Table 2 Detail of the sub-datasets
Dataset source | Scenario/sensor | Botnet name | Number of bots source IP | Attack type |
|---|---|---|---|---|
CTU-13 | 1 | Neris | 1 | IRC, SPAM, CF |
2 | Neris | 1 | IRC, SPAM, CF | |
3 | Rbot | 1 | IRC, PS, US | |
4 | Rbot | 1 | IRC, DDos, US | |
5 | Virut | 1 | SPAM, PS, HTTP | |
6 | Menti | 1 | PS, HTTP | |
7 | Sogou | 1 | HTTP | |
8 | Murlo | 1 | PS | |
9 | Neris | 10 | IRC, SPAM, CF, PS | |
10 | Rbot | 10 | IRC, DDos, US | |
11 | Rbot | 3 | IRC, DDos, US | |
12 | NSIS.ay | 3 | P2P | |
13 | Virut | 1 | SPAM, PS, HTTP | |
NCC-1 | 1 | Neris | 1 | IRC, SPAM, CF |
2 | Neris | 1 | IRC, SPAM, CF | |
3 | Rbot | 1 | IRC, PS, US | |
4 | Rbot | 1 | IRC, DDos, US | |
5 | Virut | 1 | SPAM, PS, HTTP | |
6 | Menti | 1 | PS, HTTP | |
7 | Sogou | 1 | HTTP | |
8 | Murlo | 1 | PS | |
9 | Neris | 10 | IRC, SPAM, CF, PS | |
10 | Rbot | 10 | IRC, DDos, US | |
11 | Rbot | 3 | IRC, DDos, US | |
12 | NSIS.ay | 3 | P2P | |
13 | Virut | 1 | SPAM, PS, HTTP | |
NCC-2 | 1 | Rbot, Neris, Sogo, NSIS.ay, Virut | 10 | IRC, PS, DDoS, US, SPAM, CF, HTTP, P2P |
2 | Rbot, Neris, Menti, Virut | 10 | IRC, PS, DDoS, US, SPAM, CF, HTTP | |
3 | Rbot, Neris, Murlo, NSIS.ay, Virut | 10 | IRC, PS, DDoS, US, IRC, SPAM, CF, P2P, HTTP |