• The ADFA Intrusion Detection Datasets
  • The ADFA Intrusion Detection Datasets

    This page provides access to the new ADFA IDS Datasets. The datasets cover both Linux and Windows; they are designed for evaluation by system call based HIDS.

    Free use of these datasets for academic research purposes is hereby granted in perpetuity. All other rights relating to this collection of work are reserved under Australian and International law. Use for commercial purposes is strictly prohibited.

    Gideon Creech has asserted his right under the Copyright, Design and Patents Act 1988 to be identified as the author of this work.

    The ADFA Linux Dataset (ADFA-LD)

    This dataset provides a contemporary Linux dataset for evaluation by traditional HIDS. Details of the dataset are contained in the following papers and thesis, which should be cited by academics using this dataset:

    [1] G. Creech and J. Hu. A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Discontiguous System Call Patterns. Computers, IEEE Transactions on, PP(99):11, 2013.

    [2] G. Creech and J. Hu. Generation of a new IDS test dataset: Time to retire the KDD collection. In Wireless Communications and Networking Conference (WCNC), 2013 IEEE, pages 44874492, 2013.

    [3] G. Creech. Developing a high-accuracy cross platform Host-Based Intrusion Detection System capable of reliably detecting zero-day attacks, 2014


    Download the ADFA-LD

    The ADFA Windows Dataset (ADFA-WD)

    This dataset provides a contemporary Windows dataset for evaluation by HIDS. Details of the dataset are contained in the following PhD thesis, which should be cited by academics using this dataset:

    [3] G. Creech. Developing a high-accuracy cross platform Host-Based Intrusion Detection System capable of reliably detecting zero-day attacks, 2014


    Download the ADFA-WD Full Process Traces

    Note that other data formats referred to in [3] are not hosted online due to storage constraints.

    The ADFA Windows Dataset: Stealth Attacks Addendum (ADFA-WD:SAA)

    As detailed in [3], this addendum contains stealth attack traces for evaluation in conjunction with the ADFA-WD. Details of the dataset are contained in the following PhD thesis, which should be cited by academics using this dataset:

    [3] G. Creech. Developing a high-accuracy cross platform Host-Based Intrusion Detection System capable of reliably detecting zero-day attacks, 2014


    Download the ADFA-WD:SAA

    Download the virus scan referenced in [3]




    Point of contact for this page is Professor Jiankun Hu, j.hu@adfa.edu.au

    All Cyber Security Research Group Downloadable Data and Code

     



    Last Updated 31 October, 2013