linwhitehat/ETA-Resource

# Datasets | Dataset| Description | Year | Status | |--------|-------------|------|----------| | [Canadian Institute for Cybersecurity Datasets](https://www.unb.ca/cic/datasets/) | IoT, LLM, DNS, IDS, DoS, Darknet, Tor, VPN, Botnet, Malware | – | 🟢 Regularly | | [ANT Datasets](https://ant.isi.edu/datasets/index.html) | Botnet, IoT, DNS, IP Geolocation | – | 🟢 Regularly | | [Information Security and Object Technology Research Lab Datasets](https://onlineacademiccommunity.uvic.ca/isot/datasets/) | IoT, Botnet, Cloud Security | – | 🟢 Regularly | | [VisQUIC](https://github.com/visquic/visquic) | QUIC Traffic Captured from Different Webpages | 2025 | 🔵 New | | [CipherSpectrum](https://github.com/SSLMate/cipherspectrum) | TLS 1.3 Web-Traffic for 40 Domains | 2025 | 🔵 New | | [NETD](https://github.com/NET-Dataset/NETD) | Dynamic Non-I.I.D. Encrypted Traffic Dataset | 2025 | 🔵 New | | [MobileTraffic](https://github.com/SSLMate/MobileTraffic) | 300+ Mobile Apps | 2024 | 🟡 No updates | | [Network Multiflow Fingerprinting Datasets](https://github.com/Thijsvanede/Network-Flow-Fingerprinting-Datasets) | UAV, IoT Device ID, ISD, KWS, SWF | 2023 | 🟡 No updates | | [Itc-Net-Blend-60](https://github.com/Thijsvanede/Itc-Net-Blend-60) | Android Apps in Diverse Environments | 2023 | 🟡 No updates | | [AnonProxy2023](https://github.com/Thijsvanede/AnonProxy2023) | Anonymous, Proxy, VPN | 2023 | 🟡 No updates | | [CSTNET-TLS 1.3](https://github.com/SSLMate/cstnet-tls-1.3) | TLS 1.3 Services | 2022 | 🟡 No updates | | [LFETT2021 Dataset](https://github.com/Thijsvanede/LFETT2021) | Tunnel, Proxy, VPN | 2021 | 🟡 No updates | | [DataCon2021-Encrypted Proxy](https://github.com/Thijsvanede/DataCon2021-Encrypted-Proxy) | Proxy, VPN | 2021 | 🟡 No updates | | [DAPT 2020](https://github.com/Thijsvanede/DAPT-2020) | APT | 2020 | 🟡 No updates | | [Malware Capture Facility Project](https://github.com/ytisf/the_malpedia-project) | CTU, IoT, Malware, Botnet | 2020 | 🟡 No updates | | [Cross-Platform](https://github.com/SSLMate/cross-platform) (Backup Dataset) | iOS and Android Apps | 2019 | 🟡 No updates | | [Network-based Intrusion Detection](https://github.com/Thijsvanede/Network-based-Intrusion-Detection-Datasets) | AWID, Botnet, CIC DoS, CTU, DARPA | 2019 | 🟡 No updates | | [Wangknn-dataset](https://github.com/Thijsvanede/Wangknn-dataset) | Tor, Websites | 2018 | 🟡 No updates | | [DLWF](https://github.com/Thijsvanede/DLWF) | Tor, Websites, Concept Drift, Open World | 2018 | 🟡 No updates | | [Network-Flow-of-QUIC](https://github.com/Thijsvanede/Network-Flow-of-QUIC) | QUIC Services | 2017 | 🟡 No updates | ## Online Methods * [Web-FTP: A Feature Transferring-Based Pre-Trained Model for Web Attack Detection](https://ieeexplore.ieee.org/abstract/document/10854996/). Zhenyu Guo. `TKDE 2025`. * [Less is More: Simplifying Network Traffic Classification Leveraging RFCs](https://dl.acm.org/doi/abs/10.1145/3701716.3715492). Nimesha Wickramasinghe. `WWW 2025`. * [Leo: Online ML-based Traffic Classification at Multi-Terabit Line Rate](https://www.usenix.org/conference/nsdi24/presentation/jafri). Syed Usman Jafri. `NSDI 2024`. [[code]](https://github.comurdue-ISL/Leo) * [Brain-on-Switch: Towards Advanced Intelligent Network Data Plane via NN-Driven Traffic Analysis at Line-Speed](https://www.usenix.org/conference/nsdi24/presentation/yan). Jinzhu Yan. `NSDI 2024`. [[code]](https://github.com/InspiringGroup-Lab/Brain-on-Switch) * [LINC: Enabling Low-Resource In-network Classification and Incremental Model Update](https://smartinternet.group/wp-content/uploads/2024/09/paper-yhl-linc-icnp.pdf). Haolin Yan. `ICNP 2024`. [[code]](https://github.com/haolinyan/LINC) * [IIsy: Hybrid In-Network Classification Using Programmable Switches](https://ieeexplore.ieee.org/document/10439067). Changgang Zheng. `ToN 2024`. [[code]](https://github.com/In-Network-Machine-Learning/IIsy) * [Recursive Multi-Tree Construction With Efficient Rule Sifting for Packet Classification on FPGA](https://ieeexplore.ieee.org/document/10315073). Yao Xin. `ToN 2024`. [[code]](https://github.com/wenjunpaper/KickTree) * [NetVigil: Robust and Low-Cost Anomaly Detection for East-West Data Center Security](https://www.usenix.org/system/files/nsdi24-hsieh.pdf). Kevin