Explore high-quality datasets for your AI and machine learning projects.
We have constructed a relatively large Falco alert dataset for Kubernetes, containing both normal and APT attack alerts to facilitate the training of attack prediction models and support future research. Attack alerts were generated by applying CALDERA, an adversary simulation platform developed by MITRE, to simulate attacks in a Kubernetes cluster using MITRE ATT&CK tactic sequences. Normal alerts were obtained from Falco's routine alerts generated in the absence of attacks. All alerts were labeled as 'attack' or 'normal'. The dataset comprises 231 K alerts, including 2,314 attack alerts and 228,686 normal alerts.
