-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathhannahprove2.csv
We can make this file beautiful and searchable if this error is corrected: Unquoted fields do not allow new line <"\n"> in line 1.
361 lines (357 loc) · 82.8 KB
/
hannahprove2.csv
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
Reviewer,Paper name,URL,Conference,Year,DHS funding,"Dataset Origin(Existed | Created Primary, | Created Derivative)",Description,Public?,In IMPACT / PREDICT?,Data link,Research or Industry?,Main Category, Sub Category, Note,citeNum
Hannah,Protecting Insecure Communications with Topology-aware Network Tunnels,https://dl.acm.org/authorize.cfm?key=N14331,CCS,2016,No,Existed,"we evaluated 10,000 popular web domains according to Alexa",Public,No,http://www.alexa.com/topsites,Industry,Macro-level Internet Activities,Applications,,0
Hannah,All Your DNS Records Point to Us,https://dl.acm.org/authorize.cfm?key=N14342,CCS,2016,No,Existed,"choose a snapshot of Alexaäó»s top 1 million domain list for each year from 2010 to 2016, we use the DNS tool dig to retrieve the DNS records of every domain in D and S, first identify a list of popular third-party services. To this end, we cluster all CNAME and MX records based on their data fields and then manually check all email and top 200 non-email services in terms of the cluster size",Public,No,http://www.alexa.com/topsites,Industry,Macro-level Internet Activities,Applications,,0
Hannah,Host of Troubles: Multiple Host Ambiguities in HTTP Implementations,https://dl.acm.org/authorize.cfm?key=N14450,CCS,2016,No,Eixisted,"1.5 million advertising impressions with about $110 on the Bit-torrent PC client uTorrent, which distributes Flash advertisements as part of the revenue model",No,No,/,Industry,Macro-level Internet Activities,Applications,,0
Hannah,Analysis of a äóì/0äó Stealth Scan from a Botnet,https://www.caida.org/publications/papers/2012/analysis_slash_zero/analysis_slash_zero.pdf,ICM 2012,2012,Yes,Existed,"UCSD Telescope Sipscan dataset",Public,DS-733,https://www.impactcybertrust.org/dataset_view?idDataset=733,Research,Attacker Related,Attacks,,0
Hannah,Chainsaw: Chained Automated Workflow-based Exploit Generation,http://dl.acm.org/citation.cfm?id=2978380,CCS,2016,No,Created Primary,"199 first- and second-order injection exploitsChainsawwas tested on9 PHP web applications of different complexities, generating199 exploits, including 30 second-order exploits, and hasno false positives by design.",Only a few were discussed,No,Some specific exploits in data paper,Research,Attacker Related,Exploits,,0
Hannah,Spectral Fractal Dimension Trajectory to Measure Cognitive Complexity of Malicious DNS Traffic,http://worldcomp-proceedings.com/proc/p2016/SAM3798.pdf,SAM,2016,No,Existed,Data set from CAIDA USA which contains internet traces from optical fiber internet connectivity from 2002 and 2003,Public,No,https://data.caida.org/datasets/oc48/oc48-original/,Industry,Macro-level Internet Activities,Network Traces,,0
Hannah,Spectral Fractal Dimension Trajectory to Measure Cognitive Complexity of Malicious DNS Traffic,http://worldcomp-proceedings.com/proc/p2016/SAM3798.pdf,SAM,2016,No,Existed,"Data set from PREDICT USA which contains traces of a DNS distributed denial of service attack (DDOS), ",Public,USC-Lander,/,Industry,Macro-level Internet Activities,Network Traces,,0
Hannah,On Measuring the Geographic Diversity of Internet Routes,https://arxiv.org/pdf/1601.01116v1.pdf,N/A,2016,No,Existed,Traceroute dataset from IPlane,No,No,/,Industry,Macro-level Internet Activities,Network Traces,,0
Hannah,Router-level community structure of the Internet Autonomous Systems,http://epjdatascience.springeropen.com/articles/10.1140/epjds/s13688-015-0048-y,N/A,2015,No,Existed,"CAIDA router-level Internet map from October 19th, 2011",Public,DS-205,http://www.caida.org/data/active/ipv4_routed_24_topology_dataset.xml,Industry,Macro-level Internet Activities,Topology,,0
Hannah,A Novel Methodology of Router-To-AS Mapping inspired by Community Discovery,https://arxiv.org/ftp/arxiv/papers/1512/1512.03916.pdf,N/A,2015,No,Existed,PeeringDB,Public,No,https://www.peeringdb.com/help/public_faq.php,Industry,Macro-level Internet Activities,Topology,,0
Hannah,A Novel Methodology of Router-To-AS Mapping inspired by Community Discovery,https://arxiv.org/ftp/arxiv/papers/1512/1512.03916.pdf,N/A,2015,No,Existed,CAIDA ITDK Macroscopic Internet Topology Data Kit,Public,Yes DS-305,"http://data.caida.org/datasets/topology/ark/ipv4/itdk/2012",Industry,Macro-level Internet Activities,Topology,,0
Hannah,Evidence of spatial embedding in the IPv4 router-level Internet network,https://arxiv.org/pdf/1410.3340v1.pdf,N/A,2014,No,Existed,"Internet Topology Data Kit, ",Public,DS-454,http://www.caida.org/data/Internet-topology-data-kit,Industry,Macro-level Internet Activities,Topology,,0
Hannah,On Measuring the Geographic Diversity of Internet Routes,https://arxiv.org/pdf/1601.01116v1.pdf,N/A,2016,No,Existed,CAIDA's ITDK kit,Public,Yes,http://www.caida.org/data/internet-topology-data-kit,Industry,Macro-level Internet Activities,Topology,,0
Hannah,MiddlePolice: Toward Enforcing Destination-Defined Policies in the Middle of the Internet,https://dl.acm.org/authorize.cfm?key=N14330,CCS,2016,No,Existed,"CAIDA AS relationships dataset, including 52680 ASes and their business relationships",Public,No,http://www.caida.org/data/as-relationships/,Industry,Macro-level Internet Activities,Topology,,0
Hannah,Protecting Insecure Communications with Topology-aware Network Tunnels,https://dl.acm.org/authorize.cfm?key=N14331,CCS,2016,No,Created Derivative,"Our final list, including the initial domains, contains 34,893 unique domains resolved to 20,026 distinct IP addresses, we only considered complete network paths for which we had identified all their hops ending up with data for 15,020 of the original 20,026 hosts",No,No,/,Research,Macro-level Internet Activities,Topology,,0
Hannah,Spectral Fractal Dimension Trajectory to Measure Cognitive Complexity of Malicious DNS Traffic,http://worldcomp-proceedings.com/proc/p2016/SAM3798.pdf,SAM,2016,No,Created Primary,Data set from our experiment in which a PCAP file is captured from a lab computer which is being used for browsing and software development for the cyber security project,No,No,/,Research,User & Organization Characteristics,User Activities,,0
Hannah,Evidence of spatial embedding in the IPv4 router-level Internet network,https://arxiv.org/pdf/1410.3340v1.pdf,N/A,2014,No,Existed,geolocation acquired from the MaxMind Geolite database for a subset of the routers to varying levels of precision ,Public,No,/,Industry,User & Organization Characteristics,User Activities,,0
Hannah,"Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms",https://dl.acm.org/authorize.cfm?key=N14374,CCS,2016,No,Existed,200 popular open-source projects hosted on GitHub,Public,No,/,Industry,Macro-level Internet Activities,Applications,,1
Hannah,Practical Censorship Evasion Leveraging Content Delivery Networks,https://dl.acm.org/authorize.cfm?key=N14476,CCS,2016,No,Existed,"top 10,000 Alexa websites from 20 geographically-dispersed Planetlab nodes",Public,No,http://www.alexa.com/topsites,Industry,Macro-level Internet Activities,Applications,,1
Hannah,"Feature Selection for Robust Backscatter DDoSDetection",http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7365905,LCN Workshop,2015,No,Existed,specific darknet dataset including mostly DDoS traffic collected in 2012 via UCSD Network Telescope,Public,No,http://www.caida.org/data/passive/telescope-educationaldataset.xml,Industry,Attacker Related,Attacks,,1
Hannah,New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks,https://dl.acm.org/authorize.cfm?key=N14328,CCS,2016,No,Created Primary,Attacks based on those vulnerabilities crafted,Public,No,Data in paper,Research,Attacker Related,Attacks,,1
Hannah,High Fidelity Data Reduction for Big Data Security Dependency Analyses,https://dl.acm.org/authorize.cfm?key=N14371,CCS,2016,No,Created Primary,Data logs collected from more than 30 machines with various server models and operating systems,No,No,/,Industry,Defender Artifacts,Configurations,,1
Hannah,"Feature Selection for Robust Backscatter DDoSDetection",http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7365905,LCN Workshop,2015,No,Existed,specific darknet dataset including only normal traffic from 2008 via UCSD Network Telescope,Public,No,http://www.caida.org/data/passive/passive2008dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,1
Hannah,"Feature Selection for Robust Backscatter DDoSDetection",http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7365905,LCN Workshop,2015,No,Existed,specific darknet dataset including only normal traffic from 2014 via UCSD Network Telescope,Public,No,http://www.caida.org/data/passive/passive2014dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,1
Hannah,"Feature Selection for Robust Backscatter DDoSDetection",http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7365905,LCN Workshop,2015,No,Existed,specific darknet dataset including mostly DDoS traffic collected in 2007 via UCSD Network Telescope,Public,DS-117,http://www.caida.org/data/passive/ddos-20070804dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,1
