https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The Westermo network traffic data set
Westermo Network Technologies AB, Västerås, Sweden.
Westermo Network Technologies AB, Västerås, Sweden.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. RISE Research Institutes of Sweden, Västerås, Sweden.ORCID iD: 0000-0001-5332-1033
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-3425-3837
Show others and affiliations
2023 (English)In: Data in Brief, E-ISSN 2352-3409, Vol. 50, article id 109512Article in journal (Refereed) Published
Abstract [en]

There is a growing body of knowledge on network intrusion detection, and several open data sets with network traffic and cyber-security threats have been released in the past decades. However, many data sets have aged, were not collected in a contemporary industrial communication system, or do not easily support research focusing on distributed anomaly detection. This paper presents the Westermo network traffic data set, 1.8 million network packets recorded in over 90 minutes in a network built up of twelve hardware devices. In addition to the raw data in PCAP format, the data set also contains pre-processed data in the form of network flows in CSV files. This data set can support the research community for topics such as intrusion detection, anomaly detection, misconfiguration detection, distributed or federated artificial intelligence, and attack classification. In particular, we aim to use the data set to continue work on resource-constrained distributed artificial intelligence in edge devices. The data set contains six types of events: harmless SSH, bad SSH, misconfigured IP address, duplicated IP address, port scan, and man in the middle attack. 

Place, publisher, year, edition, pages
Elsevier Inc. , 2023. Vol. 50, article id 109512
Keywords [en]
Cyber-physical systems, Distributed artificial intelligence, Industrial communication system, Network intrusion detection
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-64333DOI: 10.1016/j.dib.2023.109512ISI: 001072102800001Scopus ID: 2-s2.0-85170076058OAI: oai:DiVA.org:mdh-64333DiVA, id: diva2:1798980
Available from: 2023-09-20 Created: 2023-09-20 Last updated: 2023-11-06Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Dehlaghi-Ghadim, AlirezaLeon, MiguelMarkovic, TijanaPunnekkat, SasikumarHelali Moghadam, Mahshid

Search in DiVA

By author/editor
Dehlaghi-Ghadim, AlirezaLeon, MiguelMarkovic, TijanaPunnekkat, SasikumarHelali Moghadam, Mahshid
By organisation
Embedded Systems
In the same journal
Data in Brief
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 80 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf