Publication Details

Network Intrusion Datasets: A Survey, Limitations, and Recommendations

GOLDSCHMIDT Patrik and CHUDÁ Daniela. Network Intrusion Datasets: A Survey, Limitations, and Recommendations. Computers and Security, vol. 156, 2025, p. 33. ISSN 0167-4048. Available from: https://www.sciencedirect.com/science/article/pii/S0167404825001993
Czech title
Datové sady pro detekci útoků na počítačových sítích: Přehled, Limitace, a Doporučení
Type
journal article
Language
english
Authors
URL
Keywords

Network intrusion detection, NIDS, Data, Systematic Literature Review (SLR), Machine learning for intrusion detection, Cybersecurity, Best practices, Recommendations, Dataset popularity analysis, Domain limitations

Abstract

Data-driven cyberthreat detection has become a crucial defense technique in modern cybersecurity. Network defense, supported by Network Intrusion Detection Systems (NIDSs), has also increasingly adopted data-driven approaches, leading to greater reliance on data. Despite the importance of data, its scarcity has long been recognized as a major obstacle in NIDS research. In response, the community has published many new datasets recently. However, many of them remain largely unknown and unanalyzed, leaving researchers uncertain about their suitability for specific use cases.

In this paper, we aim to address this knowledge gap by performing a systematic literature review (SLR) of 89 public datasets for NIDS research. Each dataset is comparatively analyzed across 13 key properties, and its potential applications are outlined. Beyond the review, we also discuss domain-specific challenges and common data limitations to facilitate a critical view on data quality. To aid in data selection, we conduct a dataset popularity analysis in contemporary state-of-the-art NIDS research. Furthermore, the paper presents best practices for dataset selection, generation, and usage. By providing a comprehensive overview of the domain and its data, this work aims to guide future research toward improving data quality and the robustness of NIDS solutions.

Published
2025 (in print)
Pages
33
Journal
Computers and Security, vol. 156, ISSN 0167-4048
Book
Computers & Security
Publisher
Elsevier Science
DOI
EID Scopus
BibTeX
@ARTICLE{FITPUB13342,
   author = "Patrik Goldschmidt and Daniela Chud\'{a}",
   title = "Network Intrusion Datasets: A Survey, Limitations, and Recommendations",
   pages = 33,
   booktitle = "Computers \& Security",
   journal = "Computers and Security",
   volume = 156,
   year = 2025,
   publisher = "Elsevier Science",
   ISSN = "0167-4048",
   doi = "10.1016/j.cose.2025.104510",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/13342"
}
Back to top