Hannah,"Feature Selection for Robust Backscatter DDoSDetection",http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7365905,LCN Workshop,2015,No,Existed,specific darknet dataset including mostly DDoS traffic collected in 2008 via UCSD Network Telescope,Public,DS-380,http://www.caida.org/data/passive/backscatter2008dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,1
Hannah,Practical Censorship Evasion Leveraging Content Delivery Networks,https://dl.acm.org/authorize.cfm?key=N14476,CCS,2016,No,Created Primary,all insecure edge servers of Akamai respond correctly to HTTPS requests for any of the 400 Akamai customer websites we tried,No,No,/,Industry,Macro-level Internet Activities,Network Traces,,1
Hannah,bdrmap: Inference of Borders Between IP Networks,http://www.caida.org/publications/papers/2016/bdrmap/bdrmap.pdf,ICM 2016,2016,Yes,Existed,Border mapping dataset,Public,DS-732,https://www.impactcybertrust.org/dataset_view?idDataset=732,Research,Macro-level Internet Activities,Topology,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,sentences and passwords we collected from MneGenEx,Public,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,sentences and passwords we collected from MnePerEx,Public,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,sentences and passwords we collected from MnePer,Public,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,sentences and passwords we collected from MneEx by cross validation,Public,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,evaluate the strength of passwords generated using the variants as well as dataset Yahoo,Public,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,An Empirical Study of Mnemonic Sentence-based Password Generation Strategies,https://dl.acm.org/authorize.cfm?key=N14336,CCS,2016,No,Existed,evaluate the strength of passwords generated using the variants as well as used dataset phpBB against todayäó»s attacks,No,No,/,Industry,User & Organization Characteristics,User information,,1
Hannah,New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks,https://dl.acm.org/authorize.cfm?key=N14328,CCS,2016,No,Created Primary,Vulnerabilities found,Public,No,Data in paper,Research,Attacker Related,Vulnerabilities,,1
Hannah,"Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms",https://dl.acm.org/authorize.cfm?key=N14374,CCS,2016,No,Created Primary,"Found vulnerabilities related to integers, migrating from 32 bit and larger address space",Public,No,Data in paper,Research,Attacker Related,Vulnerabilities,,1
Hannah,Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback,https://dl.acm.org/authorize.cfm?key=N14248,CCS,2016,No,Exited,"1,591 service interfaces of Android 5.1.0",No,No,/,Industry,Macro-level Internet Activities,Applications,,2
Hannah,CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-world Websites,https://dl.acm.org/authorize.cfm?key=N14383,CCS,2016,No,Existed,"Alexa Top 50 websites, ",Public,No,/,Industry,Macro-level Internet Activities,Applications,,2
Hannah,A Cognitive Multifractal Approach to Characterize Complexity of Non-Stationary and Malicious DNS Data Traffic Using Adaptive Sliding Window ,https://www.computer.org/csdl/proceedings/icci*cc/2015/7290/00/07259368.pdf,IEEE on Congnitive Computing,2015,No,Existed,PREDICT ID USC-Lander! DoS_DNS_amplification-20130617 ,Public,PREDICT ID USC-Lander,/,Industry,Attacker Related,Attacks,,2
Hannah,GAME OF DECOYS: Optimal Decoy Routing Through Game Theory,https://dl.acm.org/authorize.cfm?key=N14477,CCS,2016,No,Existed,"We use GeLite2 geo-location database for the mapping between IP addresses and geographical locations, ",Public,No,http://www.maxmind.com/,Industry,,Benign Network Characteristics,,2
Hannah,An In-Depth Study of More Than Ten Years of Java Exploitation,https://dl.acm.org/authorize.cfm?key=N14393,CCS,2016,No,Existed,87 publicly available Java exploits (Metasploit (22 exploits),Public,No,"https://github.com/rapid7/metasploit-framework/tree/master/external/source/exploits",Industry,Attacker Related,Exploits,,2
Hannah,An In-Depth Study of More Than Ten Years of Java Exploitation,https://dl.acm.org/authorize.cfm?key=N14393,CCS,2016,No,Existed,Exploit-DB (2),Public,No,https://www.exploit-db.com,Industry,Attacker Related,Exploits,,2
Hannah,An In-Depth Study of More Than Ten Years of Java Exploitation,https://dl.acm.org/authorize.cfm?key=N14393,CCS,2016,No,Existed,"Packet Storm (5), ",Public,No,https://packetstormsecurity.com,Industry,Attacker Related,Exploits,,2
Hannah,An In-Depth Study of More Than Ten Years of Java Exploitation,https://dl.acm.org/authorize.cfm?key=N14393,CCS,2016,No,Existed," from the security research company Security Explorations (52), ",Public,No,http://www.security-explorations.com/en/SE-2012-01-poc.html,Industry,Attacker Related,Exploits,,2
Hannah,An In-Depth Study of More Than Ten Years of Java Exploitation,https://dl.acm.org/authorize.cfm?key=N14393,CCS,2016,No,Existed,an online repository for Java exploits) and associated CVE identifiers,Public,No,https://bitbucket.org/bhermann/java-exploit-library,Industry,Attacker Related,Exploits,,2
Hannah,A Surfeit of SSH Cipher Suites,https://dl.acm.org/authorize.cfm?key=N14345,CCS,2016,No,Created Primary,"IPv4-address-space-wide scans for SSH servers using ZGrab/ZMap. These were conducted from November 11, 2015 to December 1, 2015 ",No,No,/,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,A Surfeit of SSH Cipher Suites,https://dl.acm.org/authorize.cfm?key=N14345,CCS,2016,No,Created Primary,"IPv4-address-space-wide scans for SSH servers using ZGrab/ZMap. These were conductedfrom January 22, 2016 to January 27, 2016. ",No,No,/,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,A Surfeit of SSH Cipher Suites,https://dl.acm.org/authorize.cfm?key=N14345,CCS,2016,No,Created Primary,"We found about 224 servers in each scan., also randomly sampled 2048 IPs which were reportingdropbear_2014.66 resp. OpenSSH 5.3 to understand what kind of systems were running these services, ",No,No,/,Research,Macro-level Internet Activities,Network Traces,,2
Hannah,GAME OF DECOYS: Optimal Decoy Routing Through Game Theory,https://dl.acm.org/authorize.cfm?key=N14477,CCS,2016,No,Existed,"We use the OEC10 dataset to infer the economical relationship between countries, ",Public,No,http://atlas.media.mit.edu/en/resources/data/,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,GAME OF DECOYS: Optimal Decoy Routing Through Game Theory,https://dl.acm.org/authorize.cfm?key=N14477,CCS,2016,No,Existed,We use the DNS Census dataset composed of about 2.5 billion DNS records to find the domain names belonging to various censoring countries.,Public,No,https://dnscensus2013.neocities.org/index.html ,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,GAME OF DECOYS: Optimal Decoy Routing Through Game Theory,https://dl.acm.org/authorize.cfm?key=N14477,CCS,2016,No,Existed,"We use CAIDAäó»s äóìJan 2016äó AS relationships database to model the business relationship between ASes, ",Public,No, http://www.caida.org/data/as-relationships/,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,GAME OF DECOYS: Optimal Decoy Routing Through Game Theory,https://dl.acm.org/authorize.cfm?key=N14477,CCS,2016,No,Existed,"We use CAIDAäó»s AS rank dataset to map between ASes and IP address ranges, also for AS sizes, ",Public,No, http://as-rank.caida.org/ ,Industry,Macro-level Internet Activities,Network Traces,,2
Hannah,SmartWalk: Enhancing Social Network Security via Adaptive Random Walks,https://dl.acm.org/authorize.cfm?key=N14370,CCS,2016,No,Existed,10 various large-scale real-world social network topologies that mainly come from the Stanford Large Network Dataset Collection ,Public,No,http://snap.stanford.edu/data,Industry,Macro-level Internet Activities,Topology,,2
Hannah,The Sounds of the Phones: Dangers of Zero-Effort Second Factor Login based on Ambient Audio,https://dl.acm.org/authorize.cfm?key=N14303,CCS,2016,No,Created Primary,General population statistics via an online survey to determine the phone usage habits and patterns relevant to attacks,No,No,/,Research,User & Organization Characteristics,User offline characteristics,,2
Hannah,Call Me Back! Attacks on System Server and System Apps in Android through Synchronous Callback,https://dl.acm.org/authorize.cfm?key=N14248,CCS,2016,No,Created Primary,Identified six previously unknown vulnerabilities in Android service systems,No (sent to Google),"No",Data in paper,Research,Attacker Related,Vulnerabilities,,2
Hannah,CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump,https://dl.acm.org/authorize.cfm?key=N14373,CCS,2016,No,Created Primary,"e compiled and configured vulnerable programs based on thedescription of the collected vulnerabilities, and successfully produce80 crashes using the PoCs corresponding to 73 vulnerabilities. ",Public,No,https://www.exploit-db.com/,Industry,Attacker Related,Vulnerabilities,,2
Hannah,CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump,https://dl.acm.org/authorize.cfm?key=N14373,CCS,2016,No,Existed,73 memory corruption vulnerabilities archived in Offensive Security Exploit Database,Public,No,https://www.exploit-db.com/,Industry,Attacker Related,Vulnerabilities,,2
Hannah,The Misuse of Android Unix Domain Sockets and Security Implications,https://dl.acm.org/authorize.cfm?key=N14247,CCS,2016,No,Existed,"APK files that corresponded to 14,644 apps on Google Play",No,No,/,Industry,Macro-level Internet Activities,Applications,,3
