CYBERSECURITY DATASETS
IoT Attack and Malware Analysis Datasets:
The CIC-BCCC-NRC TabularIoTAttack-2024 dataset is a comprehensive collection of IoT network traffic data generated as part of an advanced effort to create a reliable source for training and testing AI-powered IoT cybersecurity models. This dataset is designed to address modern challenges in detecting and identifying IoT-specific cyberattacks, offering a rich and diverse set of labeled data that reflects realistic IoT network behaviours. The dataset extracted a wide array of network characteristics using CICFlowMeter, with each record containing relevant features such as network flows, timestamps, source/destination IPs, and attack labels.
The full research paper outlining the details of the dataset and its underlying principles:
- Tinshu Sasi, Arash Habibi Lashkari, Rongxing Lu, Pulei Xiong, Shahrear Iqbal, “An Efficient Self Attention-Based 1D-CNN-LSTM Network for IoT Attack Detection and Identification Using Network Traffic”, Journal of Information and Intelligence, 2024, ISSN 2949-7159, https://doi.org/10.1016/j.jiixd.2024.09.001
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Tinshu Sasi, Arash Habibi Lashkari, Rongxing Lu, Pulei Xiong, Shahrear Iqbal, “An Efficient Self Attention-Based 1D-CNN-LSTM Network for IoT Attack Detection and Identification Using Network Traffic”, Journal of Information and Intelligence, 2024, ISSN 2949-7159, https://doi.org/10.1016/j.jiixd.2024.09.001
For more information and download this dataset, visit this page.
Intrusion Detection and Prevention Datasets:
Using NLFlowLyzer, we successfully generated the “BCCC-CIC-IDS2017” dataset by extracting key flows from raw network traffic data of CIC-IDS2017, resulting in CSV files integrating essential network and transport layer features. This new dataset offers a structured approach for analyzing intrusion detection, combining diverse traffic types into multiple sub-categories. The “BCCC-CIC-IDS2017” dataset enriches the depth and variety needed to rigorously evaluate our proposed profiling model, advancing research in network security and enhancing the development of intrusion detection systems.
The full research paper outlining the details of the dataset and its underlying principles:
- MohammadMoein Shafi, Arash Habibi Lashkari, Arousha Haghighian Roudsari, "NTLFlowLyzer: Toward Generating an Intrusion Detection Dataset and Intruders Behavior Profiling through Network Layer Traffic Analysis and Pattern Extraction", Computer & Security, Computers & Security, 104160, ISSN 0167-4048
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- MohammadMoein Shafi, Arash Habibi Lashkari, Arousha Haghighian Roudsari, "NTLFlowLyzer: Toward Generating an Intrusion Detection Dataset and Intruders Behavior Profiling through Network Layer Traffic Analysis and Pattern Extraction", Computer & Security, Computers & Security, 104160, ISSN 0167-4048
For more information and download this dataset, visit this page.
The distributed denial of service attack poses a significant threat to network security. The effectiveness of new detection methods depends heavily on well-constructed datasets. After conducting an in-depth analysis of 16 publicly available datasets and identifying their shortcomings across various dimensions, the 'BCCC-cPacket-Cloud-DDoS-2024' is meticulously created, addressing challenges identified in previous datasets through a cloud infrastructure. The dataset contains over eight benign user activities and 17 DDoS attack scenarios. The dataset is fully labeled (with a total of 26 labels) with over 300 features extracted from the network and transport layers of the traffic flows using NTLFlowLyzer. The dataset's extensive size and comprehensive features make it a valuable resource for researchers and practitioners to develop and validate more robust and accurate DDoS detection and mitigation strategies. Furthermore, researchers can leverage the 'BCCC-cPacket-Cloud-DDoS-2024' dataset to train learning-based models aimed at predicting benign user behavior, detecting attacks, identifying patterns, classifying network data, etc.
The full research paper outlining the details of the dataset and its underlying principles:
- Shafi, MohammadMoein, Arash Habibi Lashkari, Vicente Rodriguez, and Ron Nevo.; "Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization", Information, Vol. 15, no. 4: 195
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Shafi, MohammadMoein, Arash Habibi Lashkari, Vicente Rodriguez, and Ron Nevo.; "Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization", Information, Vol. 15, no. 4: 195
For more information and download this dataset, visit this page.
The distributed denial of service attack poses a significant threat to network security. The effectiveness of new detection methods depends heavily on well-constructed datasets. After conducting an in-depth analysis of 16 publicly available datasets and identifying their shortcomings across various dimensions, the 'BCCC-cPacket-Cloud-DDoS-2024' is meticulously created, addressing challenges identified in previous datasets through a cloud infrastructure. The dataset contains over eight benign user activities and 17 DDoS attack scenarios. The dataset is fully labeled (with a total of 26 labels) with over 300 features extracted from the network and transport layers of the traffic flows using NTLFlowLyzer. The dataset's extensive size and comprehensive features make it a valuable resource for researchers and practitioners to develop and validate more robust and accurate DDoS detection and mitigation strategies. Furthermore, researchers can leverage the 'BCCC-cPacket-Cloud-DDoS-2024' dataset to train learning-based models aimed at predicting benign user behavior, detecting attacks, identifying patterns, classifying network data, etc.
The full research paper outlining the details of the dataset and its underlying principles:
- Shafi, MohammadMoein, Arash Habibi Lashkari, Vicente Rodriguez, and Ron Nevo.; "Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization", Information, Vol. 15, no. 4: 195
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Shafi, MohammadMoein, Arash Habibi Lashkari, Vicente Rodriguez, and Ron Nevo.; "Toward Generating a New Cloud-Based Distributed Denial of Service (DDoS) Dataset and Cloud Intrusion Traffic Characterization", Information, Vol. 15, no. 4: 195
For more information and download this dataset, visit this page.
To generate the CIC-UNSW-NB15 we used CICFlowMeter to extract the new set of features from the provided captured network traffic data by the UNSW-NB15. After extracting the flows using CICFlowMeter, we need to label them using the ground truth from the original dataset files. We matched the extracted flows with the records in the ground truth file based on the source IP, destination IP, source port, destination port, and protocol.
If any flows match with a record from the ground truth file, we set the label using the ground truth attack category. If the flow is matched with more than one record from the ground truth file, we compare the timestamps and choose the record's label that matches the flow timestamp.
In the worst case, the flow will be dropped even if we cannot decide on the label by comparing the timestamp. Any remaining flows will be labeled benign after labeling all the malicious flows..
The full research paper outlining the details of the dataset and its underlying principles:
- H. Mohammadian, A. H. Lashkari, A. Ghorbani. “Poisoning and Evasion: Deep Learning-Based NIDS under Adversarial Attacks,” 21st Annual International Conference on Privacy, Security and Trust (PST), 2024.
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- H. Mohammadian, A. H. Lashkari, A. Ghorbani. “Poisoning and Evasion: Deep Learning-Based NIDS under Adversarial Attacks,” 21st Annual International Conference on Privacy, Security and Trust (PST), 2024.
For more information and download this dataset, visit this page.
The final dataset includes 12 DDoS attack NTP, DNS, LDAP, MSSQL, NetBIOS, SNMP, SSDP, UDP, UDP-Lag, WebDDoS, SYN and TFTP in the training day and 7 attacks
including PortScan, NetBIOS, LDAP, MSSQL, UDP, UDP-Lag and SYN in the testing day (CAPEC standard). The infrastructure includes Third-Party for the attack side and the victim
organization has 4 machines and 1 server. The dataset includes the captures network traffic along with 80 features extracted from the captured traffic
using CICFlowmeter-V3.0.
The full research paper outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, Saqib Hakak, and Ali A. Ghorbani, "Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy", IEEE 53rd International Carnahan Conference on Security Technology, Chennai, India, 2019
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, Saqib Hakak, and Ali A. Ghorbani, "Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy", IEEE 53rd International Carnahan Conference on Security Technology, Chennai, India, 2019
For more information and download this dataset, visit this page.
The final dataset includes seven different attack scenarios: Brute-force, Heartbleed, Botnet, DoS, DDoS, Web attacks, and infiltration of the network from inside (CAPEC standard).
The attacking infrastructure includes 50 machines and the victim organization has 5 departments and includes 420 machines and 30 servers.
The dataset includes the captures network traffic and system logs of each machine, along with 80 features extracted from the captured traffic
using CICFlowmeter-V3.0.
The full research papers outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, "Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization", 4th International Conference on Information Systems Security and Privacy (ICISSP), Purtogal, January 2018.
- Gurdip Kaur, Arash Habibi Lashkari and Abir Rahali, "Intrusion Traffic Detection and Characterization using Deep Image Learning", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020.
For more information and download this dataset, visit this page.
The full research papers outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, "Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization", 4th International Conference on Information Systems Security and Privacy (ICISSP), Purtogal, January 2018.
- Gurdip Kaur, Arash Habibi Lashkari and Abir Rahali, "Intrusion Traffic Detection and Characterization using Deep Image Learning", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020.
For more information and download this dataset, visit this page.
Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs) are the most important defense tools against the sophisticated and ever-growing
network attacks. Due to the lack of reliable test and validation datasets, anomaly-based intrusion detection approaches are suffering from consistent and
accurate performance evolutions. Our evaluations of the existing eleven datasets since 1998 show that most are out of date and unreliable to use. Some of
these datasets suffer from the lack of traffic diversity and volumes, some do not cover the variety of known attacks, while others anonymize packet payload data,
which cannot reflect the current trends. Some are also lacking feature set and metadata. CICIDS2017 dataset contains benign and the most up-to-date common attacks (The 2016 McAfee report and CAPEC standard),
which resembles the true real-world data (PCAPs). It also includes the results of the network traffic analysis using
CICFlowmeter-V3.0 with labeled flows based on the time stamp, source and destination IPs,
source and destination ports, protocols and attack (CSV files).
The full research papers outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, "Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization", 4th International Conference on Information Systems Security and Privacy (ICISSP), Purtogal, January 2018.
- Gurdip Kaur, Arash Habibi Lashkari and Abir Rahali, "Intrusion Traffic Detection and Characterization using Deep Image Learning", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020.
For more information and download the dataset, visit this page.
The full research papers outlining the details of the dataset and its underlying principles:
- Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, "Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization", 4th International Conference on Information Systems Security and Privacy (ICISSP), Purtogal, January 2018.
- Gurdip Kaur, Arash Habibi Lashkari and Abir Rahali, "Intrusion Traffic Detection and Characterization using Deep Image Learning", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020.
For more information and download the dataset, visit this page.
Block Chain, Decentralized Finance (DeFi), and Smart Contracts Datasets:
The BCCC-VulSCs-2023 dataset is a substantial collection for Solidity Smart Contracts (SCs) analysis, comprising 36,670 samples, each enriched with 70 feature columns. These features include the raw source code of the smart contract, a hashed version of the source code for secure referencing, and a binary label that indicates a contract as secure (0) or vulnerable (1). The dataset's extensive size and comprehensive features make it a valuable resource for machine-learning models to predict contract behavior, identify patterns, or classify contracts based on security and functionality criteria.
The full research paper outlining the details of the dataset and its underlying principles:
- Sepideh Hajihosseinkhani, Arash Habibi Lashkari, Ali Mizani, “Unveiling Vulnerable Smart Contracts: Toward Profiling Vulnerable Smart Contracts using Genetic Algorithm and Generating Benchmark Dataset”, Blockchain: Research and Applications, Vol. 4, 2023
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Sepideh Hajihosseinkhani, Arash Habibi Lashkari, Ali Mizani, “Unveiling Vulnerable Smart Contracts: Toward Profiling Vulnerable Smart Contracts using Genetic Algorithm and Generating Benchmark Dataset”, Blockchain: Research and Applications, Vol. 4, 2023
For more information and download this dataset, visit this page.
Malicious DNS and DoH Datasets:
Using ALFlowLyzer, we successfully generated an augmented dataset, "BCCC-CIC-Bell-DNS-2024," from two existing datasets: "CIC-Bell-DNS-2021" and "CIC-Bell-DNS-EXF-2021." ALFlowLyzer enabled the extraction of essential flows from raw network traffic data, resulting in CSV files that integrate DNS metadata and application layer features. This new dataset combines light and heavy data exfiltration traffic into six unique sub-categories, providing a comprehensive structure for analyzing DNS data exfiltration attacks. The "BCCC-CIC-Bell-DNS-2024" dataset enhances the richness and diversity needed to evaluate our proposed profiling model effectively.
The full research paper outlining the details of the dataset and its underlying principles:
- MohammadMoein Shafi, Arash Habibi Lashkari, Hardhik Mohanty; "Unveiling Malicious DNS Behavior Profiling and Generating Benchmark Dataset through Application Layer Traffic Analysis", Computers and Electrical Engineering, Vol 118, P B, Sep. 2024
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- MohammadMoein Shafi, Arash Habibi Lashkari, Hardhik Mohanty; "Unveiling Malicious DNS Behavior Profiling and Generating Benchmark Dataset through Application Layer Traffic Analysis", Computers and Electrical Engineering, Vol 118, P B, Sep. 2024
For more information and download this dataset, visit this page.
DoHBrw-2020' dataset, which is skewed with about 90% malicious and only 10% benign Domain over HTTPS (DoH) network traffic, the 'BCCC-CIRA-CIC-DoHBrw-2020' dataset offers a more balanced composition. It includes equal numbers of malicious and benign DoH network traffic instances, with 249,836 instances in each category. This balance was achieved using the Synthetic Minority Over-sampling Technique (SMOTE).
The full research paper outlining the details of the dataset and its underlying principles:
- Sepideh Niktabe, Arash Habibi Lashkari, Arousha Haghighian Roudsari, “Unveiling DoH Tunnel: Toward Generating a Balanced DoH EncryptedTraffic Dataset and Profiling malicious Behaviour using InherentlyInterpretable Machine Learning“, Peer-to-Peer Networking and Applications, Vol. 17, 2023
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Sepideh Niktabe, Arash Habibi Lashkari, Arousha Haghighian Roudsari, “Unveiling DoH Tunnel: Toward Generating a Balanced DoH EncryptedTraffic Dataset and Profiling malicious Behaviour using InherentlyInterpretable Machine Learning“, Peer-to-Peer Networking and Applications, Vol. 17, 2023
For more information and download this dataset, visit this page.
