Merge pull request #39 from fkie-cad/hotfix

Fix CSV file and navbar

Author: ru37z

_config.yml

@@ -22,9 +22,10 @@ author: Fraunhofer FKIE, Philipp Bönninghausen
 navbar-links:
   All Datasets: "content/all_datasets"
   CSV Download: "content/csv_download"
-  Contributing: "content/contributing"
-  About: "content/about"
   Related Work: "content/related_work"
+  More:
+    - Contributing: "content/contributing"
+    - About: "content/about"
 #  Author's home: "https://deanattali.com"
 
 ################
@@ -119,7 +120,7 @@ edit_page_button: true
 # Allow sub-menu items (second-level navigation menu items) to be longer than the top-level menu
 # If this setting is off, then long sub-menu words might get cut off
 # See https://github.com/daattali/beautiful-jekyll/issues/765 to understand the issue this setting can solve
-navbar-var-length: false
+navbar-var-length: true
 
 # The keywords to associate with your website, for SEO purposes
 keywords: "datasets,collection,cybersecurity,IDS"

assets/data/datasets.csv

@@ -1,6 +1,6 @@
 Name;Network Attacks;Host Attacks;Start Year;End Year;Setting;OS Type;Network Data Source;Network Data Labeled;Host Data Source;Host Data Labeled;Attack Categories;Benign Activity;Packed Size in MB;Unpacked Size in MB
 ADFA-LD;No;Yes;2013;2013;Single OS;Linux;-;-;Sequences of Syscall Numbers;Yes;Password Bruteforce ,  Social Engineering ,  Web-Based Attacks ,  Remote Exploits;Unspecified normal operation;2.0;17.0;
-ADFA-WD;No;Yes;2014;2014;Single OS;Windows;-;-;DLL calls, XML logs from Procmon;Yes, as in SAA only contains attack data;Stealthy Shellcode;_n/a_;403.0;13600.0;
+ADFA-WD;No;Yes;2014;2014;Single OS;Windows;-;-;DLL calls, XML logs from Procmon;Yes, as in SAA only contains attack data;Stealthy Shellcode;n/a;403.0;13600.0;
 AIT Alert Dataset;Yes;Yes;2023;2023;Enterprise IT;Linux;Suricata, Wazuh and AMiner alerts;Yes;Wazuh and AMiner alerts;Yes;Reconnaissance, Privilege Escalation, Data Exfiltration, Web-based Attacks, Remote Command Execution;Yes, models complex behavior;96.0;2900.0;
 AIT Log Dataset;Yes;Yes;2023;2023;Enterprise IT;Linux;VPN, DNS, pcaps, Suricata;Yes;Apache, auth, audit, syslogs, and more;Yes;Reconnaissance, Privilege Escalation, Data Exfiltration, Web-based Attacks, Remote Command Execution;Yes, models complex behavior;130000.0;206000.0;
 ASNM Datasets;Yes;No;2009;2018;Miscellaneous;Windows, Linux;Custom extension of network flows;Yes;-;-;Remote Buffer Overflows, Obfuscated Network Attacks;Yes, but not further detailed;21.0;95000.0;
@@ -10,19 +10,19 @@ CIC DoS;Yes;No;2017;2017;Enterprise IT;Linux;Unknown;Presumably;-;-;Application-
 CIC-DDoS2019;Yes;No;2019;2019;Enterprise IT;Windows, Linux;pcaps, NetFlows;Flows are labeled;Windows event logs, Ubuntu event logs;No;Various DDoS attacks;Yes, models complex behavior;24400.0;;
 CIC-IDS2017;Yes;No;2017;2017;Enterprise IT;Windows, Linux;pcaps, derived features;Yes;-;-;Brute Force FTP/SSH, DoS & DDoS, Web Attacks, Botnets;Yes, models complex behavior;48400.0;50000.0;
 CIDD;No;No;2012;2012;Military IT;Unix;PARSE_ERROR;PARSE_ERROR;PARSE_ERROR;PARSE_ERROR;PARSE_ERROR;PARSE_ERROR;;22000.0;
