Index of /publicDatasets/Hornet-40-Network-Dataset-of-Geographically-Placed-Honeypots/hornet40-netflow-extended/Honeypot-Cloud-DigitalOcean-Geo-4

[ICO]NameLast modifiedSizeDescription
[PARENTDIR]Parent Directory  -  
[TXT]2021-04-23_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 3.3M 
[TXT]2021-04-24_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 3.2M 
[TXT]2021-04-25_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 3.3M 
[TXT]2021-04-26_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 4.5M 
[TXT]2021-04-27_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 3.6M 
[TXT]2021-04-28_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.5M 
[TXT]2021-04-29_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 7.2M 
[TXT]2021-04-30_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.8M 
[TXT]2021-05-01_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 7.4M 
[TXT]2021-05-02_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.3M 
[TXT]2021-05-03_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.5M 
[TXT]2021-05-04_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.3M 
[TXT]2021-05-05_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 7.5M 
[TXT]2021-05-06_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 8.0M 
[TXT]2021-05-07_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 7.3M 
[TXT]2021-05-08_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 8.1M 
[TXT]2021-05-09_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 7.3M 
[TXT]2021-05-10_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 4.7M 
[TXT]2021-05-11_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.3M 
[TXT]2021-05-12_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 4.9M 
[TXT]2021-05-13_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.6M 
[TXT]2021-05-14_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 40M 
[TXT]2021-05-15_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 13M 
[TXT]2021-05-16_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.1M 
[TXT]2021-05-17_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.1M 
[TXT]2021-05-18_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.3M 
[TXT]2021-05-19_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.2M 
[TXT]2021-05-20_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 6.1M 
[TXT]2021-05-21_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.5M 
[TXT]2021-05-22_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.2M 
[TXT]2021-05-23_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.3M 
[TXT]2021-05-24_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:40 5.9M 
[TXT]2021-05-25_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:41 6.6M 
[TXT]2021-05-26_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:41 6.1M 
[TXT]2021-05-27_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:41 6.2M 
[TXT]2021-05-28_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:41 149M 
[TXT]2021-05-29_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:42 173M 
[TXT]2021-05-30_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:42 81M 
[TXT]2021-05-31_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:42 4.5M 
[TXT]2021-06-01_honeypot-cloud-digitalocean-geo-4_netflow-extended.csv2021-06-02 20:42 26M 
[TXT]README.html2021-05-31 15:23 1.8K 
[TXT]README.md2021-05-31 15:23 1.6K 

About

Hornet 40 is a dataset of 40 days of network traffic attacks captured in cloud servers used as honeypots to help understand how geography may impact the inflow of network attacks. The honeypots were placed in eight different geographical locations: Amsterdam, London, Frankfurt, San Francisco, New York, Singapore, Toronto, Bangalore. The data was captured through April, May, and June 2021.

The eight cloud servers were created and configured simultaneously following identical instructions. The network capture was performed using the Argus network monitoring tool in each cloud server. The cloud servers had only one service running (SSH on a non-standard port) and was fully dedicated to be used as a honeypot. No honeypot software was used in this dataset.

Experiment Information

Honeypot location: London
Honeypot IP: 159.65.26.180
Administration IPs: 88.103.231.202,147.32.83.155
Administration Port: 902
Instance OS: Ubuntu 20.04LTS
Instance Capacity: 1GB / 1 Intel CPU
Instance Storage: 25 GB NVMe SSDs
Instance Transfer: 1000 GB transfer

All droplets have times in UTC, two hours behind CEST. E.g.: 6AM UTC is 8AM CEST.

Citation

To cite this work: "Valeros, Veronica (2021), “Hornet 40: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V1, doi: 10.17632/tcfzkbpw46.1"

Timeline

Experiment Started on April 23th, 2021

Argus and ra started. Administration SSH is running on port 902/TCP. No honeypot software running. The honeypot is idle.

References

The description of fields available in the bi-argus files are described at https://www.systutorials.com/docs/linux/man/1-ra/.