In this research work, we are releasing CIC-Bell-DNS-EXF-2021, a large dataset of 270.8 MB DNS traffic generated by exfiltrating various file types ranging from small to large sizes.
We leverage our developed feature extractor to extract 30 features from the DNS packets, resulting in a final structured dataset of 323,698 heavy attack samples (CAPEC standard), 53,978 light attack samples, and 641,642 distinct benign samples.
The experimental analysis of utilizing several Machine Learning (ML) algorithms on our dataset shows the effectiveness of our hybrid detection system even in the existence of light DNS traffic.
The full research paper outlining the details of the dataset and its underlying principles:
- Samaneh Mahdavifar, Amgad Hanafy Salem, Princy Victor, Miguel Garzon, Amir H. Razavi, Natasha Hellberg, Arash Habibi Lashkari, “Lightweight Hybrid Data Exfiltration using DNS based on Machine Learning”, The 11th IEEE International Conference on Communication and Network Security (ICCNS), Dec. 3-5, 2021, Beijing Jiaotong University, Weihai, China.
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Samaneh Mahdavifar, Amgad Hanafy Salem, Princy Victor, Miguel Garzon, Amir H. Razavi, Natasha Hellberg, Arash Habibi Lashkari, “Lightweight Hybrid Data Exfiltration using DNS based on Machine Learning”, The 11th IEEE International Conference on Communication and Network Security (ICCNS), Dec. 3-5, 2021, Beijing Jiaotong University, Weihai, China.
For more information and download this dataset, visit this page.
In this research work, we generate and release a large DNS features dataset of 400,000 benign and 13,011 malicious samples processed from a million benign and 51,453 known-malicious domains from publicly available datasets. The malicious samples span between three categories of spam, phishing, and malware. Our dataset, namely CIC-Bell-DNS2021 replicates the real-world scenarios with frequent benign traffic and diverse malicious domain types. We train and validate a classification model that, unlike previous works that focus on binary detection, detects the type of the attack, i.e., spam, phishing, and malware. Classification performance of various ML models on our generated dataset proves the effectiveness of our model, with the highest, is k-Nearest Neighbors (k-NN) achieving 94.8% and 99.4% F1-Score for balanced data ratio (60/40%) and imbalanced data ratio (97/3%), respectively. Finally, we have gone through feature evaluation using information gain analysis to get the merits of each feature in each category, proving the third party features as the most influential one among the top 13 features.
The full research paper outlining the details of the dataset and its underlying principles:
- Samaneh Mahdavifar, Nasim Maleki, Arash Habibi Lashkari, Matt Broda, Amir H. Razavi, “Classifying Malicious Domains using DNS Traffic Analysis”, The 19th IEEE International Conference on Dependable, Autonomic, and Secure Computing (DASC), Oct. 25-28, 2021, Calgary, Canada
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Samaneh Mahdavifar, Nasim Maleki, Arash Habibi Lashkari, Matt Broda, Amir H. Razavi, “Classifying Malicious Domains using DNS Traffic Analysis”, The 19th IEEE International Conference on Dependable, Autonomic, and Secure Computing (DASC), Oct. 25-28, 2021, Calgary, Canada
For more information and download this dataset, visit this page.
This research work proposes a systematic approach to generate a typical dataset to analyze, test, and evaluate DoH traffic in covert channels and tunnels. The main objective of this project is to deploy DoH within an application and capture benign as well as malicious DoH traffic as a two-layered approach to detect and characterize DoH traffic using time-series classifier. The final dataset includes implementing DoH protocol within an application using five different browsers and tools and four servers to capture Benign-DoH, Malicious-DoH and non-DoH traffic. Layer 1 of the proposed two-layered approach is used to classify DoH traffic from non-DoH traffic and layer 2 is used to characterize Benign-Doh from Malicious-DoH traffic. The browsers and tools used to capture traffic include Google Chrome, Mozilla Firefox, dns2tcp, DNSCat2, and Iodine while the servers used to respond to DoH requests are AdGuard, Cloudflare, Google DNS, and Quad9. We developed a traffic analyzer namely DoHLyzer to extrac features from the captured traffic.
The full research paper outlining the details of the dataset and its underlying principles:
- Mohammadreza MontazeriShatoori, Logan Davidson, Gurdip Kaur and Arash Habibi Lashkari, "Detection of DoH Tunnels using Time-series Classification of Encrypted Traffic", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Mohammadreza MontazeriShatoori, Logan Davidson, Gurdip Kaur and Arash Habibi Lashkari, "Detection of DoH Tunnels using Time-series Classification of Encrypted Traffic", The 5th Cyber Science and Technology Congress (2020) (CyberSciTech 2020), Vancouver, Canada, August 2020
For more information and download this dataset, visit this page.
Encrypted Traffic and Dark Net Datasets:
This research work proposes a novel technique to detect and characterize VPN and Tor applications together as the real representative of darknet traffic by amalgamating out two public datasets, namely, ISCXTor2016 and ISCXVPN2016, to create a complete darknet dataset covering Tor and VPN traffic respectively..
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Gurdip Kaur, and Abir Rahali, “DIDarknet: A Contemporary Approach to Detect and Characterize the Darknet Traffic using Deep Image Learning”, 10th International Conference on Communication and Network Security, Tokyo, Japan, November 2020
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Gurdip Kaur, and Abir Rahali, “DIDarknet: A Contemporary Approach to Detect and Characterize the Darknet Traffic using Deep Image Learning”, 10th International Conference on Communication and Network Security, Tokyo, Japan, November 2020
For more information and download this dataset, visit this page.
To be sure about the quantity and diversity of this dataset, we defined a set of tasks to generate a representative dataset of real-world traffic. We created three
users for the browser traffic collection and two users for the communication parts such as chat, mail, FTP, p2p, etc. For the non-Tor traffic we used previous benign traffic
from VPN project and for the Tor traffic we used 7 traffic categories: Browsing, Email, Chat, Audio-Streaming, Video-Streaming, FTP, VoIP, P2P. The traffic was captured using
Wireshark and tcpdump, generating a total of 22GB of data. To facilitate the labeling process, as we explained in the related published paper, we captured the outgoing traffic
at the workstation and the gateway simultaneously, collecting a set of pairs of .pcap files: one regular traffic pcap (workstation) and one Tor traffic pcap (gateway) file. Later,
we labelled the captured traffic in two steps. First, we processed the .pcap files captured at the workstation: we extracted the flows, and we confirmed that the majority of traffic
flows were generated by application X (Skype, ftps, etc.), the object of the traffic capture. Then, we labelled all flows from the Tor .pcap file
as X. ISCXFlowMeter has been written in Java for reading the pcap files and create the csv file based on
selected features. The dataset consists of labeled network traffic, including full packet in pcap format and csv (flows generated by CICFlowMeter) also are publicly available
for researchers.
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Gerard Draper-Gil, Mohammad Saiful Islam Mamun and Ali A. Ghorbani, "Characterization of Tor Traffic Using Time Based Features", In the proceeding of the 3rd International Conference on Information System Security and Privacy, SCITEPRESS, Porto, Portugal, 2017.
For more information and download the dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Gerard Draper-Gil, Mohammad Saiful Islam Mamun and Ali A. Ghorbani, "Characterization of Tor Traffic Using Time Based Features", In the proceeding of the 3rd International Conference on Information System Security and Privacy, SCITEPRESS, Porto, Portugal, 2017.
For more information and download the dataset, visit this page.
To generate a representative dataset of real-world traffic, we defined a set of tasks, assuring that our dataset is rich enough in diversity and quantity. We created
accounts for users Alice and Bob in order to use services like Skype, Facebook, etc. Below we provide the complete list of different types of traffic and applications considered
in our dataset for each traffic type (VoIP, P2P, etc.). We captured a regular session and a session over VPN, therefore we have a total of 14 traffic categories: VOIP, VPN-VOIP,
P2P, VPN-P2P, etc. We also give a detailed description of the different types of traffic generated: Browsing, Email, Chat, Audio-Streaming, Video-Streaming, FTP, VoIP, P2P.
The traffic was captured using Wireshark and tcpdump, generating a total amount of 28GB of data. For the VPN, we used an external VPN service provider and connected to it
using OpenVPN (UDP mode). To generate SFTP and FTPS traffic we also used an external service provider and Filezilla as a client. To facilitate the labeling process, when capturing
the traffic all unnecessary services and applications were closed. (The only application executed was the objective of the capture, e.g., Skype voice-call, SFTP file transfer, etc.)
We used a filter to capture only the packets with source or destination IP, the address of the local client (Alice or Bob).
ISCXFlowMeter (formerly known as ISCXFlowMeter) has been written in Java for reading the pcap files and create the csv file based on selected features. The dataset consists of labeled network traffic, including full packet in pcap format and csv (flows generated by CICFlowMeter) also are publicly available for researchers.
The full research paper outlining the details of the dataset and its underlying principles:
- Gerard Drapper Gil, Arash Habibi Lashkari, Mohammad Mamun, Ali A. Ghorbani, "Characterization of Encrypted and VPN Traffic Using Time-Related Features", In Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP 2016), pages 407-414, Rome, Italy, 2016.
For more information and download the dataset, visit this page.
ISCXFlowMeter (formerly known as ISCXFlowMeter) has been written in Java for reading the pcap files and create the csv file based on selected features. The dataset consists of labeled network traffic, including full packet in pcap format and csv (flows generated by CICFlowMeter) also are publicly available for researchers.
The full research paper outlining the details of the dataset and its underlying principles:
- Gerard Drapper Gil, Arash Habibi Lashkari, Mohammad Mamun, Ali A. Ghorbani, "Characterization of Encrypted and VPN Traffic Using Time-Related Features", In Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP 2016), pages 407-414, Rome, Italy, 2016.
For more information and download the dataset, visit this page.
Smart Phones Security Datasets:
This research work proposes a new comprehensive and huge android malware dataset, named CCCS-CIC-AndMal-2020. The dataset includes 200K benign and 200K malware samples totalling to 400K android apps with 14 prominent malware categories and 191 eminent malware families. To generate the representative dataset, we collaborated with CCCS to capture 200K android malware apps which are labeled and characterized into corresponding family. Benign android apps (200K) are collected from Androzoo dataset to balance the huge dataset. We collected 14 malware categories including adware, backdoor, file infector, no category, Potentially Unwanted Apps (PUA), ransomware, riskware, scareware, trojan, trojan-banker, trojan-dropper, trojan-sms, trojan-spy and zero-day. A complete taxonomy of all the malware families of captured malware apps is created by dividing them into eight categories such as sensitive data collection, media, hardware, actions/activities, internet connection, C&C, antivirus and storage & settings.
The full research paper outlining the details of the dataset and its underlying principles:
- Abir Rahali, Arash Habibi Lashkari, Gurdip Kaur, Laya Taheri, Francois Gagnon, and Frédéric Massicotte, “DIDroid: Android Malware Classification and Characterization Using Deep Image Learning”, 10th International Conference on Communication and Network Security, Tokyo, Japan, November 2020
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Abir Rahali, Arash Habibi Lashkari, Gurdip Kaur, Laya Taheri, Francois Gagnon, and Frédéric Massicotte, “DIDroid: Android Malware Classification and Characterization Using Deep Image Learning”, 10th International Conference on Communication and Network Security, Tokyo, Japan, November 2020
For more information and download this dataset, visit this page.
We provide the second part of the CICAndMal2017 dataset publicly available which includes permissions and intents as static features and API calls and all generated log files as dynamic features in three steps (During installation, before restarting and after restarting the phone). In this part, we improve our malware category and family classification performance around 30% by combining the previous dynamic features (80 network-flows by using CICFlowmeter-V3.0) with 2-gram sequential relations of API calls. In addition, we examine these features in the presented two-layer malware analysis framework. Besides these, we provide other captured features such as battery states, log states, packages, process logs, etc.
The full research paper outlining the details of the dataset and its underlying principles:
- Laya Taheri, Andi Fitriah Abdulkadir, Arash Habibi Lashkari, "Extensible Android Malware Detection and Family Classification Using Network-Flows and API-Calls", The IEEE (53rd) International Carnahan Conference on Security Technology, India, 2019
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Laya Taheri, Andi Fitriah Abdulkadir, Arash Habibi Lashkari, "Extensible Android Malware Detection and Family Classification Using Network-Flows and API-Calls", The IEEE (53rd) International Carnahan Conference on Security Technology, India, 2019
For more information and download this dataset, visit this page.
We propose our new Android malware dataset here, named CICAndMal2017.
In this approach, we run our both malware and benign applications on real smartphones to avoid runtime behavior modification of advanced malware samples
that are able to detect the emulator environment. We collected more than 10,854 samples (4,354 malware and 6,500 benign) from several sources.
We have collected over six thousand benign apps from Googleplay market published in 2015, 2016, 2017. In this dataset, we installed 5,000 of the collected
samples (426 malware and 5,065 benign) on real devices. Our malware samples in the CICAndMal2017 dataset are classified into four categories Adware, Ransomware, Scareware and SMS Malware.
Our samples come from 42 unique malware families.
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Andi Fitriah A.Kadir, Laya Taheri, and Ali A. Ghorbani, “Toward Developing a Systematic Approach to Generate Benchmark Android Malware Datasets and Classification”, In the proceedings of the 52nd IEEE International Carnahan Conference on Security Technology (ICCST), Montreal, Quebec, Canada, 2018.
For more information and download the dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Andi Fitriah A.Kadir, Laya Taheri, and Ali A. Ghorbani, “Toward Developing a Systematic Approach to Generate Benchmark Android Malware Datasets and Classification”, In the proceedings of the 52nd IEEE International Carnahan Conference on Security Technology (ICCST), Montreal, Quebec, Canada, 2018.
For more information and download the dataset, visit this page.
The sophisticated and advanced Android malware is able to identify the presence of the emulator used by the malware analyst and in response, alter its behavior to evade detection.
To overcome this issue, we installed the Android applications on the real device and captured its network traffic. AAGM dataset is captured by installing the Android apps on the real smartphones semi-automated. The dataset is generated from 1900 applications with the following three categories:
- Android Adware (250 apps): Airpush, Dowgin, Kemoge, Mobidash, Shuanet
- General Android Malware (150 apps): AVpass, FakeAV, FakeFlash/FakePlayer, GGtracker, Penetho
- Benign (1500 apps): 2015 and 2016 GooglePlay market (top free popular and top free new).
