This statistic depicts the share of malware detected across Asia Pacific in 2016/2017, by type. In this period, viruses and worms accounted for around ** percent of the malware detected across the Asia Pacific region.

India Cyber Security Incidents: Virus or Malicious Code data was reported at 9,750.000 Unit in 2017. This records a decrease from the previous number of 13,371.000 Unit for 2016. India Cyber Security Incidents: Virus or Malicious Code data is updated yearly, averaging 2,791.000 Unit from Dec 2004 (Median) to 2017, with 14 observations. The data reached an all-time high of 13,371.000 Unit in 2016 and a record low of 5.000 Unit in 2004. India Cyber Security Incidents: Virus or Malicious Code data remains active status in CEIC and is reported by Indian Computer Emergency Response Team. The data is categorized under India Premium Database’s Transportation, Post and Telecom Sector – Table IN.TF010: Information Technology Statistics: Cyber Security Incidents.

Open-Source Cybersecurity and AI Security Datasets

This project provides a comprehensive collection of open-source datasets focused on cybersecurity threats and AI security vulnerabilities. The datasets are carefully selected to align with specific security threats, such as:

• Data Exfiltration
• Data Poisoning
• Model Manipulation
• Adversarial Examples
• Model Inversion
• Model Extraction
• Spoofing Attacks
• Unauthorized Access
• Supply Chain Compromise

Dataset Collection

Each dataset includes a detailed description, source type, purpose, and direct access links for easy retrieval.

1. DARPA Intrusion Detection Dataset

• Access Here
• Description: Simulated network traffic with various cyber attack scenarios (e.g., DoS, Probe, U2R, R2L).
• Format: PCAP
• Update Frequency: Static
• Use Cases: IDS training, intrusion detection research

2. MITRE ATT&CK Framework Data

• Access Here
• Description: A globally-accessible knowledge base of adversarial tactics, techniques, and procedures (TTPs).
• Format: JSON, STIX
• Update Frequency: Quarterly
• Use Cases: Threat intelligence, adversary simulation, AI model defense

3. VirusShare Malware Repository

• Access Here (Registration Required)
• Description: Large-scale collection of live malware samples for security research.
• Format: ZIP, PE files
• Update Frequency: Weekly
• Use Cases: AI-based malware detection, sandbox testing

4. National Vulnerability Database (NVD)

• Access Here
• Description: A repository of reported vulnerabilities (CVEs) with severity scores and descriptions.
• Format: XML, JSON
• Update Frequency: Daily
• Use Cases: Vulnerability management, exploit mitigation research

5. LANL Unified Host and Network Dataset

• Access Here
• Description: Enterprise-scale dataset containing network and host logs with real-world red-team attack events.
• Format: Text files
• Update Frequency: Static
• Use Cases: Insider threat detection, anomaly detection in network security

6. CIC-IDS2017 (Intrusion Detection Dataset)

• Access Here
• Description: Network traffic dataset with multiple attack types, including DDoS, brute-force, and infiltration attacks.
• Format: PCAP, CSV
• Update Frequency: Static
• Use Cases: Machine learning-based intrusion detection, behavioral analysis

7. CIC IoV CAN Bus Dataset 2024

• Access Here
• Description: Vehicle CAN bus data, including spoofing and denial-of-service (DoS) attack traces.
• Format: CSV, PCAP
• Update Frequency: Static
• Use Cases: Automotive security, AI-based anomaly detection in vehicles

8. ImageNet-A (Adversarial Image Dataset)

• Access Here
• Description: A dataset of real-world images that cause misclassification in deep learning models.
• Format: JPEG
• Update Frequency: Static
• Use Cases: Adversarial robustness evaluation, model retraining for security

