Using ALFlowLyzer, we successfully generated an augmented dataset, "BCCC-CIC-Bell-DNS-2024," from two existing datasets: "CIC-Bell-DNS-2021" and "CIC-Bell-DNS-EXF-2021." ALFlowLyzer enabled the extraction of essential flows from raw network traffic data, resulting in CSV files that integrate DNS metadata and application layer features. This new dataset combines light and heavy data exfiltration traffic into six unique sub-categories, providing a comprehensive structure for analyzing DNS data exfiltration attacks. The "BCCC-CIC-Bell-DNS-2024" dataset enhances the richness and diversity needed to effectively evaluate our proposed profiling model.
The full research paper outlining the details of the dataset and its underlying principles:
"Unveiling Malicious DNS Behavior Profiling and Generating Benchmark Dataset through Application Layer Traffic Analysis", Shafi, MohammadMoein, Arash Habibi Lashkari, Hardhik Mohanty; Computers and Electrical Engineering, 2024
Download Dataset: