Towards Generating Benchmark Datasets for Worm Infection Studies
Worm origin identification and propagation path reconstruction are among the most critical problems in digital forensics. Until now, several methods have been proposed for this purpose. However, there are no suitable datasets that contain both normal background traffic and worm traffic that researchers can use them to evaluate their methods. In this paper, we suggest a technique to generate such datasets using simulation. Then, we generate several datasets for Slammer, Code Red I, Code Red II and modified versions of these worms in different scenarios using this technique and make them publicly available.
READ FULL TEXT