The full research papers outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Andi Fitriah A.Kadir, Hugo Gonzalez, Kenneth Fon Mbah and Ali A. Ghorbani, “Towards a Network-Based Framework for Android Malware Detection and Characterization”, In the proceeding of the 15th International Conference on Privacy, Security and Trust, PST, Calgary, Canada, 2017.
For more information and download the dataset, visit this page.
- Android Adware (250 apps): Airpush, Dowgin, Kemoge, Mobidash, Shuanet
- General Android Malware (150 apps): AVpass, FakeAV, FakeFlash/FakePlayer, GGtracker, Penetho
- Benign (1500 apps): 2015 and 2016 GooglePlay market (top free popular and top free new).
The full research papers outlining the details of the dataset and its underlying principles:
- Arash Habibi Lashkari, Andi Fitriah A.Kadir, Hugo Gonzalez, Kenneth Fon Mbah and Ali A. Ghorbani, “Towards a Network-Based Framework for Android Malware Detection and Characterization”, In the proceeding of the 15th International Conference on Privacy, Security and Trust, PST, Calgary, Canada, 2017.
For more information and download the dataset, visit this page.
Memory Analysis Datasets:
The obfuscated malware dataset is designed to test obfuscated malware detection methods through memory. In this research, we present a new malware memory analysis dataset (MalMem-2022), which was created to represent as close to a real-world situation as possible using malware prevalent in the real world and consists of 58,596 records with 29,298 benign and 29,298 malicious.
The full research paper outlining the details of the dataset and its underlying principles:
- Tristan Carrier, Princy Victor, Ali Tekeoglu, Arash Habibi Lashkari,” Detecting Obfuscated Malware using Memory Feature Engineering”, The 8th International Conference on Information Systems Security and Privacy (ICISSP), 2022
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Tristan Carrier, Princy Victor, Ali Tekeoglu, Arash Habibi Lashkari,” Detecting Obfuscated Malware using Memory Feature Engineering”, The 8th International Conference on Information Systems Security and Privacy (ICISSP), 2022
For more information and download this dataset, visit this page.
Malicious URL Datasets:
The Web has long become a major platform for online criminal activities. URLs are used as the main vehicle in this domain. To counter this issues security community focused its efforts on developing techniques for mostly blacklisting of malicious URLs. While successful in protecting users from known malicious domains, this approach only solves part of the problem. The new malicious URLs that sprang up all over the web in masses commonly get a head start in this race. Besides that, Alexa ranked, trusted websites may convey compromised fraudulent URLs called defacement URL. We explore a lightweight approach to detection and categorization of the malicious URLs according to their attack type and show that lexical analysis is effective and efficient for proactive detection of these URLs. We also study the effect of the obfuscation techniques on malicious URLs to figure out the type of obfuscation technique targeted at specific type of malicious URL. We study mainly five different types of URLs include Benign, Spam, Phishing, Malware, and Defacement.
The full research paper outlining the details of the dataset and its underlying principles:
- Mohammad Saiful Islam Mamun, Mohammad Ahmad Rathore, Arash Habibi Lashkari, Natalia Stakhanova and Ali A. Ghorbani,"Detecting Malicious URLs Using Lexical Analysis", Network and System Security, Springer International Publishing, P467--482, 2016.
For more information and download the dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Mohammad Saiful Islam Mamun, Mohammad Ahmad Rathore, Arash Habibi Lashkari, Natalia Stakhanova and Ali A. Ghorbani,"Detecting Malicious URLs Using Lexical Analysis", Network and System Security, Springer International Publishing, P467--482, 2016.
For more information and download the dataset, visit this page.
Malicious PDF Datasets:
In this research, we present a new evasive pdf dataset, Evasive-PDFMal2022 which consists of 10,025 records with 5557 malicious and 4468 benign records that tend to evade the common significant features found in each class. This makes them harder to detect by common learning algorithms.
The full research paper outlining the details of the dataset and its underlying principles:
- Maryam Issakhani, Princy Victor, Ali Tekeoglu, and Arash Habibi Lashkari1, “PDF Malware Detection Based on Stacking Learning”, The International Conference on Information Systems Security and Privacy, February 2022,
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Maryam Issakhani, Princy Victor, Ali Tekeoglu, and Arash Habibi Lashkari1, “PDF Malware Detection Based on Stacking Learning”, The International Conference on Information Systems Security and Privacy, February 2022,
For more information and download this dataset, visit this page.
Operational Technology Datasets:
The CIC Modbus Dataset contains network (pcap) captures and attack logs from a simulated substation network. The dataset is categorized into two groups: an attack dataset and a benign dataset. The attack dataset includes network traffic captures that simulate various types of Modbus protocol attacks in a substation environment. The attacks are reconnaissance, query flooding, loading payloads, delay response, modify length parameters, false data injection, stacking Modbus frames, brute force write and baseline replay. These attacks are based of some techniques in the MITRE ICS ATT&CK framework. On the other hand, the benign dataset consists of normal network traffic captures representing legitimate Modbus communication within the substation network.The purpose of this dataset is to facilitate research, analysis, and development of intrusion detection systems, anomaly detection algorithms and other security mechanisms for substation networks using the Modbus protocol.
The full research paper outlining the details of the dataset and its underlying principles:
- Kwasi Boakye-Boateng, Ali A. Ghorbani, and Arash Habibi Lashkari, " Securing Substations with Trust, Risk Posture and Multi-Agent Systems: A Comprehensive Approach,"20th International Conference on Privacy, Security and Trust (PST), Copenhagen, Denmark, August. 2023
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Kwasi Boakye-Boateng, Ali A. Ghorbani, and Arash Habibi Lashkari, " Securing Substations with Trust, Risk Posture and Multi-Agent Systems: A Comprehensive Approach,"20th International Conference on Privacy, Security and Trust (PST), Copenhagen, Denmark, August. 2023
For more information and download this dataset, visit this page.
Others:
This dataset consists of a collection of 11,012 evasive or sophisticated malicious SQL queries. These queries are generated using a genetic algorithm applied to the Kaggle malicious SQL dataset. The goal of the genetic algorithm is to enhance the evasiveness and sophistication of the original malicious queries.
The full research paper outlining the details of the dataset and its underlying principles:
- Maryam Issakhani, Mufeng Huang, Mohammad A. Tayebi, Arash Habibi Lashkari, "An Evolutionary Algorithm for Adversarial SQL Injection Attack Generation", IEEE Intelligence and Security Informatics (ISI2023), NC, USA
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Maryam Issakhani, Mufeng Huang, Mohammad A. Tayebi, Arash Habibi Lashkari, "An Evolutionary Algorithm for Adversarial SQL Injection Attack Generation", IEEE Intelligence and Security Informatics (ISI2023), NC, USA
For more information and download this dataset, visit this page.
Source Code Authorship Attribution (SCAA) is the technique to find the real author of source code in a corpus.
