Search for a command to run...
This dataset contains network traffic generated in a controlled experimental environment designed to study and evaluate machine learning-based Intrusion Detection Systems (IDS). The dataset includes both legitimate network activity and artificially generated attack traffic in order to represent realistic cybersecurity scenarios. Network packets were captured during the experiment using packet monitoring tools and later processed to extract meaningful traffic features. The captured packet data was converted into a structured CSV format to facilitate analysis using machine learning and data mining techniques. The dataset includes several network-related attributes such as source IP address, destination IP address, communication protocol, packet size, TCP flag information, and other statistical traffic characteristics derived from the packet capture. To simulate malicious activity, different types of attack traffic were intentionally generated within the test network. These attacks represent commonly observed intrusion patterns such as SYN flood attacks, ICMP flooding, and port scanning. Conducting the experiments in a controlled setup ensured that both normal and malicious traffic patterns were captured accurately while maintaining realistic network behavior. The dataset can be used for several research and educational purposes, including: • Training and evaluating machine learning models for intrusion detection • Studying anomaly detection techniques in network security • Benchmarking and comparing IDS algorithms • Supporting academic research and teaching in cybersecurity The dataset includes a label column that indicates whether a network traffic instance corresponds to normal activity or malicious behavior. For machine learning purposes, the traffic instances are encoded using binary values. Label values are defined as follows: 0 – Normal traffic: Represents legitimate network activity generated during regular user operations such as browsing, communication, and other benign interactions within the network. 1 – Attack traffic: Represents malicious network activity generated during simulated intrusion scenarios, including SYN flood attacks, ICMP flooding, and port scanning. This binary labeling allows the dataset to be used directly for supervised machine learning algorithms designed for binary classification tasks in intrusion detection systems. This dataset has been publicly released to encourage further research and development in the field of network security and to assist researchers in designing more effective intrusion detection systems.