Hannah,Content Security Problems?,https://dl.acm.org/authorize.cfm?key=N14348,CCS,2016,No,Created Derivative,we collect the CSP headers from the Alexa Top 1M websites,Public,No,http://www.alexa.com/topsites,,Macro-level Internet Activities,Applications,,3
Hannah,Android ION Hazard: the Curse of Customizable Memory Management System,https://dl.acm.org/authorize.cfm?key=N14462,CCS,2016,No,Created Primary,"We have analyzed 17 Android devices in total,",No,No,/,Industry,Macro-level Internet Activities,Applications,,3
Hannah,Secure Stable Matching at Scale,https://dl.acm.org/authorize.cfm?key=N14467,CCS,2016,No,Created Primary,dataset designed to model the 2016 national medical residency match,No,No,/,Industry,Macro-level Internet Activities,Applications,,3
Hannah,PhishEye: Live Monitoring of Sandboxed Phishing Kits,https://dl.acm.org/authorize.cfm?key=N14341,CCS,2016,No,Created Primary,"We collected 643 unique phishing kits, which were uploaded on our honeypot over a period of five months from September 2015 to the end of January 2016, ",No,No,/,Industry,Attacker Related,Attacks,,3
Hannah,Identifying the Scan and Attack Infrastructures Behind Amplification DDoS Attacks,https://dl.acm.org/authorize.cfm?key=N14343,CCS,2016,No,Created Primary,"our modified AmpPot version observed 1,351,852 attacks",No,No,/,Research,Attacker Related,Attacks,,3
Hannah,FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature,https://dl.acm.org/authorize.cfm?key=N14392,CCS,2016,No,Existed,Drebin dataset,Public,No,/,Industry,Attacker Related,Attacks,,3
Hannah,A polyscale autonomous sliding window for cognitive machine classification of malicious Internet traffic,https://www.researchgate.net/publication/293695267_A_polyscale_autonomous_sliding_window_for_cognitive_machine_classification_of_malicious_Internet_traffic,SAM,2015,No,Existed,"PREDICT ID USC-Lander/ DoS_DNS_amplification-20130617 (2013-06-17) to (2013-06-17)The PREDICT data set [26] was used toperform the analysis. This dataset contains 19 ERFcapture files with anonymized IPs. Moreover, the attackwas recorded for 10 minutes and the packets werecaptured for 32 minutes and 47 seconds",Public,PREDICT ID USC-Lander,/,Industry,Attacker Related,Attacks,,3
Hannah,Slitheen: Perfectly Imitated Decoy Routing through Traffic Replacement,https://dl.acm.org/authorize.cfm?key=N14475,CCS,2016,No,Existed,"visited the Alexa top 10,000 TLS sites that support our implemented ciphersuites",Public,No,http://www.alexa.com/topsites,Industry,Defender Artifacts,Configurations,,3
Hannah,FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature,https://dl.acm.org/authorize.cfm?key=N14392,CCS,2016,No,Existed, list of malware families,Public,No,https://forensics.spreitzenbarth.de/android-malware/,Industry,Attacker Related,Exploits,,3
Hannah,The Day After Patch Tuesday: Effects Observable in IP Darkspace Traffic,https://www.caida.org/publications/papers/2013/day_after_patch_tuesday/day_after_patch_tuesday.pdf,PAM 2013,2013,No,Existed,Patch Tuesday Dataset,Public,DS-381,https://www.impactcybertrust.org/dataset_view?idDataset=381,Research,Macro-level Internet Activities,Network Traces,,3
Hannah,Identifying the Scan and Attack Infrastructures Behind Amplification DDoS Attacks,https://dl.acm.org/authorize.cfm?key=N14343,CCS,2016,No,Created Primary,"our dataset contained TTL values for 168 distinct sources for five measurements,",No,No,/,Research,Macro-level Internet Activities,Topology,,3
Hannah,"CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy",https://dl.acm.org/authorize.cfm?key=N14349,CCS,2016,No,Existed,"data set that is representative of the web as a whole: a search index consisting of about 6.5 petabytes of data Theindex contains the response headers and bodies of pages onthe public Internet crawled within the past 20 days by theGoogle search crawling infrastructure.",No,No,/,Research,Macro-level Internet Activities,Topology,,3
Hannah,DPSense: Differentially Private Crowdsourced Spectrum Sensing,https://dl.acm.org/authorize.cfm?key=N14354,CCS,2016,No,Created Derivative,extracting the traces from the center of Rome from CRAWDAD dataset roma/taxi,No,No,http://crawdad.org/roma/taxi/20140717 (original dataset),Industry,Macro-level Internet Activities,Topology,,3
Hannah,The Misuse of Android Unix Domain Sockets and Security Implications,https://dl.acm.org/authorize.cfm?key=N14247,CCS,2016,No,Created Primary,Identified vulnerabilities in Android daemons and apps,No (sent to developers),No,https://sites.google.com/site/unixdomainsocketstudy/home,Research,Attacker Related,Vulnerabilities,,3
Hannah,Content Security Problems?,https://dl.acm.org/authorize.cfm?key=N14348,CCS,2016,No,Created Primary,built a dataset of CSP violations using our Chromium extension,No,No,/,Research,Attacker Related,Vulnerabilities,,3
Hannah,Entropy-Based Characterization of Internet Background Radiation,http://www.mdpi.com/1099-4300/17/1/74/htm#b18-entropy-17-00074,SAM,2015,No,Created Primary,"Representative portion of the IBR for three weeks of April, 2012, with a 10-minute time scope",Public,DS-381,http://www.caida.org/data/passive/telescope-patch-tuesday_dataset.xml,Industry,Attacker Related,Attacks,,4
Hannah,"Identifying and Characterizing Anycastin the Domain Name System",ftp://www.isi.edu/isi-pubs/tr-671.pdf,N/A,2011,Yes,Created Derivative,Anycast_Enumeration_from_rDNS_to_AS112-20120504,Public,DS-350,https://www.impactcybertrust.org/dataset_view?idDataset=350,Research,Macro-level Internet Activities,Network Traces,,4
Hannah,Understanding Address Usage in the Visible Internet,http://www.isi.edu/~johnh/PAPERS/Cai09b.pdf,USC/ISI Technical Report,2009,No,Existed,"Internet ICMP surveys, 4.4M IP addresses probed the ping survey Nearly half of these (2.2M) have hostnames in the ISC reverse DNS survey",Public,DS-063,http://www.isi.edu/ant/lander,Industry,Macro-level Internet Activities,Network Traces,,4
Hannah,Understanding Address Usage in the Visible Internet,http://www.isi.edu/~johnh/PAPERS/Cai09b.pdf,USC/ISI Technical Report,2009,No,Existed,"Internet ICMP surveys, 4.4M IP addresses probed the ping survey Nearly half of these (2.2M) have hostnames in the ISC reverse DNS survey",Public,DS-037,http://www.isi.edu/ant/lander,Industry,Macro-level Internet Activities,Network Traces,,4
Hannah,EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation,https://dl.acm.org/authorize.cfm?key=N14355,CCS,2016,No,Existed,metadata from the public äóìMy API Filmsäó website,Public,No,http://www.myapifilms.com/index.jsp,Industry,User & Organization Characteristics,User Activities,,4
Hannah,Membership Privacy in MicroRNA-based Studies,https://dl.acm.org/authorize.cfm?key=N14366,CCS,2016,No,Existed,"The dataset containing more than 1,000 miRNA ex-pression profiles publicly available in the gene expression omnibus (GEO) database under reference GSE6174","Public",No,/,Industry,User & Organization Characteristics,User information,,4
Hannah,Timeouts: Beware Surprisingly High Delay,http://dl.acm.org/citation.cfm?id=2815704,IMC on Internet Measurements,2015,No,Existed,"We used Data from 103 surveys taken between April 2006 and February 2015, consisting of all echo requests that were sent as part of the surveys in this period, as well as all echo responses that were received, Zmap scans",Public,DS-391, http://www.isi.edu/ant/traces/topology/addresssurveys/binformatdescription.html,Industry,User & Organization Characteristics,User Opinions,,4
Hannah,EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation,https://dl.acm.org/authorize.cfm?key=N14355,CCS,2016,No,Existed,MovieLens a movie rating dataset collected by the GroupLens Research Project,Public,No,http://grouplens.org/datasets/movielens ,Industry,User & Organization Characteristics,User opinions,,4
Hannah,EpicRec: Towards Practical Differentially Private Framework for Personalized Recommendation,https://dl.acm.org/authorize.cfm?key=N14355,CCS,2016,No,Existed," Yelp2: a business rating data provided by RecSys Challenge 2013,",Public,No,https://www.kaggle.com/c/yelp-recsys-2013/data ,Industry,User & Organization Characteristics,User opinions,,4
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Existed, WHOIS data,Public,No,https://www.whoisxmlapi.com/ http://bulkwhoisapi.com/,Industry,Macro-level Internet Activities,Applications,,5
Hannah,Detecting Advanced Persistent Threats using Fractal Dimension based Machine Learning Classification ,http://dl.acm.org/citation.cfm?id=2875484,ACM on Privacy and Security Analytics,2016,No,Existed,"APTs were collected from Contagio malware database, ",Public,No,https://www.mediafire.com/folder/c2az029ch6cke/TRAFFIC_PATTERNS_COLLECTION#734479hwy1b97 ,Industry,Attacker Related,Attacks,,5
Hannah,On the Security of Cracking-Resistant Password Vaults,https://dl.acm.org/authorize.cfm?key=N14337,CCS,2016,No,Existed,The PBVault leak is likely from before June 2011 and has a substantial overlap with credentials that were obtained via keystroke logging and HTML form injection,Public,No,/,Industry,Attacker Related,Attacks,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Existed," SSL certificates from full IPv4 scans, ",Public,No,https://scans.io/study/sonar.ssl,Industry,Defender Artifacts,Configurations,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Eixisted," 1,781,962outsourced leaf certificates",Public,No,https://support.apple.com/en-us/HT202858,Industry,Defender Artifacts,Configurations,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Eixisted,"3,275,635 self-managed leaf certificates",No,No,/,Research,Defender Artifacts,Configurations,,5
Hannah,Detecting Advanced Persistent Threats using Fractal Dimension based Machine Learning Classification ,http://dl.acm.org/citation.cfm?id=2875484,ACM on Privacy and Security Analytics,2016,No,Existed,DARPA Scalable Network Monitoring (SNM) Program Traffic,Public,DS-303,/,Industry,Macro-level Internet Activities,Network Traces,,5
Hannah,DARPA-2009 Intrusion Detection Dataset Report,http://www.darpa2009.netsec.colostate.edu/DARPA_Set_Report.pdf ,N/A,2009,No,Existed,DARPA Scalable Network Monitoring (SNM) Program Traffic,Public,DS-303,https://www.impactcybertrust.org/dataset_view?idDataset=303,Research,Macro-level Internet Activities,Network Traces,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Existed," full IPv4 reverse DNS scans,",Public,No,https://scans.io/study/sonar.rdns,Industry,Macro-level Internet Activities,Topology,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Existed," Route-Views datasets,",Public,No,http://www.caida.org/data/routing/routeviews-prefix2as.xml,Industry,Macro-level Internet Activities,Topology,,5
Hannah," Measurement and Analysis ofPrivate Key Sharing in the HTTPS Ecosystem",https://dl.acm.org/authorize.cfm?key=N14381,CCS,2016,No,Existed,"CAIDAäó»s AS-to-Organization dataset,",Public,No,http://www.caida.org/data/as-organizations/,Industry,Macro-level Internet Activities,Topology,,5
Hannah,Heavy Hitter Estimation over Set-Valued Data with Local Differential Privacy,https://dl.acm.org/authorize.cfm?key=N14356,CCS,2016,No,Created Primary,AOL keyword search log,Public,No,/,Industry,User & Organization Characteristics,User Activities,,5
Hannah,Heavy Hitter Estimation over Set-Valued Data with Local Differential Privacy,https://dl.acm.org/authorize.cfm?key=N14356,CCS,2016,No,Existed, Kosarak click stream datasets,Public,No,/,Industry,User & Organization Characteristics,User Activities,,5
Hannah,Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence,https://dl.acm.org/authorize.cfm?key=N14391,CCS,2016,No,Eixisted,"71,000 articles collected from 45 leading technical blogs",No,No,/,Industry,User & Organization Characteristics,User Activities,,5
Hannah,On the Security of Cracking-Resistant Password Vaults,https://dl.acm.org/authorize.cfm?key=N14337,CCS,2016,No,Existed,RockYou list contains 32 million plaintext passwords,Public,No,/,Industry,User & Organization Characteristics,User information,,5
Hannah,On the Security of Cracking-Resistant Password Vaults,https://dl.acm.org/authorize.cfm?key=N14337,CCS,2016,No,Existed,Gmail list contains over 5 million Google Mail credentials and was posted in September 2014 in a Russian Bitcoin forum,Public,No,/,Industry,User & Organization Characteristics,User information,,5
Hannah,On the Security of Cracking-Resistant Password Vaults,https://dl.acm.org/authorize.cfm?key=N14337,CCS,2016,No,Existed,Yahoo leak is from July 2012 and was obtained by attacking the Yahoo! Voices publishing service; it contains around 450 thousand passwords,Public,No,/,Industry,User & Organization Characteristics,User information,,5
Hannah,On the Security of Cracking-Resistant Password Vaults,https://dl.acm.org/authorize.cfm?key=N14337,CCS,2016,No,Existed,"MySpace list contains around 55,000 passwords that were posted in October 2006",Public,No,/,Industry,User & Organization Characteristics,User information,,5
Hannah,UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages,https://dl.acm.org/authorize.cfm?key=N14304,CCS,2016,Yes,Created Primary,"Discovered many previously unknown information leak vulnerabilities in the latest Linux and Android kernels, 19 of which have been confirmed by Linux maintainers and Google, ","Sent to Google and Linux, Public",No,http://www.cvedetails.com/vulnerabilities-by-types.php,Research,Attacker Related,Vulnerabilities,,5
Hannah,UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages,https://dl.acm.org/authorize.cfm?key=N14304,CCS,2016,Yes,Created Primary,conducted another study of kernel information leak vulnerabilities reported after 2013,No,No,/,Research,Attacker Related,Vulnerabilities,,5
Hannah,Scalable Graph-based Bug Search for Firmware Images,https://dl.acm.org/authorize.cfm?key=N14379,CCS,2016,No,Created Primary,"This dataset was used for base-line comparison, and all functions in this dataset has known groundtruth for metric validation. We prepared this dataset using BusyBox(v1.21 and v1.20), OpenSSL (v1.0.1f and v1.0.1a) and coreutils(v6.5 and v6.7). dataset of over 568,134 functions, Each function in the baseline dataset has atleast two instances: one for query and another for search",No,No,/,Research,Macro-level Internet Activities,Applications,,6
Hannah,Scalable Graph-based Bug Search for Firmware Images,https://dl.acm.org/authorize.cfm?key=N14379,CCS,2016,No,Created Primary,"Firmware images from 8,126 devices across three architectures and 26 vendors, ",Public,No,/,Research,Macro-level Internet Activities,Applications,,6
Hannah,Scalable Graph-based Bug Search for Firmware Images,https://dl.acm.org/authorize.cfm?key=N14379,CCS,2016,No,Existed,public dataset based upon two publicly-available firmware images ,Public,No,"ftp://ftp.dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/2013/05-27-2013-r21676/senao-eoc5610/linux.bin , http://www.downloads.netgear.com/files/GDC/READYNAS-100/ReadyNASOS-6.1.6-arm.zip ",Industry,Macro-level Internet Activities,Applications,,6
Hannah,"The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption",https://dl.acm.org/authorize.cfm?key=N14458,CCS,2016,No,Existed,"Enron email corpus includes real emails from the mailboxes of 150 employees of Enron Corporation, received between 2000 and 2002",No,No,/,Industry,Attacker Related,Attacks,,6
Hannah,"The Shadow Nemesis: Inference Attacks on Efficiently Deployable, Efficiently Searchable Encryption",https://dl.acm.org/authorize.cfm?key=N14458,CCS,2016,No,Existed,Ubuntu Chat Corpus is composed of archived chat logs from Ubuntuäó»s Internet Relay Chat technical support channels. This corpus comes from the logs between July 2004 and October 2012,No,No,/,Industry,Attacker Related,Attacks,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"full packet traces from the/8 network telescope operated at the University of California San Diego,",Public,No,http://www.caida.org/projects/network_telescope/,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"per-flow logs from a vantage point monitoring traffic of about 25,000 residential ADSL customers of a major European ISP,",Public,No,/,Research,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"large European IXP interconnecting more than 490 networks, exchanging more than 400 PB monthly,",Public,No,/,Research,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"unsampled NetFlow records from all the border routers of SWITCH,",Public,No,http://www.switch.ch/,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,Seven passive and active measurement datasets collected from July 2013 through Oct 2013 (full packet traces from a large darknet; (ii) netflow logs from a national academic network; (iii) sampled packet traces from a large IXP; (iv) traffic classification logs from residential customers of a European ISP),No,No,/,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"BGP announcements captured by all collectors (24 collectors peering with 184 peers) of the Routeviews project,",Public,No,http://www.routeviews.org/,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"dataset compiled by Geoff Huston, which merges the extended delegation files from the 5 RIRs with IANAäó»s published registries, ",Public,No,http://bgp.potaroo.net/stats/nro/archive/delegated-nro-extended-20131001,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"BGP announcements captured by all collectors (24 collectors peering with 184 peers) of the RIPE RIS project,",Public,No,http://www.ripe.net/ris/,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"Project Sonaräó»s HTTP (TCP port 80) scan of the entire IPv4 address space on October 29, 2013",Public,No,"https://community.rapid7.com/community/infosec/sonar/blog",Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,geolocated each /24 block using Digital Elementäó»s NetAcuity Edge database from 6 July 2013,Public,No,http://www.digital-element.net/ip_intelligence/ip_intelligence.html,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"ISI Internet Census dataset it55w20130723,",Public,DS-402,http://www.isi.edu/ant/traces/internet_address_census_it55w-20130723.README.txt,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,ICMP traceroutes performed by CAIDAäó»s Archipelago to each /24 in the routed IPv4 address space between July and September 2013,Public,DS-198,http://www.caida.org/data/active/ipv4_routed_24_topology_dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,6
Hannah,Lost in Space: Improving Inference of IPv4 Address Space Utilization,http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7460207,JSAC 2016,2016,Yes,Existed,IPv4 2013 census dataset,Public,DS-608,https://www.impactcybertrust.org/dataset_view?idDataset=608,Research,Macro-level Internet Activities,Topology,,6
Hannah,"Lost in Space: Improving Inference ofIPv4 Address Space Utilization",http://www.caida.org/publications/papers/2014/lost_in_space/lost_in_space.pdf,N/A,2014,No,Existed,"establish a mapping from /24 block to ASN, we merged all CAIDAäó»s Routeviews Prefix to AS mappings files for July 2013",Public,No,http://www.caida.org/data/routing/routeviews-prefix2as.xml,Industry,Macro-level Internet Activities,Topology,,6
Hannah,Scalable Graph-based Bug Search for Firmware Images,https://dl.acm.org/authorize.cfm?key=N14379,CCS,2016,No,Existed,"Freely available vulnerability database for this effort and for the broader research community, 23 vulnerabilities in firmware images",Public/(sent to developers),No,/,Research,Attacker Related,Vulnerabilities,,6
Hannah,Statistical Deobfuscation of Android Applications,https://dl.acm.org/authorize.cfm?key=N14368,CCS,2016,No,Eisted? Download others's stuff,1784 non-obfuscated Android applications from F-Droid,Public,No,/,Industry,Macro-level Internet Activities,Applications,,7
Hannah,Statistical Deobfuscation of Android Applications,https://dl.acm.org/authorize.cfm?key=N14368,CCS,2016,No,Created Derivative,one sample from each of the 49 malware families,No,No,/,Industry,Attacker Related,Attacks,,7
Hannah,"An Organization-Level View of the Internetand its Implications (extended)",https://www.isi.edu/~johnh/PAPERS/Cai12b.pdf,N/A,2012,Yes,Existed,as_to_org_mapping-20101019,Public,DS-278,https://www.impactcybertrust.org/dataset_view?idDataset=278,Research,Macro-level Internet Activities,Topology,,7
Hannah,"An Organization-Level View of the Internetand its Implications (extended)",https://www.isi.edu/~johnh/PAPERS/Cai12b.pdf,N/A,2012,Yes,Existed,as_to_org_mapping_subsidiary_linkage-20101019,Public,DS-304,https://www.impactcybertrust.org/dataset_view?idDataset=304,Research,Macro-level Internet Activities,Topology,,7
Hannah,AUDACIOUS: User-Driven Access Control with Unmodified Operating Systems,https://dl.acm.org/authorize?N14357,CCS,2016,No,Created Derivative,1060 errors acros 88 of the top 100 free applications in the Android application store caused by event and click forgery,No,No,/,Research,Attacker Related,Exploits,,8
Hannah,When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals,https://dl.acm.org/authorize.cfm?key=N14314,CCS,2016,No,Created Primary,Study of ten volunteers and their touch screen usage related to entering passcodes,No,No,/,Research,User & Organization Characteristics,User offline characteristics,,8
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Existed,"exclusive blacklisted .com domains (i.e., not reported by other feeds) on Spamhaus",Public,No,/,Industry,Defender Artifacts,Alerts,,9
Hannah,What Else is Revealed by Order-Revealing Encryption?,https://dl.acm.org/authorize.cfm?key=N14321,CCS,2016,No,Existed,real geographic datasets Cal,Public,No,http://www.cs.utah.edu/~lifeifei/SpatialDataset.htm,Industry,Macro-level Internet Activities,Applications,,9
Hannah,What Else is Revealed by Order-Revealing Encryption?,https://dl.acm.org/authorize.cfm?key=N14321,CCS,2016,No,Existed,real geographic dataset SpitzLoc,Public,No,/,Industry,Macro-level Internet Activities,Applications,,9
Hannah,What Else is Revealed by Order-Revealing Encryption?,https://dl.acm.org/authorize.cfm?key=N14321,CCS,2016,No,Existed,one real time-stamp dataset SpitzTime,Public,No,http://www.zeit.de/datenschutz/malte-spitz-data-retention,Industry,Macro-level Internet Activities,Applications,,9
Hannah,What Else is Revealed by Order-Revealing Encryption?,https://dl.acm.org/authorize.cfm?key=N14321,CCS,2016,No,Existed,one synthetic geographic distribution Globe,Public,No,/,Research,Macro-level Internet Activities,Applications,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Created Primary,"We collect authoritative nameservers for the domains within five minutes of domain registrations (i.e., the epoch that we have defined) from the zone update files and map them to a set of binary features, where 1 means the nameserver resolves the domain, ",No,No,/,Research,Macro-level Internet Activities,Applications,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Existed,"Our primary dataset consists of changes made to the .com zone, the largest TLD, for a five-month period, MarchäóñJuly 2012, ",No,No,/,Industry,Macro-level Internet Activities,Applications,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Existed,"We also obtain the DNZA data of .net zone for five months, from October 2014 to February 2015,",No,No,/,Research,Macro-level Internet Activities,Applications,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Existed,"exclusive blacklisted .com domains (i.e., not reported by other feeds) on URIBL",Public,No,/,Industry,Attacker Related,Attacks,,9
Hannah,A Systematic Analysis of the Juniper Dual EC Incident,https://dl.acm.org/authorize.cfm?key=N14378,CCS,2016,No,Created Primary,"Internet-wide scan of all IPv4 addresses on port 500, with various messages sent/recieved with certain criteria",No,No,/,Research,Macro-level Internet Activities,Network Traces,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Created Derivative,"We use the mapping dataset from iPlane to map the IP addresses to Autonomous System numbers, equivalent registration times from the zone update data, and extract hour-of-the-day and day-of-the-week, ",Public,No,http://iplane.cs.washington.edu/data/data.html,Industry,Macro-level Internet Activities,Topology,,9
Hannah,PREDATOR: Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration,https://dl.acm.org/authorize.cfm?key=N14454,CCS,2016,No,Existed,"exclusive blacklisted .com domains (i.e., not reported by other feeds) on Sour spam trap ",No,No,/,Research,Macro-level Internet Activities,Topology,,9
Hannah,TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime,https://dl.acm.org/authorize.cfm?key=N14367,CCS,2016,No,Created Derivative,"Test popular apps in the äóìtop chartäó downloaded from the Google official market (Google Play) in May 2016, ",Public,No,/,Industry,User & Organization Characteristics,User Activities,,9
Hannah,An Empirical Study of Web Cookies,https://salfeld.github.io/Pubs/WWW2016.pdf,WWW 2016,2016,Yes,Created Primary,"In this paper, we present an empirical studyof web cookie characteristics, placement practices and informationtransmission. To conduct this study, we implemented a lightweightweb crawler that tracks and stores the cookies as it navigates towebsites. ",Public,DS-658,https://www.impactcybertrust.org/dataset_view?idDataset=658,Research,User & Organization Characteristics,User Activities,,9
Hannah,How I Learned to be Secure: a Census-Representative Survey of Security Advice Sources and Behavior,https://dl.acm.org/authorize.cfm?key=N14384,CCS,2016,No,Eixisted,"Using a carefully pre-tested, U.S.-census-representative survey of 526 users, wepresent an overview of the prevalence of respondentsäó» aU.S.-census-representative survey of 526 users, cognitive interviews with five demographically-diverse participants",No,No,/,Industry,User & Organization Characteristics,User opinions,,9
Hannah,‘£o“Êo“‰äóñ Forward Secure Searchable Encryption,https://dl.acm.org/authorize.cfm?key=N14320,CCS,2016,No,Existed,English Wikipedia,Public,No,/,Industry,Macro-level Internet Activities,Applications,,10
Hannah,Uncovering Network Tarpits with Degreaser,http://dl.acm.org/citation.cfm?id=2664285,N/A,2014,Yes,Created Primary,"Scan of the /24 network by attempting to establish TCP connections to each IP address in the subnet and capture the packets for further analysis, additional scans of the internet",Public,DS-439,https://scans.io/study/sonar.http http://www.isi.edu/ant/address/ http://www.caida.org/data/passive/passive_2013_dataset.xml,Industry,Macro-level Internet Activities,Network Traces,,10
Hannah,Uncovering Network Tarpits with Degreaser,http://dl.acm.org/citation.cfm?id=2664285,N/A,2014,Yes,Created Primary,107 different tarpit subnetworks ranging in size from /16 (with up to 2^16 fake hosts) to /24 (with up to 2^8 fake hosts),No,No,/,Research,Macro-level Internet Activities,Topology,,10
Hannah,Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event (extended),http://www.isi.edu/%7ejohnh/PAPERS/Moura16a.pdf,ICM 2016,2016,Yes,Existed,Root_DNS_Event-20151130,Public,DS-655,https://www.impactcybertrust.org/dataset_view?idDataset=655,Research,Macro-level Internet Activities,Topology,,10
Hannah,Breaking Web Applications Built On Top of Encrypted Data,https://dl.acm.org/authorize.cfm?key=N14459,CCS,2016,No,Existed,using several yearsäó» worth of Ubuntu IRC logs,Public,No,https://irclogs.ubuntu.com/ ,Industry,Macro-level Internet Activities,Topology,,10
Hannah,Breaking Web Applications Built On Top of Encrypted Data,https://dl.acm.org/authorize.cfm?key=N14459,CCS,2016,No,Existed,"a dictionary of 354,986 English words ",Public,No,/,Industry,User & Organization Characteristics,User offline characteristics,,10
Hannah,Reliable Third-Party Library Detection in Android and its Security Applications,https://dl.acm.org/authorize.cfm?key=N14369,CCS,2016,No,Created Primary,"Comprehensive repository of third-party libraries and applications containing 164 libraries of different categories and a total of 2,065 versions, version histories for the top 50 apps of each category on Play between Sep 2015 and July 2016, accumulating to 96,995 packages from 3,590 apps, meta-information, such as app and library release dates, ",No,No,/,Research,Macro-level Internet Activities,Applications,,11
Hannah,The Internet Motion Sensor: A distributed global scoped Internet threat monitoring system,https://cse.umich.edu/techreports/cse/2004/CSE-TR-491-04.pdf,N/A,2004,No,Existed,ims-bagle_backdoor,Public,DS-018,https://www.impactcybertrust.org/dataset_view?idDataset=18,Research,Attacker Related,Attacks,,11
Hannah,Characterization of Blacklists and Tainted Network Traffic,http://mdbailey.ece.illinois.edu/publications/pam-2013.pdf,PAM 2013,2013,Yes,Existed,PAM13 dataset (Reputation Block Lists),Public,DS-325,https://www.impactcybertrust.org/dataset_view?idDataset=325,Research,User & Organization Characteristics,User Activities,,11
Hannah,Generic Attacks on Secure Outsourced Databases,https://dl.acm.org/authorize.cfm?key=N14457,CCS,2016,No,Existed,518 datasets from the Texas Hospital Inpatient Discharge Public Use Data File of 2008 (PUDF),Public,No,https://archive.ahrq.gov/,Industry,User & Organization Characteristics,User information,,11
Hannah,Generic Attacks on Secure Outsourced Databases,https://dl.acm.org/authorize.cfm?key=N14457,CCS,2016,No,Existed,"the 1049 datasets from the 2009 HCUP Nationwide Inpatient Sample (NIS),",Public,No,https://www.hcup-us.ahrq.gov/,Industry,User & Organization Characteristics,User information,,11
Hannah,POPE: Partial Order Preserving Encoding,https://dl.acm.org/authorize.cfm?key=N14329,CCS,2016,No,Existed, 2 million public employee salary figures (California public employee payroll data from 2014,Public,No,http://transparentcalifornia.com/downloads/,Industry,User & Organization Characteristics,User offline characteristics,,11
Hannah,Reliable Third-Party Library Detection in Android and its Security Applications,https://dl.acm.org/authorize.cfm?key=N14369,CCS,2016,No,Created Primary,"360 affected packages from 23 distinct apps with vulnerability of Dropbox SDK versions 1.5.4 and 1.6.1, 394 affected packages from 51 distinct apps with an account hijacking vulnerability, 667 app versions of 296 distinct apps with a cumulative install-base of 3.7bn using ad libs with verified crypto misuse",No,No,/,Research,Attacker Related,Vulnerabilities,,11
Hannah,Reliable Third-Party Library Detection in Android and its Security Applications,https://dl.acm.org/authorize.cfm?key=N14369,CCS,2016,No,Created Primary,"we scan our library set for presence of API misusevulnerabilities [28, 9] that would expose the libsäó» host appsto cryptanalytic and code injection attacks and discover 18vulnerable libs (61 version",Public,No,/,Industry,Attacker Related,Vulnerabilities,,11
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Derivative, evaluation of interfaces using their product to identify aliases,No,No,/,Research,Macro-level Internet Activities,Applications,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Derivative," validation of the aliases using RANCID,",Public,No,http://www.shrubbery.net/rancid/,Industry,Macro-level Internet Activities,Benchmark,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Derivative," validation of the aliases using STP-1,",Public,No,/,Industry,Macro-level Internet Activities,Benchmark,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Derivative, validation of the aliases using STP-2,Public,No,/,Industry,Macro-level Internet Activities,Benchmark,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Derivative, validation of the aliases using AP,Public,No,/,Industry,Macro-level Internet Activities,Benchmark,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Created Primary,"probe at a low rate of 20pps from a single VP, producing 26Kbps of traffic,",Public,No,/,Research,Macro-level Internet Activities,Benchmark,,13
Hannah,äóìMake Sure DSA Signing Exponentiations Really are Constant-Time,https://dl.acm.org/authorize.cfm?key=N14460,CCS,2016,No,Created Primary,collect 580 SM sequences from TLS handshakes and 260 from SSH,No,No,/,Research,Defender Artifacts,Configurations,,13
Hannah,The MALICIA Dataset: Identification and Analysis of Drive-by Download Operations.,https://lirias.kuleuven.be/bitstream/123456789/464045/1/malicia_dataset.pdf,International Journal of Information Security,2015,No,Created Primary,"collect over time how exploit servers are configured, which exploits they use, and what malware they distribute, grouping servers with similar configurations intooperations",Public,No,http://malicia-project.com/,Research,Defender Artifacts,Configurations,,13
Hannah,Speedtrap: Internet-Scale IPv6 Alias Resolution,http://conferences.sigcomm.org/imc/2013/papers/imc40s-luckieAemb.pdf,IMC,2013,Yes,Existed,"CAIDAäó»s Archipelago (Ark) infrastructure for March 2013, ",Public,No,http://www.caida.org/projects/ark/ ,Industry,Macro-level Internet Activities,Network Traces,,13
Hannah,Limiting the Impact of Stealthy Attacks on Industrial Control Systems,https://dl.acm.org/authorize.cfm?key=N14326,CCS,2016,No,Created Primary,Network data we collected from an operational large-scale Supervisory Control and Data Acquisition (SCADA) system that manages more than 100 Programmable Logic Controllers,No,No,/,Industry,Macro-level Internet Activities,Network Traces,,16
Hannah,On the Practical (In-)Security of 64-bit Block Ciphers Collision Attacks on HTTP over TLS and OpenVPN,https://dl.acm.org/authorize.cfm?key=N14377,CCS,2016,No,Created Primary,Large number of HTTP requests,No,"No",/,Research,Macro-level Internet Activities,Network Traces,,17
Hannah,On the Practical (In-)Security of 64-bit Block Ciphers Collision Attacks on HTTP over TLS and OpenVPN,https://dl.acm.org/authorize.cfm?key=N14377,CCS,2016,No,Created Primary,"Various vulnerabilities in Mozilla Firefox, OpenVPN, OpenSSL, Akami, Apple, Microsoft",Public,No,https://sweet32.info/,Research,Attacker Related,Vulnerabilities,,17
Hannah,Understanding IPv6 Internet Background Radiation,http://conferences.sigcomm.org/imc/2013/papers/imc027-czyzA.pdf,IMC,2013,Yes,Existed,Alexa top 1M domains,Public,No,"http://s3.amazonaws.com/alexa-static/top-1m.csv.zip",Industry,Macro-level Internet Activities,Applications,,18
Hannah,Understanding IPv6 Internet Background Radiation,http://conferences.sigcomm.org/imc/2013/papers/imc027-czyzA.pdf,IMC,2013,Yes,Create Primary,single week of IPv4 background radiation capture,No,No,/,Research,Macro-level Internet Activities,Network Traces,,18
Hannah,Understanding IPv6 Internet Background Radiation,http://conferences.sigcomm.org/imc/2013/papers/imc027-czyzA.pdf,IMC,2013,Yes,Create Primary,network probes of prefixes for four servers to find different types of packets,No,No,/,Research,Macro-level Internet Activities,Network Traces,,18
Hannah,Understanding IPv6 Internet Background Radiation,http://conferences.sigcomm.org/imc/2013/papers/imc027-czyzA.pdf,IMC,2013,Yes,Create Primary,BGP announcements across /12 IPv6 block from 5 RIRs (from /13 and /14 from RIPE NCC),No,No,/,Research,Macro-level Internet Activities,Topology,,18
Hannah,Predicting Usersäó» Motivations behind Location Check-Ins and Utility Implications of Privacy Protection Mechanisms,http://www.shokri.org/files/Shokri-NDSS2015.pdf,NDSS,2015,No,Existed,Participantsäó» actual check-ins on Foursquare posted over the last 24 months,No,No,/,Research,User & Organization Characteristics,User Activities,,18
Hannah,Detection of Low-Rate Attacks in Computer Networks,http://www.isi.edu/~johnh/PAPERS/Thatte08a.pdf,IEEE Global Internet Symposium 2008,2008,Yes,Existed,Real Internet traces,Public,DS-049,/,Industry,Macro-level Internet Activities,Network Traces,,21
Hannah,InterTubes: A Study of the US Long-haul Fiber-optic Infrastructure,http://pages.cs.wisc.edu/~pb/tubes_final.pdf,SIGCOMM 2015,2015,Yes,Existed,US Long-haul Infrastructure Topology,Public,DS-521,https://www.impactcybertrust.org/dataset_view?idDataset=521,Research,Macro-level Internet Activities,Topology,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,Dodonew,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,CSDN,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,126,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,12306,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,Rockyou,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,000webhost,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,Xato,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Existed,Rootkit,Public,No,/,Industry,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Created Derivative," we build PII-Dodonew with size 161,510 by matching Dodonew with 51job and 12306 using email address",No,No,/,Research,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Created Derivative,"PII-000webhost with size 2,950 by matching 000webhost with Rootkit",No,No,/,Research,User & Organization Characteristics,User information,,21
Hannah,Targeted Online Password Guessing: An Underestimated Threat,https://dl.acm.org/authorize.cfm?key=N14338,CCS,2016,No,Created Derivative,we further build three lists of password pairs for Chinese users by matching Dodonew and CSDN with the two PII-associated Chinese password lists using email address,No,No,/,Research,User & Organization Characteristics,User information,,21
Hannah,Search + Seizure: The Effectiveness of Interventions on SEO Campaigns,http://conferences2.sigcomm.org/imc/2014/papers/p359.pdf,IMC (Internet Measurement Conference),2014,No,Created Derivative,"provide the first large-scale empirical characterization of SEO abuse for luxury brands. fetch visitor data for each store by visiting the publicly ac- cessible default AWStats URL, In the PSR data set, we found 68,193 äóìhackedäó search results.",No,No,/,Research,Attacker Related,Attacks,,22
Hannah,ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels,https://dl.acm.org/authorize.cfm?key=N14469,CCS,2016,No,Existed, leakage of 5000 OpenSSL ECDSA signatures executed on an iPhone 3GS,No,No,/,Research,Defender Artifacts,Configurations,,24
Hannah,Remote Detection of Bottleneck Links Using Spectral and Statistical Methods,https://www.isi.edu/~johnh/PAPERS/He09a.pdf,Computer Networks V 53 (N. 3),2009,No,Created Primary,". We use Iperf (Tirumala et al., 2003) togenerate TCP and UDP packet streams, which mimic TCPfile downloads or UDP CBR (Constant-Bit-Rate) traffic.Each experiment lasts for 30 seconds",No,No,/,Research,Macro-level Internet Activities,network Traces,,25
Hannah,Towards Geolocation of Millions of IP Addresses,http://www.isi.edu/~johnh/PAPERS/Hu12a.pdf,ICM 2012,2012,Yes,Created Primary,"As of August 2012, we have geolocated 78 /8s, about 35%of the allocated, unicast, IPv4 address-space.",Public,DS-336,https://www.impactcybertrust.org/dataset_view?idDataset=336,Research,Macro-level Internet Activities,Network Traces,,26
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Existed,SURBL (DNS blacklist),Public,No,/,Industry,Defender Artifacts,Alerts,,32
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Existed,URIBL (DNS blacklist),Public,No,/,Industry,Defender Artifacts,Alerts,,32
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Existed,Spamhaus DBL (DNS blacklist),Public,No,/,Industry,Defender Artifacts,Alerts,,32
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Existed,WHOIS information,Public,No,/,Industry,Macro-level Internet Activities,Applications,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,Amazon,Public,No,http://snap.stanford.edu/data/com-Amazon.html,Industry,Macro-level Internet Activities,Applications,,32
Hannah,Accessorize to a Crime: Real and Stealthy Attacks on State-of-the-Art Face Recognition,https://dl.acm.org/authorize.cfm?key=N14451,CCS,2016,No,Existed,"roughly 1000 images per celebrity for training, for a total of about 2.6M images.",Public,No,/,Industry,Macro-level Internet Activities,Applications,,32
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Created Primary,creation of a spam trap to collect spam,No,No,/,Research,Attacker Related,Attacks,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"EPA,",Public,No,http://www.cs.cornell.edu/courses/cs685/2002fa/,Industry,Macro-level Internet Activities,Network Traces,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"California,",Public,No,http://www.cs.cornell.edu/courses/cs685/2002fa/,Industry,Macro-level Internet Activities,Network Traces,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"Routeview,",Public,No,http://www.routeviews.org/,Industry,Macro-level Internet Activities,Network Traces,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"AS_Caida,",Public,No,http://www.caida.org/data/internet-topology-data-kit/,Industry,Macro-level Internet Activities,Network Traces,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"Dimes 3/2010,",Public,No,http://www.netdimes.org/new/,Industry,Macro-level Internet Activities,Network Traces,,32
Hannah,Understanding the Domain Registration Behavior of Spammers,http://conferences.sigcomm.org/imc/2013/papers/imc247-haoA.pdf,IMC,2013,No,Created Primary,"DNZA file captures Our data includes captures of the DNZA files as recordedevery five minutes, time periods we refer to asepochs",No,No,/,Research,Macro-level Internet Activities,Topology,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"Aqualab,",Public,No,http://www.aqualab.cs.northwestern.edu/projects,Industry,Macro-level Internet Activities,Topology,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"Itdk,",Public,No,http://www.caida.org/data/as-relationships/,Industry,Macro-level Internet Activities,Topology,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"DutchElite,",Public,No,http://vlado.fmf.uni-lj.si/pub/networks/data/2mode/DutchElite.htm,Industry,User & Organization Characteristics,User information,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"EVA,",Public,No,http://vlado.fmf.uni-lj.si/pub/networks/data/econ/Eva/Eva.htm,Industry,User & Organization Characteristics,User information,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"Erdos,",Public,No,http://vlado.fmf.uni-lj.si/pub/networks/data/Erdos/Erdos02.net,Industry,User & Organization Characteristics,User information,,32
Hannah,Metric tree-like structures in real-life networks: an empirical study,https://arxiv.org/pdf/1402.3364.pdf,N/A,2016,No,Existed,"DBLB-coauth,",Public,No,http://snap.stanford.edu/data/com-DBLP.html,Industry,User & Organization Characteristics,User information,,32
Hannah,Making Smart Contracts Smarter,https://dl.acm.org/authorize.cfm?key=N14351,CCS,2016,No,Existed,"19,366 smart contracts from the blockchain as of May 5, 2016",Public,No,/,Industry,Attacker Related,Vulnerabilities,,38
Hannah,Online Tracking: A 1-million-site Measurement and Analysis,https://dl.acm.org/authorize.cfm?key=N14340,CCS,2016,No,Existed,All of our measurements use the Alexa top 1 million site list,Public,No,http://www.alexa.com/topsites,Industry,Macro-level Internet Activities,Applications,,52
Hannah,Online Tracking: A 1-million-site Measurement and Analysis,https://dl.acm.org/authorize.cfm?key=N14340,CCS,2016,No,Existed,use two popular tracking-protection lists for this purpose: EasyList ,Public,No,/,Industry,Macro-level Internet Activities,Applications,,52
Hannah,Online Tracking: A 1-million-site Measurement and Analysis,https://dl.acm.org/authorize.cfm?key=N14340,CCS,2016,No,Existed,use two popular tracking-protection lists for this purpose: EasyPrivacy,Public,No,/,Industry,Macro-level Internet Activities,Applications,,52
Hannah,Taming the 800 Pound Gorilla: The Rise and Decline of NTP DDoS Attacks,http://conferences.sigcomm.org/imc/2014/papers/p435.pdf,ICM 2014,2014,Yes,Existed,FRGPNTPFlowData-20131201,Public,DS-478,https://www.impactcybertrust.org/dataset_view?idDataset=478,Research,Macro-level Internet Activities,Network Traces,,61
Hannah,Deep Learning with Differential Privacy,https://dl.acm.org/authorize.cfm?key=N14365,CCS,2016,No,Existed,The popular image datasets: CIFAR-10,"Public",No,/,Industry,Macro-level Internet Activities,Applications,,64
Hannah,Deep Learning with Differential Privacy,https://dl.acm.org/authorize.cfm?key=N14365,CCS,2016,No,Existed,"The popular image datasets: MNIST","Public",No,/,Industry,Macro-level Internet Activities,Applications,,64
Hannah,A Day at the Root of the Internet,https://www.caida.org/publications/papers/2008/root_internet/root_internet.pdf,ACM SIGCOMM Computer Communication Review,2008,No,Existed,Backscatter-2008,Public,DS-380,https://www.impactcybertrust.org/dataset_view?idDataset=380,Research,Attacker Related,Attacks,,68
Hannah,A Comparison of Traffic from the DNS Root Nameservers as Measured in DITL 2006 and 2007,https://www.caida.org/research/dns/roottraffic/comparison06_07.xml,N/A,2007,No,Existed,Backscatter-2006,Public,DS-387,https://www.impactcybertrust.org/dataset_view?idDataset=387,Research,Macro-level Internet Activities,Network Traces,,68
Hannah,A Comparison of Traffic from the DNS Root Nameservers as Measured in DITL 2006 and 2007,https://www.caida.org/research/dns/roottraffic/comparison06_07.xml,N/A,2007,No,Existed,Backscatter-2007,Public,DS-388,https://www.impactcybertrust.org/dataset_view?idDataset=388,Research,Macro-level Internet Activities,Network Traces,,68
Hannah,An Empirical Comparison of Botnet Detection Methods,https://pdfs.semanticscholar.org/eabb/a0b46f4325d28d6e02f4ebbf70f40a1263a5.pdf,N/A,2014,No,Created Primary, dataset consisted in a set of virtualized computers running the Microsoft Windows XP SP2 operating system on top of a Linux Debian host,Public,No,https://mcfp.felk.cvut.cz/,Research,Attacker Related,Attacks,,70
Hannah,Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic,http://dl.acm.org/citation.cfm?id=1251107,IMC 2005,2005,Yes,Created Primary,"Data from 14 darknet monitors ranging in size from a /25 monitor to a /17 monitor over a period of 10 days between August 18, 2004 and August 28, 2004, ",No,No,/,Research,Defender Artifacts,Alerts,,72
Hannah,Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic,http://dl.acm.org/citation.cfm?id=1251107,IMC 2005,2005,Yes,Created Primary,"Number of source IP addresses at each of the 41 darknets during a 21-day period, from March 19th through April 9th, 2005,",No,No,/,Research,Defender Artifacts,Alerts,,72
Hannah,Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic,http://dl.acm.org/citation.cfm?id=1251107,IMC 2005,2005,Yes,Created Primary,"31 darknets, we examined the top 10 destination ports, based on the number of packets, and compared these lists across darknet",No,No,/,Research,Defender Artifacts,Alerts,,72
Hannah,Revealing Middlebox Interference with Tracebox,http://conferences.sigcomm.org/imc/2013/papers/imc032s-detalA.pdf,IMC,2013,No,Existed,"top 5,000 Alexa web sites",Public,No,/,Industry,Macro-level Internet Activities,Applications,,72
Hannah,Revealing Middlebox Interference with Tracebox,http://conferences.sigcomm.org/imc/2013/papers/imc032s-detalA.pdf,IMC,2013,No,Create Derivative,"deployed tracebox on PlanetLab, using 72 machines as vantage points (VPs). Each VP had a target list of 5,000 items build with the top 5,000 Alexa web sites which identified middleboxes",No,No,/,Research,Macro-level Internet Activities,Network Traces,,72