Though it is a privacy threat to open-source programmers, ithas shown to be significantly helpful in developing forensic-based applications such as ghostwriting detection, copyright dispute settlements, catching authors of malicious applications using source code, and other code analysis applications.
This dataset was created by extracting ’code’ data from the GCJ, and Github datasets, including examples of attacks and adversarial examples, were created using Source Code imitator. The dataset in a total of 19,000 code files from 300 authors.
The full research paper outlining the details of the dataset and its underlying principles:
- Abhishek Chopra , Nikhill Vombatkere , Arash Habibi Lashkari,”AuthAttLyzer: A Robust defensive distillation-based Authorship Attribution framework”, The 12th International Conference on Communication and Network Security (ICCNS), 2022, China
For more information and download this dataset, visit this page.
The full research paper outlining the details of the dataset and its underlying principles:
- Abhishek Chopra , Nikhill Vombatkere , Arash Habibi Lashkari,”AuthAttLyzer: A Robust defensive distillation-based Authorship Attribution framework”, The 12th International Conference on Communication and Network Security (ICCNS), 2022, China
For more information and download this dataset, visit this page.
Download Requests: Companies, research centres and universities that have downloaded these datasets, since 2015:
A
A&M College, Aalborg University, Aalim muhammed salegh college of engineering, India Aalto university, Abdullah Gul University (AGU), Abudhabi University, United Arab Emirates Acharya Nagarjuna university, Addis Ababa University, Adhiyamaan College of Engineering, Advanced Technologies Application Center, Ain Shams University, Egypt Air University, Pakistan Al-Ameen Engineering College, Al-Aqsa University, Al-Baha University, Al-Huson University College, Al-Maafer Community College, Alagappa Government Arts College, Albaydha University, Alexandrian Technological Institute of Thessaloniki, Aliah University, India Amazon, India American University of Sharjah, United Arab Emirates American University, Washington Amity University Rajasthan, India Amity University, India Amman Arab University, Amrita Vishwa Vidyapeetham University, India Amrita School of Engineering (Bengaluru), Andhra University Ankara Yıldırım Beyazıt University, Anna University APJ Abdul Kalam Technological University, Aristotle University of Thessaloniki, Australian Department of Defence, AustraliaB
Baden-Wuerttemberg Cooperative State University (DHBW), Bahria University, Banaras Hindu University, India Basaheb Bhimrao Ambedkar University, Beihang University, Beijing University of Posts and Telecommunications, Beijing University of Technology, Beijing University, Ben-Gurion University of the Negev Beer-Sheva, Bennett University, Big Data and Intelligent Systems Laboratory, Birmingham City University, England Birkbeck University of London, England Birla Institute of Technology and Science (Pilani), BlueLotus, Columbia BlueLotus, Turkey Boğaziçi University, Bordeaux university, Bournemouth University, Bowie State University, Bozorgmehr University, Iran Brandeis University, Brno University of Technology, Burapha University,C
California State University (Fullerton), Canara Engineering College, Cape Peninsula University of Technology, Capital University of Science and Technology Carnegie Mellon University, Catholic University of the Maule Catholic University of the Sacred Heart, Italy Christ Academy Institute for Advanced Studies (CAIAS), India Center for Cybersecurity, Bruno Kessler Foundation Central Connecticut State University Central Connecticut State University, Central Institute of Technology Kokrajhar Central South University, China Central University of Finance and Economics Central University of Haryana Centre for Information and Communications Technology Research (CITIC) Centro Universitário da FEI Chandigarh University, Charles University, Cheikh Anta Diop University of Dakar, Chile university China Academy of Engineering Physics China West Normal University Chinese Academy of Sciences, Chitkara University Chongoing University, Chongqing University of Posts and Telecommunications Cisco Systems Inc, USA Cochin University of Science and Technology CodePath, USA College of Charleston, College of Engineering Trivandrum Colorado Mesa University COMAC Shanghai Aircraft Manufacturing Community Safety Department, Fukuoka Prefectural Police Headquarters, COMSATS Institute of IT, Comsats University COEP Technological University, India Consultant, UK Council for Scientific and Industrial Research (CSIR), cPacket, USA CQVista Inc., South Korea Cranfield University, CUAB, Nigeria CTU in Prague Cyber Technology Institute De Montfort University Cybersecurity Strategic Technology Centre Cyber Silo Inc., USA Czech Technical University in Prague (CTU)D
Dalhousie University, Dalian Jiaotong University, China DAV University, Deakin University Australia, Defence Academy of the UK, Delhi Technological University, Democritus University of Thrace, Department of CSE IIT Madra, Department of CSIS, BITS Pilani, Department of multimedia technologies and telecommunications, Dr. Babasaheb Ambedekar Marathwada University, Iran Dr. Shariati Technical and Vocational College, Iran Dublin city university,E
East China University of Science, East Delta University, Eastern Institute of Technology, New Zealand Electronics and Telecommunications Research Institute (ETRI), Embry-Riddle Aeronautical University, Erlangen University, Germany Equinix, USAF
Fachhochschule der Wirtschaft, Germany FAST National University of Computer and Emerging Science, Federal University of Juiz de Fora (UFJF), Federal University of Pará (UFPA), Federal University of Technology Akure, Federal University of Viçosa (UFV) Federation University Australia Feng Chia University, Taiwan FHDW Paderborn, Germany Florida Atlantic University, Foundation University School of Science and Technology (FUSST), Fraunhofer IIS, Free University Bozen-Bolzano, Fukuoka Institute of Technology, Fulda University of Applied Sciences, Fuzhou University, ChinaG
G H Patel College of Engineering & Technology, Gachon University, Seongnam, Gaston Berger University, Gazi University, General Assembly, Bahrain George Mason University, George Washington University, Georgia Tech University, Ghent University, IDLab-Imec, Belgium Gitam University, Government College University, Graphic Deemed University, India Grand Canyon University, Guangdong Pharmaceutical University, China Guangdong University of Technology, China Guangxi Key Laboratory of Cryptography and Information Security, China Guangzhou University, China Guilin University of Electronic Technology, Gujarat Technological University, Guru Govind Singh University, IndiaH
Hacettepe University, Hainan Normal University, Hangzhou Dianzi University, Hanoi University of Science and Technology, Harbin Institute of Technology, Helwan University, Helwan University, Henan Key Laboratory of Network Cryptography Technology, Henan Police College, Hewlett-Packard, Hillstonenet Co., Hitech Solutions (Pvt) Ltd., Hochschule Fulda University of Applied Sciences, Hochschule für Telekommunikation Leipzig (HfTL), Hohai University, China Hokkaido University, Holy Angel University, Philippines Humboldt University of Berlin, Hunan University of Humanities, HUST, VietnamI
