BETH Dataset
Real Cybersecurity Data for Anomaly Detection Research
@kaggle.katehighnam_beth_dataset
Real Cybersecurity Data for Anomaly Detection Research
@kaggle.katehighnam_beth_dataset
CREATE TABLE labelled_2021may_ip_10_100_1_105_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_105 (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_186_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_186 (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_26_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_26 (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_4_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_4 (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_95_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ip_10_100_1_95 (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ubuntu_dns (
"timestamp" VARCHAR,
"sourceip" VARCHAR,
"destinationip" VARCHAR,
"dnsquery" VARCHAR,
"dnsanswer" VARCHAR,
"dnsanswerttl" VARCHAR,
"dnsquerynames" VARCHAR,
"dnsqueryclass" VARCHAR,
"dnsquerytype" VARCHAR,
"numberofanswers" BIGINT,
"dnsresponsecode" BIGINT,
"dnsopcode" BIGINT,
"sensorid" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_2021may_ubuntu (
"timestamp" DOUBLE,
"processid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_testing_data (
"timestamp" DOUBLE,
"processid" BIGINT,
"threadid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"mountnamespace" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"stackaddresses" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_training_data (
"timestamp" DOUBLE,
"processid" BIGINT,
"threadid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"mountnamespace" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"stackaddresses" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
CREATE TABLE labelled_validation_data (
"timestamp" DOUBLE,
"processid" BIGINT,
"threadid" BIGINT,
"parentprocessid" BIGINT,
"userid" BIGINT,
"mountnamespace" BIGINT,
"processname" VARCHAR,
"hostname" VARCHAR,
"eventid" BIGINT,
"eventname" VARCHAR,
"stackaddresses" VARCHAR,
"argsnum" BIGINT,
"returnvalue" BIGINT,
"args" VARCHAR,
"sus" BIGINT,
"evil" BIGINT
);
Anyone who has the link will be able to view this.