Revolutionizing Threat Hunting in Communication Networks: Introducing a Cutting-Edge Large-Scale Multiclass Dataset

The rapid advancements in digital technologies are revolutionizing our world, bringing forth new possibilities and opportunities every second. This has created a huge concern regarding the security of systems connected to a network. Since huge amounts of data are traveling through worldwide networks, many threats have become a priority to consider. Traditional network security uses rule-based methods to detect abnormalities, and these methods struggle to survive with the evolving malicious activities that are becoming increasingly advanced. In this paper, we develop a new threat-hunting model for communication networks and introduce a novel, cutting-edge, large-scale multiclass dataset to improve the security of network cognition of suspicious traffic in networks. This paper dives into effective data collection and preprocessing methods to ensure a high learning curve for intelligent models, especially those trained on fine data. The proposed newly generated dataset contains up-to-date samples and features available to the public to help reduce the effect of upcoming cyberattacks with machine learning methods. Specifically, 6 million traffic samples with 60 features are collected and organized into two balanced classes: 50% normal traffic and 50% anomaly (attack) traffic. Furthermore, the anomaly traffic is composed of 15 different attacks including MITM-ARP-SPOOFING attack, SSH-BRUTE FORCE attack, FTP-BRUTE FORCE attack, DDOS-ICMP, DDOS-RAWIP attack, DDOS-UDP attack, DOS attack, EXPLOITING-FTP attack, FUZZING attack, ICMP FLOOD attack, SYN-FLOOD attack, PORT SCANNING attack, REMOTE CODE EXECUTION attack, SQL INJECTION attack, and XSS attack. This paper is expected to contribute positively to the security of networks. We will work on automating the detection of any suspicious traffic to empower the security of networks in worldwide organizations.