IBM Research, Ibn Tofail University, ICAR-CNR (ITALY), ICT Convergence Research Center, IIT BHU, India Illinois Institute of Technology, USA Imperial College London, IMP Group International, Canada Independent university of Banja Luka, Indian Institute of Information Technology, Indian Institute of Science, Indian Institute of Technology Guwahati, Indian Institute of Technology (BHU) Varanasi, India Industrial Technology Research Institute, Hsinchu, Taiwan Industrial University of Ho Chi Minh city, Innopolis University, Institute for Advanced Study (IAS), USA Institute for Development and Research in Banking Technology (IDRBT), Institute for Infocomm Research (I2R), Institute for Information and Communication Technologies, Institute of Information Engineering, Institute of Information Engineering Chinese Academy of Sciences Beijing, Institute of Technology of Cambodia, Cambodia Instituto Militar de Engenharia, Intelligent Policing Key Laboratory of Sichuan Province, Sichuan International Hellenic University, IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Islamic Azad University, Iran Istanbul Technical University, Turkey IT-Convergence Engineering, Izmir University of Economics,J
Jagannath University, Jahangirnagar University, Jiangsu Province Engineering Research Center of Security for Ubiquitous Network, Jiangsu University, China Jinan University, China JNU, China John Jay College, USA Johns Hopkins University,K
Kadir Has University, Türkiye Karabük University, Karunya University, Keldysh Institute of Applied Mathematics, KIAM", Kennesaw State University, Kent State University, USA Khalifa University, King AbdulAziz University, King Fahad University of Petroleum and Minerals, King Fahad University, King Fahd University of Petroleum & Minerals, King Faisal University, King Khalid University, King Mongkut's Institute of Technology Ladkrabang, King Saud University, KMUTNB, Thailand KNUST, Ghana Kokurakita Police Station, Fukuoka Prefectural Police Kongu Engineering College, Kookmin University, South Korea Korea National Defense University, KPR Institute of Engineering and Technology, KTH Royal Institute of Technology, Kumoh National Institute of Technology, Kyushu University,L
La Salle University – Ramon Llull, Spain Laboratory of Numerical Analysis and Computer Science, Lancaster University, Lanzhou University, Lawrence Livermore National Laboratory, Le Quy Don Technical University, Lebanese American University, Lebanese University, Load Go Transport Inc., Canada Loughborough University London, Loughborough University, Lovely Professional University,M
Madurai Kamaraj University, India Majmaah University, Makerere University, Uganda Malaviya National Institute of Technology Jaipur (MNIT), India Malta College of Arts, Manchester Metropolitan University Manipal Institute of Technology Bengaluru Manipal University Jaipur, Mansoura University, Marathwada University, Marmara university, Marwadi University, Materials and Chemistry Convergence Technology, Maven Technical, Nigeria Medcare MSO, Pakistan Menoufia University, Metropolitan University of Technology,chile Microsoft India Development Center, India Middle East Technical University in Ankara, Misr International University, EgyptMississippi State University, MIT College of Engineering (India), MIT Lincoln Laboratory, MITRE.org, Mizoram University Monash University, Indonesia Morgan State University, Moscow Institute of Physics and Technology, Moscow Institute of Physics and Technology, MIPT Mother Teresa Women’s University, Kodaikanal MSIS Department, Rutgers University Mumbai University, India
N
Najran University Namal University Mianwali, PakistanNanjing Tech, China
Nanjing University of Science and Technology (NJUST), China National Centre For Cyber Security – UET Peshawar (NCCS-UETP), Pakistan
National Chiao Tung University, National Chung Cheng University, National Dong Hwa University National Forensic Sciences University (NFSU), India
National Institute of Technology (NIT), National Institute of Technology Karnataka(NITK), India National Kaohsiung University of Science and Technology, National Sun Yat-sen University, Taiwan
National Taiwan University, Taiwan
National Taiwan University of Science and Technology, Taiwan
National Technological University of South Lima, Peru
National Telecom Regulatory Authority (NTRA) National University of Computer and Emerging Sciences, Islamabad, Pakistan National University of Defense Technology (NUDT), National University of Defense Technology Changsha, China National University of Defense Technology, China National University of Technology (NUTECH), Pakistan
National University of Sciences and Technology, Islamabad, Pakistan National University Singapore (NUS), National Yunlin University of Science and Technology, Necmettin Erbakan University, NEHEMIAH Security Co., New Mansoura University, Egypt
NIELIT Calicut, India
Nha Trang University Nigeria Federal University of Technology, NIIT University, Nile University, Egypt Nirma University NIT Raipur Nirma University, India
Nitte Meenakshi Institute of Technology (NMIT), niversity of Hertfordshire NMAM Institute of Technology, North Carolina A&T State University North Carolina State University, USA
North Carolina Agricultural and Technical State University, North Dakota State University Northeastern University, USA
North South University Northumbria University, Northwestern Polytechnical University Norwegian University of Science and Technology Norwegian University of Science and Technology (NTNU), NOVETTA, Novasibirsk State University, NUST School of Electrical Engineering and Computer Science (NUST-SEECS), Pakistan
O
Oak Ridge National Laboratory OAKLAND Univeristy, Old Dominion University Open University of Netherlands, Oracle Lab (Canada), Oslo Metropolitan UniversityP
Pabna University of Science and Technology, BangladeshPacific Northwest National Laboratory Packetwerk, Pakistan Institute of Engineering and Applied Sciences Panjab University, Chandigarh Parahyangan catholic university, Indonesia
Patuakhali Science and Technology University Penn State University, Pennsylvania State University People’s Public Security University of China PES Institute of Technology and Management Petroleum-Gas University of Ploiesti PLA Information Engnieering University,Zhengzhou,china Politecnico di Milano, Political Elektronika Negeri Surabaya (PENS), Pölten University of Applied Sciences Polytechnic Institute of Leiria (IPLeiria), Portugal
Premier University, Bangladesh
Prince Mohammad Bin Fahd University Princess Nourah Bint Abdul Rahman University, Saudi Arabia
Prince Sultan University, Prince Sattam Bin Abdulaziz University, Saudi Arabia
Princess Sarvath Community College Princess Sumaya University for Technology (PSUT) Princeton University, PSG College of Technology, India
PSL Research University, France
Punjab University, Purdue University, Purple Mountain Laboratories Pusan National University (PNU), South Korea
Q
Qatar university Queen’s University Belfast Queensland University of Technology (QUT)R
R.V. College of Engineering Bengaluru Radboud University Reva University, IndiaRice University, USA
RMIT University Rochester Institute of Technology Royal Military College of Canada, RUDRA Cybersecurity, India
S
S.E.A Protection Services, CanadaSão Paulo State University, Brazil
Sabanci University, Sacred Heart University (SHU), USA
Sakarya University, Sam Houston State University San Jose State University Sardar Patel Institute of Technology, India
Sathyabama Institute of Science and Technology School of Cyber Security, University of Chinese Academy of Sciences, Beijing Science and Technology (MCAST), SecureITlab, Bahrain
Sejong University, Selçuk Üniversitesi, Turkey
Seneca College of Applied Arts and Technology Shahid Bahonar University of Kerman, Shahid Beheshti University, Iran
Shahid Sattari Aviation University Shandong University, China
Shandong Normal University, Shanghai Jiao Tong University, Shanxi University of Finance and Economics Sharda University Sharif University of Technology, Sheffield Hallam University, Shiraz University, Siberian Federal University, Siberia
Sichuan Normal University Sichuan University, Sikkim Manipal Inst. of Technology Siliguri Institute of Technology Simon Fraser University Singapore Management University (SMU), Singapore
