Note : The scenario and data are loosely based on real -world cyber threats and attacks . However , this data set has been curated entirely to help you understand the types of data , correlations and issues that you may experience when handling real -world cyber security data . Data description The aggregated data available to WACY -COM are described by the following features (with data types given in square brackets ): [Categorical] Port - The port or service that was being attacked on the honey -pot network . Well known ports include 80 /443 (Web traffic ), 25 (Email reception ), 993 (Email collection ) [Categorical] Protocol - The Internet Protocol in use to conduct the attack [Numeric] Hits - How many hits 'the attacker made against the network [Numeric] Average Request Size (Bytes) - Average payload ' sent by the attacker [Numeric] Attack Window (Seconds ) - Duration of the attack [Numeric] Average Attacker Payload Entropy (Bits) - An attempt to qualify whether payload data were encrypted (higher Shannon entropy may indicate random data , data obfuscation or encryption ) [Categorical] Target Honeypot Server OS - The Operating System of the simulated server [Numeric] Attack Source IP Address Count - How many unique IP addresses were used