Public Datasets (PCAPs)

Collections of public datasets and packet captures for testing and profiling. Not to be confused with Suricata datasets.

MIT Lincoln Laboratory <https://www.ll.mit.edu/r-d/datasets?keywords=cyber>__ Cyber-focused datasets from MIT, including DARPA datasets.

MAWI Samplepoint-F <http://mawi.wide.ad.jp/mawi/samplepoint-F/2012/>__ WIDE transit-link traces (packet headers only; no payloads).

MACCDC <http://www.netresec.com/?page=MACCDC>__ Mid-Atlantic Collegiate Cyber Defense Competition traffic captures.

Netresec <http://www.netresec.com/?page=PcapFiles>__ Public pcap files for network forensics and malware analysis.

Wireshark Sample Captures <https://gitlab.com/wireshark/wireshark/-/wikis/SampleCaptures>__ Curated sample captures useful for protocol testing.

Security Onion PCAP collection <https://docs.securityonion.net/en/2.4/pcaps.html>__ Collection of links and downloads for lab datasets.

Stratosphere IPS Malware Capture Facility <https://stratosphereips.org/category/dataset.html>__ Malware-oriented captures with related dataset material.

UNSW-NB15 <https://research.unsw.edu.au/projects/unsw-nb15-dataset>__ UNSW Cyber Range dataset with IXIA-generated benign/attack traffic, raw pcap captures, and labeled flow-feature CSV files.

CIC-IDS2017 <https://www.unb.ca/cic/datasets/ids-2017.html>__ Intrusion Detection Evaluation Dataset

CSE-CIC-IDS2018 <https://www.unb.ca/cic/datasets/ids-2018.html>__ CSE-CIC-IDS2018 on AWS: A collaborative project between the Communications Security Establishment (CSE) & the Canadian Institute for Cybersecurity (CIC).

CIC-DDoS2019 <https://www.unb.ca/cic/datasets/ddos-2019.html>__ Dataset containing DDoS attacks resembling true real world data.