-CLUE-LDS;No;No;2022;2022;Subsystem;Undisclosed;-;-;Events generated from usage of storage solution hBox;No, data generated in production -> no known attacks;_n/a_;Real users;640.0;14900.0;
+CLUE-LDS;No;No;2022;2022;Subsystem;Undisclosed;-;-;Events generated from usage of storage solution hBox;No, data generated in production -> no known attacks;n/a;Real users;640.0;14900.0;
 Comprehensive, Multi-Source Cyber-Security Events;Yes;Yes;2015;2015;Enterprise IT;Windows, Linux;NetFlows, DNS lookups;No;Auth events, Process events;Yes, for auth events;Authentication with stolen credentials;Real users;12000.0;;
 CSE-CIC-IDS2018;Yes;No;2018;2018;Enterprise IT;Windows, Linux, MacOS;pcaps, NetFlows;Yes, NetFlows are labeled;Ubuntu event logs, Windows event logs;No;Bruteforce, Heartbleed, Botnet, DoS/DDoS, Web-Based, Infiltration from Inside;Yes, models complex behavior;220000.0;;
 CTU 13;Yes;No;2011;2011;Enterprise IT;Windows, Undisclosed;pcaps, NetFlows;Yes, NetFlows are labeled;-;-;Various Botnet activity, (Neris, Rbot, Virut, Menti, Sogou, Murlo, NSIS.ay);Yes, as in real background traffic;;697000.0;
 DAPT 2020;Yes;No;2020;2020;Enterprise IT;Undisclosed;NetFlows, DNS;Yes, Netflows are labeled;Syslog, auditd, apache, auth, various services;No;Reconnaissance, Persistence, Lateral Movement, Exfiltration;Benign traffic generated by students (?);460.0;;
 DARPA'98 Intrusion Detection Program;Yes;No;1998;1998;Military IT;Unix;tcpdumps;Ground truth provided;bsm audits, file system dumps;No;DoS, Remote to Local, User to Root, Surveillance/Probing;Scripts for traffic generation, actual humans for performing complex tasks;5000.0;;
 DARPA TC3;No;Yes;2018;2018;Undisclosed;Undisclosed;-;-;Custom event logs;Ground truth provided;Backdoor, Loader Drakon APT, Port Scans, Process Elevation, Process Injection;Yes, but not specified;115000.0;;
 DARPA TC5;No;Yes;2019;2019;Undisclosed;Undisclosed;-;-;Custom event logs;Ground truth provided;All MITRE tactics;Yes, but not specified;;;
-EVTX to MITRE ATT&CK;No;Yes;2022;2022;Single OS;Windows;-;-;Windows evtx files;Yes, in the sense that everything is malicious;Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, C2, Impact;_n/a_;1000.0;1000.0;
+EVTX to MITRE ATT&CK;No;Yes;2022;2022;Single OS;Windows;-;-;Windows evtx files;Yes, in the sense that everything is malicious;Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, C2, Impact;n/a;1000.0;1000.0;
 gureKDDCup;Yes;No;2008;2008;Military IT;Unix;Connection records with payload;Yes;-;-;DoS, Remote to Local, User to Root, Surveillance/Probing;Scripts for traffic generation, actual humans for performing complex tasks;10000.0;;
 ISCX Intrusion Detection Evaluation;Yes;No;2012;2012;Enterprise IT;Windows, Linux;pcaps;Yes;-;-;Infiltration from Inside, DoS/DDoS, Brute Force;Dedicated profiles generating traffic on various protocols/services;84000.0;87000.0;
 KDD Cup 1999;Yes;No;1999;1999;Military IT;Unix;Connection records;Yes;-;-;DoS, Remote to Local, User to Root, Surveillance/Probing;Scripts for traffic generation, actual humans for performing complex tasks;18.0;743.0;
