Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis > data : passive : ddos-20070804_dataset.xml

|   Data Sources:    Realtime Monitors    Passive    Active    Other    External   |

The CAIDA "DDoS Attack 2007" Dataset

This dataset contains approximately one hour of anonymized traffic traces from a DDoS attack on August 4, 2007 (20:50:08 UTC to 21:56:16 UTC). This type of denial-of-service attack attempts to block access to the targeted server by consuming computing resources on the server and by consuming all of the bandwidth of the network connecting the server to the Internet.

The one-hour trace is split up in 5-minute pcap files. The total size of the dataset is 5.3 GB (compressed; 21 GB uncompressed). Only attack traffic to the victim and responses to the attack from the victim are included in the traces. Non-attack traffic has as much as possible been removed. Traces in this dataset are anonymized using CryptoPAn prefix-preserving anonymization using a single key. The payload has been removed from all packets.

These traces can be read with any software that reads the pcap (tcpdump) format, including the CoralReef Software Suite, tcpdump, Wireshark, and many others.

Acceptable Use Agreement

Access to these data is subject to the terms of the following CAIDA Acceptable Use Agreement (printable version in PDF format)

When referencing this data (as required by the AUA), please use:

The CAIDA UCSD "DDoS Attack 2007" Dataset
Also, please, report your publication to CAIDA.

Request Data Access

Request Access to the CAIDA "DDoS Attack 2007" Dataset

DDoS-Related Information at CAIDA

  Last Modified: Mon Jul-21-2014 16:18:11 PDT
  Page URL: