Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis > data : passive : ddos-20070804_dataset.xml

|   Data Sources:    Passive    Active    Other    External   |

The CAIDA "DDoS Attack 2007" Dataset

This dataset contains approximately one hour of anonymized traffic traces from a DDoS attack on August 4, 2007 (20:50:08 UTC to 21:56:16 UTC). This type of denial-of-service attack attempts to block access to the targeted server by consuming computing resources on the server and by consuming all of the bandwidth of the network connecting the server to the Internet.

The one-hour trace is split up in 5-minute pcap files. The total size of the dataset is 5.3 GB (compressed; 21 GB uncompressed). Only attack traffic to the victim and responses to the attack from the victim are included in the traces. Non-attack traffic has as much as possible been removed. Traces in this dataset are anonymized using CryptoPAn prefix-preserving anonymization using a single key. The payload has been removed from all packets.

These traces can be read with any software that reads the pcap (tcpdump) format, including the CoralReef Software Suite, tcpdump, Wireshark, and many others.

Acceptable Use Agreement

Access to these data is subject to the terms of the IMPACT Acceptable Use Agr eement

When referencing this data (as required by the AUA), please use:

The CAIDA UCSD "DDoS Attack 2007" Dataset
Also, please, report your publication to CAIDA.

Data Access

Since April 2016 access to these data is provided through the website of the Information Marketplace for Policy and Analysis of Cyber-risk and Trust (IMPACT).

  • Access to these data can be requested through IMPACT

DDoS-Related Information at CAIDA

  Last Modified: Thu Nov-14-2019 12:12:13 PST
  Page URL: