DARPA 2000 dataset

This study  used DARPA 2000 dataset since it has been widely used by researchers in the field.  The type of NIDSs used to replay the dataset is signature –based RealSecure  Version 6.0 (Internet Security System, 2000). This data are downloaded from Ning (2002). It contains four separated files which represent two types of simulated scenarios (Scenario One and Scenario Two) of Distributed Denial of Services (DDoS) network attack on two different networks. Haines (2000) mentioned that attacks in Scenario Two were stealthier than Scenario One. They contain thousand of event logs or network packets that have been reported from the Demilitarized Zone (DMZ) and Inside Networks.