Hannah,Analyzing Forged SSL Certificates in the Wild,http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6956558,SP,2014,No,Created Primary,~6K websites with forged SSL certificates,No,No,/,Research,Defender Artifacts,Configurations,,81
Hannah,Analyzing Forged SSL Certificates in the Wild,http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6956558,SP,2014,No,Created Primary,"3,447,719 real world SSL connections",No,No,/,Industry,Defender Artifacts,Configurations,,81
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"CAIDA Ark Performance Data Dec 2008 äóñ Dec 2013䊚10 million IPs probed daily,",Public,No,http://www.caida.org/projects/ark/,Industry,Macro-level Internet Activities,Benchmark,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Verisign TLD Packets: IPv4 Jun 2011 äóñ Dec 2013 4 global sites, 5 of 13 gTLD NS letters (.com/.net),䊚4.5Bn queries,",No,No,/,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Verisign TLD Packets: IPv6Jun 2011 äóñ Dec 2013 15 global sites, both gTLD NS letters (.com/.net) w/IPv6, 647M queries,",No,No,/,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Alexa Top Host Probing Apr 2011 äóñ Dec 2013 10,000 servers probed twice/month",No,No,http://www.alexa.com/topsites,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Google IPv6 Client Adoption Sep 2008 äóñ Dec 2013 millions of daily global samples,",Public,No,https://www.google.com/intl/en/ipv6/statistics.html,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed," Verisign TLD Zone Files Apr 2007 äóñ Jan 2014 daily snapshots of䊚2.5 million A+AAAA glue records (.com & .net), ",Public,No,/,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Arbor Networks ISP Traffic Data Mar 2010 äóñ Dec 2013䊚33-50% of global Internet traffic; 2013 daily median: 50 terabits/sec (avg.),",No,No,/,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"RIR Address Allocations Jan 2004 äóñ Jan 2014䊚18K allocation snapshots (5 daily),",Public,No,/,Industry,Macro-level Internet Activities,Network Traces,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed, Routing: Route Views Jan 2004 äóñ Jan 2014,Public,No,http://www.routeviews.org/,Industry,Macro-level Internet Activities,Topology,,92
Hannah,Measuring IPv6 Adoption,http://web.engr.illinois.edu/~mdbailey/publications/sigcomm14_ipv6.pdf,SIGCOMM,2014,Yes,Existed,"Routing: RIPE Jan 2004 äóñ Jan 2014,",Public,No,https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/ris-raw-data,Industry,Macro-level Internet Activities,Topology,,92
Hannah,Shades of Grey: On the effectiveness of reputation-based äóìblacklistsäó,http://nsrg.eecs.umich.edu/publications/malware08_final.pdf,MALWARE 2008,2008,Yes,Created Primary,"Spam received by a large academic network consisting of 7,000 unique hosts, with millions of email messages, over a period 10 days in June of 2008",No,No,/,Industry,Attacker Related,Attacks,,102
Hannah,Internet Background Radiation Revisited,https://www.merit.edu/wp-content/uploads/2016/01/Internet_Background_Radiation.pdf,ICM 2010,2010,Yes,Created Primary,Longitudinal Darknet 35/8,Public,DS-242,https://www.impactcybertrust.org/dataset_view?idDataset=242,Research,Macro-level Internet Activities,Network Traces,,112
Hannah,Follow the Money,http://conferences.sigcomm.org/imc/2013/papers/imc184s-gillAemb.pdf,IMC,2013,No,Created Primary,"We use traces 4of HTTP traffic in multiple networks tostudy advertising in relation to information gathered fromthe users.",No,No,/,Research,Macro-level Internet Activities,Network Traces,,141
Hannah,Follow the Money,http://conferences.sigcomm.org/imc/2013/papers/imc184s-gillAemb.pdf,IMC,2013,No,Created Primary,Univ traffic,No,No,/,Research,Macro-level Internet Activities,Network Traces,,141
Hannah,Follow the Money,http://conferences.sigcomm.org/imc/2013/papers/imc184s-gillAemb.pdf,IMC,2013,No,Created Primary,mHTTP traffic,No,No,/,Research,Macro-level Internet Activities,Network Traces,,141
Hannah,The Blaster Worm: Then and Now,http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=1492337,IEEE Security and Privacy 3(4),2005,Yes,Existed,"IMS data of Blaster in August 2003 and 2004This monitor is itself part of the Inter-net Motion Sensor (IMS; http://ims.eecs.umich.edu), anetwork of distributed blackhole sensors that monitorblocks of unused address space. ",No,No,/,Research,Attacker Related,Attacks,,146
Hannah,Toward Understanding Distributed Blackhole Placement,http://dl.acm.org/citation.cfm?id=1029627,WORM 2004,2004,No,Created Primary,"Three successively more specific views of traffic to a network of distributed blackhole sensors. The data was recorded over a one month period with SYN responders on TCP port 135, 445, 4444, and 9996 across all sensors",Public,No,/,Research,Attacker Related,Attacks,,157
Hannah,Toward Understanding Distributed Blackhole Placement,http://dl.acm.org/citation.cfm?id=1029627,WORM 2004,2004,No,Existed,"BGP updates data from RouteViews BGP monitorwe do a simple analysis using BGPdata from the Oregon RouteViews project [28]",Public,DS-384,/,Industry,Macro-level Internet Activities,Topology,,157
Hannah,A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,http://conferences.sigcomm.org/imc/2013/papers/imc182-meiklejohnA.pdf,IMC,2013,No,Created Derivative,supplementary info from the forum bitcointalk,No,No,"bitcointalk.org",Industry,Macro-level Internet Activities,Applications,,257
Hannah,A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,http://conferences.sigcomm.org/imc/2013/papers/imc182-meiklejohnA.pdf,IMC,2013,No,Created Derivative,supplementary info from the website blockchain,No,No,blockchain.info/tags,Industry,Macro-level Internet Activities,Applications,,257
Hannah,A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,http://conferences.sigcomm.org/imc/2013/papers/imc182-meiklejohnA.pdf,IMC,2013,No,Created Derivative,Engaged in transactions with random bitcoin users to gain their addresses,No,No,/,Research,User & Organization Characteristics,User Information,,257
Hannah,The Internet Motion Sensor: A Distributed Blackhole Monitoring System,http://web.eecs.umich.edu/~farnam/pubs/2005-bc-ndss.pdf,NDSS 2005,2005,No,Created Primary,"One-week period of measurement, the IMS system observed over 286,000 unique IP addresses displaying the characteristics of Blaster activity (Basically lots of their scans of their sensors from different date ranges were used)",No,No,/,Research,Macro-level Internet Activities,Topology,,321
Hannah,"Geolife: A collaborative social networking service among user, location and trajectory.",http://sites.computer.org/debull/A10june/geolife.pdf,Bulletin of the IEEE Computer Society Technical Committee on Data Engineering,2010,No,Created Primary,"Geolife data was collected from 182 users in a period of over three years. It recorded a wide range of usersäó» outdoor movements, represented by a series of tuples containing latitude, longitude and timestamp.",Public,No,/,Research,User & Organization Characteristics,User Activities,,492
Hannah,Friendship and mobility: User movement in location-based social networks.,http://cs.stanford.edu/people/jure/pubs/mobile-kdd11.pdf,KDD,2011,No,Existed,"Gowalla data contains 6, 442, 890 check-in locations of 196,586 users over the period of Feb. 2009 to Oct. 2010.",No,No,/,Research,User & Organization Characteristics,User Information,,1395
Hannah,Inferring Internet Denial-of-Service Activity,https://cseweb.ucsd.edu/~savage/papers/UsenixSec01.pdf,ACM TOCS 2006,2006,No,Created Primary,"We use SPARTA [5] to verify flow from the ACG UI to theresource itself and onward. SPARTA is an information flowtool which uses static type-checking to infer illegal flows.SPARTA operates on the source code. ",Public,DS-385,https://www.impactcybertrust.org/dataset_view?idDataset=385,Research,Attacker Related,Attacks,,1775
Muwei,Analysis of the HTTPS Certificate Ecosystem,http://conferences.sigcomm.org/imc/2013/papers/imc257-durumericAemb.pdf,Sigcomm,2013,Yes,Created Derivative,"completed 110 exhaustive scans of the public IPv4 address space. we completed upwards of 400 billion SYN probes and 2.55 billion TLS handshakes, collecting and parsing 42.4 million unique X.509 certificates from 109 million hosts.",No,No,/,Research,Defender Artifacts,Configurations,,148
Hannah,Traveling the Silk Road: A Measurement Analysis of a Large Anonymous Online Marketplace,https://www.andrew.cmu.edu/user/nicolasc/publications/TR-CMU-CyLab-12-018.pdf,WWW 2013 (22nd international world wide web conference),2013,No,Created Primary,"gather and analyze data over eight months between the end of 2011 and 2012, including daily crawls of the marketplace for nearly six months in 2012 (February 3, 2012 äóñ July 24, 2012)",Public,No,https://arima.cylab.cmu.edu/sr/,Research,Attacker Related,Cybercrime Activities,,310
Hannah,"Measuring and Characterizing IPv6 RouterAvailability",http://www.caida.org/publications/papers/2015/measuring_characterizing_ipv6_router/measuring_characterizing_ipv6_router.pdf,Passive Active Network Workshop,2015,No,Existed,Trace routes conducted in January and February 2014 by CAIDAäó»s macroscopic IPv6 topology discovery infrastructure,Public,No,http://www.caida.org/projects/ark/,Industry,Macro-level Internet Activities,Network Traces,,15