Sistan and Baluchestan Univerisity, Skyline University College Slovak University of Technology, Soongsil University, South China University of Technology South East Technological University, Waterford, X91 HE36 Ireland South Ural State University Southeast University, PR China South China University of Technology, China
Southern University Southeast University, China
Southwest Petroleum University Sri Krishna Arts and Science College, India
Sri Ramaswamy Memorial Institute of Science and Technology (SRM), India
Sri Sivasubramaniya Nadar College of Engineering, India
Srinivas University, India
SRM Institute of Science and Technology (Deemed to be University) St. Joseph's College of Engineering, Chennai, India St. Polten University of Applied Sciences, Stanford University, USA
State University of Londrina, State Polytechnic of Ujung Pandang, Indonesia
Strategic Support Force Information Engineering University, Sun Yat-sen University, Sungkyunkwan University, Supercomputer Education and Research Center Supercomputer Education and Research Center Surabaya State Polytechnics, Swe, England
Szkoła Główna Gospodarstwa Wiejskiego w Warszawie, Poland
T
Tai Solarin University of Education, Taibah University, Saudi ArabiaTaiz, Yemen Tallinn University of Technology Tarbiat Modares University Technical and Vocational University. Shariaty Technical College, Iran
Technical University of Dresden, Technical University of Madrid, Technical University of Munich Technological University of Panama, Panama
Telecom Bretagne, Telkom University, Indonesia
Telecommunications and Applications Cheikh Anta Diop University Telkon University, Tennessee State University, Texas A&M University Kingsville, The Maharaja Sayajirao University of Baroda The Open University, Milton Keynes The University of Adelaide The University of British Columbia (UBC) The University of Hong Kong The University of Jordan, The University of Manitoba The University of Sydney The University of Tokyo Third Sarl., Cameroon
Tianjin University, Tsinghua University, Tishreen University, Syria
Todyl Inc, USA
Tokyo Institute of Technology Tomsk Polytechnic Universityv Toronto Metropolitan University Tongji University, China
Trakya University Tshimologong Precinct, Technology Park in South Africa
Tsinghua University, China
TU Wien, Austria
U
UCAS, BangladeshUCL, USA
Ulster University, United Kingdom
UiTM, Malaysia
Umm Al-Qura University UNED, Spain
Unesp – São Paulo State University, Brazil
Unisinos, Brazil
United Commercial Bank PLC, Bangladesh
United States Military Academy United Technologies Research Center (UTRC), Univerisyt of Twente, Universidad del Cauca, Universidad Diego Portales Universidad Nacional de Asunción, Universidad Popular Autónoma del Estado de Puebla (UPAEP), Mexico
Universidade da Coruna, Universidade Federal Fluminense, Universidade Regional de Blumenau Universita degli Studi di Messina Università degli Studi di Napoli Federico II, Università degli Studi Roma Tre, Universita Della Calabria, Universitaet Klagenfurt UNIVERSITAS SILIWANGI, Indonecia
Universitas Trunojoyo Madura Université Bretagne Loire, Université de Moncton Université de Sherbrooke, Canada
Université Paris-Saclay Universiti Putra Malaysia, Universiti Sains Malaysia Universiti Sains Malaysia (USM) Universiti Sains Malaysia, Penan Universiti Technology Malaysia, Universiti Tun Hussein Onn Malaysia (UTHM), Malaysia
University at Buffalo University Carlos University Cobur of Germany, University College Dublin, Ireland University Kasdi Merban Ouargla, University Malaysia Pahang, University Mohammed 5 Rabat, Morocco
University of Aegean University of Aizu, University of Alcalá de Henares, University of Amsterdam, University of Applied Sciences Wedel, University of Bahrain, University of Bari “Aldo Moro” University of Birmingham Dubai University of Brasília University of Bridgeport, University of Cadiz, Spain
University of Cagliari, Canada University of Calabria, Italy
University of California San Diego, USA
University of Calgary, University of Campania, Italy
University of Caxias do Sul, Brazil
University Of Central Punjab University of Chinese Academy of Science University of Cincinnati, University of Colombo, Colombia
University of Colorado University of Dayton, University of Delhi, India
University of Dodoma, Tanzania
University of East London, UK
University of Edinburgh University of Electronic Science and Technology of China, University of Engineering & Applied Sciences (Swat), Pakistan
University of Engineering and Technology (UET), Taxila, Pakistan
University of Essex, University of Exeter, England University of Fort Hare, University of FuZhou, University of Glasgow, University of Guelph, Canada
University of Granada, University of Greenwich University of Health Sciences,Istanbul,Turkiye University of Hertfordshire University of Hohenheim University of Houston, University of Houston, USA
University of Hyderabad University of Hyogo, University of Information Technology, Ho Chi Minh city, Vietnam University of Isfahan University of Jaén, Spain
University of Johannesburg University of Kashmir, Pakistan
University of Kelaniya, Sri Lanka
University of Kerala University of Kufa, Iraq
University Of Lahore University of Lay Adventists of Kigali University of Liberal Arts Bangladesh (ULAB) University of Liechtenstein University of Ljubljana, University of London University of Luxembourg, University of Malta, Malta
University of Maryland University of Maryland, University of New Haven, University of New Mexico (UNM), Mexico
University of New South Wales University of North Carolina at Charlotte University of Ontario, University of Oslo University of Ottawa, University of Oviedo, University of Oxford, University of Padua University of Pennsylvania, University of Pretoria University of Reading, England
University of Riau, Indonesia
University of Salamanca University of Salford University of Sannio University of Santa Cruz Do Sul, University of São Paulo, Brazil
University of Science and Technology Chittagong, Bangladesh
University of Science and Technology Beijing, University of Science and Technology of China, University of Sfax University of Southern Queensland, University of St. Andrews, University of Stavanger, University of Stirling University of Strathclyde Glasgow, University of Surabaya University of Surrey, University of Swabi, University of Tabriz, University of Technology of Baghdad, University of Tehran, University of Texas at Dallas (UTDallas), University of Texas at San Antonio University of Toronto, Canada
University of Trento, University of Twente, University of Waikato, New Zealand
University of Washington, University Of Waterloo, Canada University of West Florida, University of Western Ontario University of Windsor, University of Wisconsin–Eau Claire University of Wisconsin-Madison University of Wurzburg University of Zürich, Switzerland
University Saience Malaysia (USM), Malaysia
University Utara Malaysia, UNOB, Slovakia
UNOC, Czech Republic
UNSW Sydney, Australia
UPC BarcelonaTech Vilanova
V
Vellore Institute of Technology, Victoria University of Wellington, Vietnam National University Viavi Solutions, USAW
Warsaw University of Technology, Wayne State University, USAWestpac, Australia
Western University Western Washington University (WWU), Widyatama University Wrocław University of Science and Technology, Poland
Wright State University, Wuhan university, China
Wuhan Textile University Wuhan University
X
Xi’an University of Technology, ChinaXidian University,
Y
YANDEX Co., Yarmouk University, School of Information Technology and Computer Science Yeditepe University, Yildiz Technical University, Yonsei University, Yuan Ze UniversityZ
Zarqa University Zhejiang Gongshang University, Zhejiang University, China ZIGHRA Co.
Researchers named among top researchers for Canada 150
The cybersecurity Research and Academic Leadership award, Canada 2019
The cybersecurity academic award, Canada 2017