Open this publication in new window or tab >>Show others...
2023 (English)In: Data in Brief, E-ISSN 2352-3409, Vol. 50, article id 109512Article in journal (Refereed) Published
Abstract [en]
There is a growing body of knowledge on network intrusion detection, and several open data sets with network traffic and cyber-security threats have been released in the past decades. However, many data sets have aged, were not collected in a contemporary industrial communication system, or do not easily support research focusing on distributed anomaly detection. This paper presents the Westermo network traffic data set, 1.8 million network packets recorded in over 90 minutes in a network built up of twelve hardware devices. In addition to the raw data in PCAP format, the data set also contains pre-processed data in the form of network flows in CSV files. This data set can support the research community for topics such as intrusion detection, anomaly detection, misconfiguration detection, distributed or federated artificial intelligence, and attack classification. In particular, we aim to use the data set to continue work on resource-constrained distributed artificial intelligence in edge devices. The data set contains six types of events: harmless SSH, bad SSH, misconfigured IP address, duplicated IP address, port scan, and man in the middle attack.
Place, publisher, year, edition, pages
Elsevier Inc., 2023
Keywords
Cyber-physical systems, Distributed artificial intelligence, Industrial communication system, Network intrusion detection
National Category
Computer Sciences
Identifiers
urn:nbn:se:mdh:diva-64333 (URN)10.1016/j.dib.2023.109512 (DOI)001072102800001 ()2-s2.0-85170076058 (Scopus ID)
2023-09-202023-09-202023-11-06Bibliographically approved