This repository provides the data for the paper "Self-propagating Malware Containment Via Reinforcement Learning" by Sebastian Eresheim and Daniel Pasterk
Note: Due to a recording error data set 1 contains data packets with tcp destination port 4449. This port is used to signal a vulnerable vm to release an infection. In our evaluation we actively filtered out these packets to NOT REPLAY them. However even if these network packets are still considered, the agent would still learn to find indicating network packets that hint for an infection without any labels. The scenario would just be less realistic since these network packages are generally not included in such an attack.