DDoS-AT-2022: a distributed denial of service attack dataset for evaluating DDoS defense system

Abstract

The existing prominent research in the field of network security has extensively used publicly available emulated datasets for validating the defense mechanisms. Although many datasets are publicly accessible on the Internet but their suitability and relevance for DDoS defense validation remain an issue so far. The increase in the volume of network traffic over the years has led to the failure of most of the existing Distributed Denial of Service (DDoS) defense solutions as they are not validated over a large volume of network traffic. Also, most of the existing datasets have been generated through simulation and those which are generated through emulation-based don’t contain the proper mixture of various types of attacks. In this paper, we have designed a DDoS-Testbed (DDoS-TB) and generated an emulation-based dataset for DDoS attacks at the Application and Transport layer (DDoS-AT-2022) using various benchmarked tools. The generated dataset contains a mixture of legitimate traffic, flash traffic, and various DDoS attacks at the application and transport layer with different attack rates (like low, slow, and flood). Hence, the DDoS-TB design and the generated DDoS-AT-2022 dataset can surely be helpful to the research community in validating their new DDoS defense mechanisms.