-Kyoto Honeypot;Yes;No;2006;2015;Miscellaneous;Windows, Unix, MacOS;Features extracted from network traffic;Yes;-;-;_n/a_ (it's a honeypot);Automated normal traffic generation;20000.0;;
+Kyoto Honeypot;Yes;No;2006;2015;Miscellaneous;Windows, Unix, MacOS;Features extracted from network traffic;Yes;-;-;n/a (it's a honeypot);Automated normal traffic generation;20000.0;;
 LID-DS 2019;No;Yes;2019;2019;Single OS;Linux;-;-;Syscalls with parameter information;Ground truth provided;Various CVEs;Yes;13000.0;;
 NF-UQ-NIDS;Yes;No;2021;2021;Miscellaneous;Windows, Linux, MacOS;Custom NetFlows;Yes;-;-;DoS / DDoS, Reconnaissance, Injection, Infiltration, Backdoor, Botnet, Shellcode, MITM, Worms, Ransomware, Exploits;Yes;2000.0;14800.0;
 NGIDS-DS;Yes;Yes;2018;2018;Enterprise IT;Linux;pcaps;Ground truth provided;Features derived from host events;Yes;DDoS, Shellcode, Worms, Reconnaissance, Exploits, Generic;Yes, using IXIA PerfectStorm;941.0;13400.0;
@@ -33,9 +33,9 @@ OTFR Security Datasets - APT 29;Yes;Yes;2020;2020;Enterprise IT;Windows, Linux;p
 OTFR Security Datasets - Atomic;Yes;Yes;2019;2022;Single OS;Windows, Linux, Cloud;pcaps, AWS CloudTrail;Yes, in the sense that only attack traffic is provided;Windows events, linux auditd;Yes, in the sense that only attack events are provided;Most of MITRE's Att&ck matrix;No;125.0;;
 OTFR Security Datasets - Log4Shell;Yes;Yes;2021;2021;Single OS;Linux;pcaps;No, seems to be implied;Sysmon for Linux;No, seems to be implied;Log4j / Log4Shell;No;1.0;1.0;
 OTFR Security Datasets - LSASS Campaign;Yes;Yes;2023;2023;Single OS;Windows;pcaps, Zeek logs;No;Windows events;No;Resource Development, Execution, Discovery, Privilege Escalation, Defense Evasion, Credential Access, Exfiltration;No;423.0;1000.0;
-OTFR Security Datasets - SimuLand Golden SAML;No;Yes;2021;2021;Enterprise IT;Windows;-;-;Events from AAD, MS Defender, Office and Windows;Yes, in the sense that everything is malicious;Impersonation, Data Extraction;_n/a_;;1.0;
+OTFR Security Datasets - SimuLand Golden SAML;No;Yes;2021;2021;Enterprise IT;Windows;-;-;Events from AAD, MS Defender, Office and Windows;Yes, in the sense that everything is malicious;Impersonation, Data Extraction;n/a;;1.0;
 PWNJUTSU;Yes;Yes;2022;2022;Miscellaneous;Windows, Linux;pcaps, various logs (DNS, ssh, http, ssl, etc.);No;Sysmon, auditd, Windows events, various logs (auth, Apache);No;Discovery, Lateral Movement, Credential Access, Privilege Escalation;n/a;82000.0;;
-Skopik 2014;No;Yes;2014;2014;Enterprise IT;Linux;-;-;Syslogs;No;_n/a_;Yes, following a complex model;;;
+Skopik 2014;No;Yes;2014;2014;Enterprise IT;Linux;-;-;Syslogs;No;n/a;Yes, following a complex model;;;
 SOCBED Example Dataset;Yes;Yes;2021;2021;Enterprise IT;Windows, Linux;Traffic via packetbeat;No (but I labeled a separate run manually);Various system logs;No (but I labeled a separate run manually);Diverse;Yes;78.0;1300.0;
 TUIDS;Yes;No;2012;2012;Enterprise IT;Undisclosed;pcaps, NetFlows;Features are labeled;-;-;DoS;Presumably, but not detailed;;;
 Twente 2009;Yes;No;2009;2009;Single OS;Linux;NetFlows;Yes;-;-;Diverse;No;303.0;1900.0;