Hsieh. `NSDI 2024`. [[code]](https://github.com/microsoft/Yatesbury) * [RIDS: Towards Advanced IDS via RNN Model and Programmable Switches Co-Designed Approaches](https://ieeexplore.ieee.org/document/10621290). Ziming Zhao. `INFOCOM 2024`. [[code]](https://github.com/Secbrain/RIDS/) * [Genos: General In-Network Unsupervised Intrusion Detection by Rule Extraction](https://arxiv.org/abs/2403.19248). Ruoyu Li. `INFOCOM 2024`. * [FastTraffic: A lightweight method for encrypted traffic fast classification](https://www.sciencedirect.com/science/article/abs/pii/S1389128623004103). Yuwei Xu. `Computer Networks 2023`. [[code]](https://github.com/JieJayCao/FastTraffic) * [HorusEye: A Realtime IoT Malicious Traffic Detection Framework using Programmable Switches](https://www.usenix.org/conference/usenixsecurity23/presentation/dong-yutao). Yutao Dong. `USENIX Security 2023`. [[code]](https://github.com/vicTorKd/HorusEye) * [Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow Interaction Graph Analysis](https://www.ndss-symposium.org/ndss-paper/detecting-unknown-encrypted-malicious-traffic-in-real-time-via-flow-interaction-graph-analysis/). Chuanpu Fu. `NDSS 2023`. [[code]](https://github.com/fuchuanpu/HyperVision) * [Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection](https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_03A-3_Mirsky_paper.pdf). Yisroel Mirsky. `NDSS 2018`. [[code]](https://github.com/ymirsky/Kitsune-py) # Measurement * Domain Name System * [A Worldwide View on the Reachability of Encrypted DNS Services](https://dl.acm.org/doi/abs/10.1145/3589334.3645539). Ruixuan Li. `WWW 2024`. * [Investigating Deployment Issues of DNS Root Server Instances from a China-wide View](https://ieeexplore.ieee.org/abstract/document/10460172/keywords#keywords). Fenglu Zhang. `IEEE Transactions on Dependable and Secure Computing (TDSC) 2024`. * Privacy and Security * [Enhanced Dynamics of IP Allocation: Fine-Grained IP Geolocation via Temporal-Spatial Correlation](https://ieeexplore.ieee.org/document/11217538). Yiyang Huang. `IEEE Transactions on Networking (ToN) 2025`. [[code]](https://github.com/iiehyy/TSG) * [Mapping the unseen: Robust IP geolocation through the lens of uncertainty quantification](https://www.sciencedirect.com/science/article/abs/pii/S138912862500372X). Xueting Liu. `Computer Networks 2025`. * [Privacy protection of China’s top websites: A Multi-layer privacy measurement via network behaviours and privacy policies](https://www.sciencedirect.com/science/article/abs/pii/S0167404822000050). Xinjie Lin. `ComSec 2022`. * [Towards IP-based Geolocation via Fine-grained and Stable Webcam Landmarks](https://dl.acm.org/doi/10.1145/3366423.3380216). Zhihao Wang. `WWW 2020`. * [Server-Side Traffic Analysis Reveals Mobile Location Information over the Internet](https://ieeexplore.ieee.org/document/8413110). Keen Sung. `IEEE Transactions on Mobile Computing 2018`. * IPv6 * [IPv6 Prefix Target Generation through Pattern and Distribution Learning using Vision-Transformer and Guided-Diffusion](https://ieeexplore.ieee.org/document/11044676). Yaochen Ren. `INFOCOM 2025`. * [6GAN: IPv6 Multi-Pattern Target Generation via Generative Adversarial Nets with Reinforcement Learning](https://ieeexplore.ieee.org/document/9488912). Tianyu Cui. `INFOCOM 2021`. [[code]](https://github.com/CuiTianyu961030/6GAN) * [SiamHAN: IPv6 Address Correlation Attacks on TLS Encrypted Traffic via Siamese Heterogeneous Graph Attention Network](https://www.usenix.org/conference/usenixsecurity21/presentation/cui). Tianyu Cui. `USENIX Security 2021`. [[code]](https://github.com/CuiTianyu961030/SiamHAN) * [6VecLM: Language Modeling in Vector Space for IPv6 Target Generation](https://link.springer.com/chapter/10.1007%2F978-3-030-67667-4_12). Tianyu Cui. `ECML/PKDD 2020`. [[code]](https://github.com/CuiTianyu961030/6VecLM) * Quality of Service * [Network Traffic Statistical Upper Limit Prediction From Flow Features for Traffic Fluctuations](https://xplorestaging.ieee.org/document/11143543). Erina Takeshita. `ToN 2025`.

标签：AMSI绕过, Cloudflare, MITRE ATT&CK, PB级数据处理, SSL/TLS 分析, 加密流量, 加密流量分析, 加密流量监测, 加密通信, 可视化图形, 威胁检测, 安全运维, 机器学习流量分析, 流量元分析, 流量取证, 流量可视化, 流量处理, 流量检测, 流量特征提取, 网络协议分析, 网络安全, 网络安全研究, 网络态势感知, 网络流量分析, 网络流量安全, 网络流量采集, 逆向工具, 防御加固, 隐私保护