dataset

CICIDS

datasetactiveprovisionalcicids-52c5ef6e·1 events·first seen 12h ago

Aliases: CICIDS

Co-occurring entities

Multi-Source Cybersecurity Logs: An ATT&CK-Labeled Dataset and SLM Evaluation Llama 3.2 LoRA Phi-4-mini Qwen2.5-1.5B MITRE ATT&CK UNSW-NB15 Atlas

More like this (12)

ICLR iCAD RSICD Pose-ICL CAISI IRCoT GIC IDinsight Counterexample-Guided Inductive Synthesis (CEGIS)IMC IDEFICS ICONIQ

Recent events (1)

5arXiv · cs.LG·12h ago·source ↗

Multi-source cybersecurity log dataset with ATT&CK labels and SLM fine-tuning evaluation

Researchers introduce a new multi-source cybersecurity log dataset of 870 sessions (~2.3M events) capturing system, network, and browser activity on Windows endpoints, with per-entry MITRE ATT&CK technique labels across 12 tactics and 53 techniques. The dataset addresses gaps in existing public datasets (CICIDS, UNSW-NB15, ATLAS) that lack combined multi-source coverage with fine-grained ATT&CK labeling. Three small language models (Qwen2.5-1.5B, Llama-3.2-3B, Phi-4-Mini) were fine-tuned with LoRA on the dataset, achieving chunk classification accuracy of 90–97% versus ~8% for base variants, though ATT&CK technique identification remained harder at 42% exact-match accuracy.

Evaluation and Benchmarking AI Safety Research Multi-Source Cybersecurity Logs: An ATT&CK-Labeled Dataset and SLM Evaluation CICIDS Llama 3.2 +6 more