The operational statistics cover the activities related to the incident response activities of CIRCL especially in regards to the reporting (e.g. incident reports, request for analysis or support during computer security incident) and notifications (e.g. take-down notification, notification about vulnerability) from/to third parties. The statistics exclude automatic structured notifications and information exchange happening via threat intelligence platforms such as the CIRCL MISP information sharing platform or any other automatic exchange setup with partners. In this section some statistics are presented about incidents handled by CIRCL between 2011 and 2017. During this time frame the attackers evolved, forcing CIRCL to adapt its internal procedures. Although the reporting to CIRCL is not mandatory, the reporting behaviour of constituents has changed. On one hand, the reputation of CIRCL increased, thereby increasing the amount of reporting to CIRCL. On the other hand, due to the trainings such as Introduction to incident response, forensic analysis and many others offered by CIRCL, have helped local organisations build up their own incident response capacities thereby reducing the number of reported incidents. This makes comparing the statistics of successive years challenging. Tickets are no indicators for the overall workload as there are some tickets that are very resource intensive whereas others are quickly solved. Nevertheless, the workload for the overall triage of the tickets is increasing and showing an increase in diversity when it comes to attacker practices.

Dataset Description:

This dataset captures the real-world online behavior of teenagers, focusing on e-safety awareness, cybersecurity risks, and device interactions. The data was collected from network activity logs and e-safety monitoring systems across various educational institutions and households in Texas and California. Spanning from January 2017 to October 2024, this dataset includes interactions with social media platforms, educational websites, and other online services, providing an in-depth look at teenage online activities in urban and suburban settings. The dataset is anonymized to protect user privacy and contains real incidents of network threats, security breaches, and cybersecurity behavior patterns observed in teenagers.

Use Cases:

Predicting e-safety awareness and online behavior patterns. Detecting malware exposure risk and cybersecurity vulnerabilities. Analyzing online habits related to social media and internet consumption. Evaluating cybersecurity behaviors like password strength, VPN usage, and phishing attempts. Features Overview:

S.No Feature Name Description 1 Device Type The type of device used during the online session (Mobile, Laptop, Tablet, Desktop, etc.) 2 Malware Detection Whether malware was detected on the device during the session (Yes/No) 3 Phishing Attempts Number of phishing attempts experienced during online activity 4 Social Media Usage Frequency of social media usage (Low, Medium, High) 5 VPN Usage Whether a VPN was used during the session (Yes/No) 6 Cyberbullying Reports Number of reported cyberbullying incidents 7 Parental Control Alerts Number of alerts triggered by parental control software 8 Firewall Logs Number of blocked or allowed network connections by the firewall 9 Login Attempts Number of login attempts during the session 10 Download Risk Risk level associated with downloaded files (Low, Medium, High) 11 Password Strength Strength of the passwords used (Weak, Moderate, Strong) 12 Data Breach Notifications Number of alerts regarding compromised personal information 13 Online Purchase Risk Risk level of online purchases made (Low, Medium, High) 14 Education Content Usage Frequency of engagement with educational content (Low, Medium, High) 15 Age Group Age category of the teenager (Under 13, 13-16, 17-19) 16 Geolocation Location of network access (US, EU, etc.) 17 Public Network Usage Whether the online activity occurred over a public network (Yes/No) 18 Network Type Type of network connection (WiFi, Cellular, etc.) 19 Hours Online Total hours spent online during the session 20 Website Visits Number of websites visited per hour during the session 21 Peer Interactions Level of peer-to-peer interactions during online activity 22 Risky Website Visits Whether visits to risky websites occurred (Yes/No) 23 Cloud Service Usage Whether cloud services were accessed during the session (Yes/No) 24 Unencrypted Traffic Whether unencrypted network traffic was accessed during the session (Yes/No) 25 Ad Clicks Whether online advertisements were clicked during the session (Yes/No) 26 Insecure Login Attempts Number of insecure login attempts made (e.g., over unencrypted networks) Potential Research and Machine Learning Applications:

Cybersecurity and anomaly detection models. Predictive modeling for e-safety awareness and risk behaviors. Time-series analysis of internet consumption and security threat trends. Behavioral clustering and pattern recognition in teenage online activity. Data Collection Method: The data was collected through collaboration with local schools and cybersecurity monitoring agencies. Real-time network monitoring systems captured interactions across different online platforms. All personally identifiable information (PII) was anonymized to ensure privacy, making the dataset ideal for public use in research and machine learning tasks.

This dataset provides a rich foundation for studying teenage online behavior patterns and developing predictive models for cybersecurity awareness and risk mitigation. Researchers and data scientists can use this data to create models that better understand online behavior, identify security risks, and design interventions to improve e-safety for teenagers.

This statistic shows the number of computer misuse fraud offences by type recorded in England and Wales in the years ending March 2017 and March 2018. Computer viruses and malware cases fell sharply from *** thousand cases in the year ending March 2017, to *** thousand in the year ending March 2018.

Network traffic datasets created by Single Flow Time Series Analysis

Datasets were created for the paper: Network Traffic Classification based on Single Flow Time Series Analysis -- Josef Koumar, Karel Hynek, Tomáš Čejka -- which was published at The 19th International Conference on Network and Service Management (CNSM) 2023. Please cite usage of our datasets as:

J. Koumar, K. Hynek and T. Čejka, "Network Traffic Classification Based on Single Flow Time Series Analysis," 2023 19th International Conference on Network and Service Management (CNSM), Niagara Falls, ON, Canada, 2023, pp. 1-7, doi: 10.23919/CNSM59352.2023.10327876.

This Zenodo repository contains 23 datasets created from 15 well-known published datasets which are cited in the table below. Each dataset contains 69 features created by Time Series Analysis of Single Flow Time Series. The detailed description of features from datasets is in the file: feature_description.pdf

In the following table is a description of each dataset file:

This statistic shows a ranking of the most common banking malware families worldwide. As of the first quarter of 2017, the Zbot family accounted for 47.79 percent of banking malware attacks. The second-ranked Nymaim family accounted for 30.59 percent.

As of August 2024, internet users worldwide discovered around ****** new common IT security vulnerabilities and exposures (CVEs). The highest reported annual figure was recorded in 2023, over ******. Global ransomware threats In the past couple of years, ransomware has become more prominent, becoming the most frequently reported type of cyberattack worldwide in 2023. Additionally, ** percent of organizations worldwide reported experiencing one to three ransomware infections. Among researched markets, France and South Africa were impacted the most. Costly and efficient ransomware families, such as StopCrypt and LockBit, ranked first by detections globally. Additionally, the 2017 WannaCry attack still holds the record as the most impactful ransomware event, causing an estimated **** billion U.S. dollars in damages. Manufacturing and ransomware Manufacturing remains one of the most targeted industries for cyberattacks. In 2023, it was the most vulnerable sector globally to ransomware, experiencing approximately *** incidents worldwide. These attacks were especially prevalent in industrial organizations in North America. Additionally, malware and network or application anomalies were among the most common types of cyber incidents affecting manufacturing organizations.

In 2023, the estimated number of distributed denial-of-service (DDoS) cyberattacks in Italy was of approximately ******. This represents a decrease from the ***** attacks registered in 20212. In 2019 and 2020, the country registered the peak of DDoS attacks, with over ****** cyberattacks reported.

This statistic shows a ranking of the countries most affected by banking trojans and PoS or ATM malware in 2017. During the measured year, Germany ranked first with 4.44 percent of malware victims having been attacked by financial malware.

Kaspersky Lab reported a global revenue of ****** million U.S. dollars in 2024, which was the highest figure over the observed period. Kaspersky Lab is Russia's highest-earning information security provider, followed by Gazinformservice and Softline. Antivirus market in Russia The two major antivirus providers among Russian companies are Kaspersky Lab and Doctor Web. Both are listed in the Russian registry of national software vendors, which means that their products can be supplied to state institutions. As of August 2021, Kaspersky Lab was one of the leading Windows anti-malware application vendors. Doctor Web focuses on making the information security industry within Russia independent from imports. Several foreign brands, such as Avast, Bitdefender, Eset, and Norton, stopped operating in Russia over its invasion of Ukraine in 2022. Kaspersky Lab ban on U.S. government computers The U.S. Department of Homeland Security suspected Kaspersky Lab of cooperating with Russian security authorities in 2017, subsequently prohibiting its use on computers within the government. In March 2022, the company was claimed to be presenting a threat to national security of the U.S. That meant that U.S. companies could not use the Universal Service Fund to buy Kaspersky Lab products. The fund is generally used to provide communications services for low-income customers, schools, and libraries, among others.