| | Datasets | Number of records | Created by | Categories of attacks | Year of creation |
| | KDD99 | 5 million | Dapra | DoS
U2R
Probe
R2L | 1999 | | NSL-KDD | 5 million | University of New Brunswick (UNB) | DoS
U2R
Probe
R2L | 2000 | | ISCXIDS2012 | 2.4 million | Information Security Centre of Excellence (ISCX) (UNB) | DoS, brute force, and distributed denial of service (DDoS) | 2012 | | CIDDS | 33 million flows | Markus Ring et al. | Brute force, DDoS, and port scans | 2017 | | UNSW-NB15 | 2.54 million | University of New South Wales (UNSW), Canberra. Australian Centre for Cyber Security (ACCS) | Fuzzers, shellcode, analysis, worms, backdoors, reconnaissance, dos, generic, and exploits | 2015 | | CICIDS2017 | 2.8 million | Canadian Institute of Cyber Security (CIC) | Brute force FTP, Heartbleed, brute force SSH, DDoS, infiltration dos, web attack, and botnet | 2017 | | CSE–CIC–IDS2018 | 16.2 million | Communications Security Establishment (CSE). Joined with ISCX and CIC | Brute force, DDoS, and web attacks | 2018 | | Ton_IoT | 22.3 million | School of Engineering and Information technology (SEIT), University of New South Wales (UNSW), Canberra | DDoS, ransomware, data injection, DoS, password attack, cross-site scripting (XSS), backdoor, man-in-the-middle (MITM), and scanning | 2020 |
|
|
