Description
The CTU-13 Dataset is a dataset of botnet traffic that was captured by the CTU University [TBD 5] in the Czech Republic in 2011. The data set is a capture of real botnet traffic mixed with normal traffic and background traffic. The dataset is built around 13 scenarios as shown below.
Each of the scenarios were captured in a pcap file that contains all of the packets of the three types of traffic.
Advantages
This is a raw data capture of traffic separated into 13 scenarios. This is unlabeled traffic which is not separated into benign and botnet traffic which has advantages and disadvantages. This enables a large amount of flexibility but may contain duplicate and misleading data within the dataset.
Disadvantages
This dataset, for obvious privacy reasons, has been pre-processed and filtered to remove all the background / normal traffic. This has the potential to remove some important but hidden features of the botnet traffic.