions

Version 1.0.0 10.5281/zenodo.2669079 May 6, 2019
Cite all versions? You can cite all versions by using the DOI 10.5281/zenodo.2669078. This DOI represents all versions, and will always resolve to the latest one. Read more.

Share

Cite as

Export