This dataset contains approximately one hour of anonymized traffic traces from a DDoS attack on August 4, 2007 (20:50:08 UTC to 21:56:16 UTC). This type of denial-of-service attack attempts to block access to the targeted server by consuming computing resources on the server and by consuming all of the bandwidth of the network connecting the server to the Internet.
The one-hour trace is split up in 5-minute pcap files. The total size of the dataset is 5.3 GB (compressed; 21 GB uncompressed). Only attack traffic to the victim and responses to the attack from the victim are included in the traces. Non-attack traffic has as much as possible been removed. Traces in this dataset are anonymized using CryptoPAn prefix-preserving anonymization using a single key. The payload has been removed from all packets.
Acceptable Use Agreement
Access to these data is subject to the terms of the following CAIDA Acceptable Use Agreement (printable version in PDF format)
When referencing this data (as required by the AUA), please use:The CAIDA UCSD "DDoS Attack 2007" Dataset
Request Data Access
Request Access to the CAIDA "DDoS Attack 2007" Dataset
DDoS-Related Information at CAIDA