This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-0922
Comprehensive, Multi-Source Cyber-Security Events
External Dataset
External Data Source
Los Alamos National Laboratory
01/02/2015
01/02/2015
52 (lowest rank is 52)

Category & Restrictions

Other
local networks
Unrestricted
Unknown

Description


This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratory's corporate, internal computer network.

This data set represents 58 consecutive days of de-identified event data collected from five sources within Los Alamos National Laboratory's corporate, internal computer network.The data sources include Windows-based authentication events from both individual computers and centralized Active Directory domain controller servers; process start and stop events from individual Windows computers; Domain Name Service (DNS) lookups as collected on internal DNS servers; network flow data as collected on at several key router locations; and a set of well-defined red teaming events that present bad behavior within the 58 days. In total, the data set is approximately 12 gigabytes compressed across the five data elements and presents 1,648,275,307 events in total for 12,425 users, 17,684 computers, and 62,974 processes ; cyberdata@lanl.gov

Additional Details

N/A
false
Unknown
source, events, comprehensive, multi-source cyber-security events, comprehensive, cyber, security, 922, multi, 2015, external data source, external, inferlink corporation, inferlink, corporation, collected, days, internal, sources, network, event, represents, los, national, computer, laboratorys, consecutive, corporate, de, alamos, identified, computers, domain, dns, individual, windows, total, servers, process, authentication, processes, flow, start, bad, router, 275, service, elements, 425, red, locations, 307, compressed, gov, teaming, 648, lanl, 684, other, users, directory, active, gigabytes, centralized, controller, cyberdata, 974, based, defined, behavior, key, lookups, include