Industrial Control System Traffic Data Sets for Intrusion Detection Research

Abstract : Supervisory control and data acquisition (SCADA) systems monitor and control physical processes associated with the critical infrastructure. Weaknesses in the application layer protocols, however, leave SCADA networks vulnerable to attack. In response, cyber security researchers have developed myriad intrusion detection systems. Researchers primarily rely on unique threat models and the corresponding network traffic data sets to train and validate their intrusion detection systems. This leads to a situation in which researchers cannot independently verify the results, cannot compare the effectiveness of different intrusion detection systems, and cannot adequately validate the ability of intrusion detection systems to detect various classes of attacks. Indeed, a common data set is needed that can be used by researchers to compare intrusion detection approaches and implementations. This paper describes four data sets, which include network traffic, process control and process measurement features from a set of 28 attacks against two laboratory-scale industrial control systems that use the MODBUS application layer protocol. The data sets, which are freely available, enable effective comparisons of intrusion detection solutions for SCADA systems.
Type de document :
Communication dans un congrès
Jonathan Butts; Sujeet Shenoi. 8th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2014, Arlington, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-441, pp.65-78, 2014, Critical Infrastructure Protection VIII. 〈10.1007/978-3-662-45355-1_5〉
Liste complète des métadonnées

Littérature citée [15 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01386754
Contributeur : Hal Ifip <>
Soumis le : lundi 24 octobre 2016 - 15:31:38
Dernière modification le : lundi 24 octobre 2016 - 15:40:28

Fichier

978-3-662-45355-1_5_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Thomas Morris, Wei Gao. Industrial Control System Traffic Data Sets for Intrusion Detection Research. Jonathan Butts; Sujeet Shenoi. 8th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2014, Arlington, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-441, pp.65-78, 2014, Critical Infrastructure Protection VIII. 〈10.1007/978-3-662-45355-1_5〉. 〈hal-01386754〉

Partager

Métriques

Consultations de la notice

101

Téléchargements de fichiers

188