A dataset to train intrusion detection systems based on machine learning models for electrical substations.

IF 1 Q3 MULTIDISCIPLINARY SCIENCES

Data in Brief Pub Date : 2024-11-20 eCollection Date: 2024-12-01 DOI:10.1016/j.dib.2024.111153

Esteban Damián Gutiérrez Mlot, Jose Saldana, Ricardo J Rodríguez, Igor Kotsiuba, Carlos Gañán

{"title":"A dataset to train intrusion detection systems based on machine learning models for electrical substations.","authors":"Esteban Damián Gutiérrez Mlot, Jose Saldana, Ricardo J Rodríguez, Igor Kotsiuba, Carlos Gañán","doi":"10.1016/j.dib.2024.111153","DOIUrl":null,"url":null,"abstract":"<p><p>The growing integration of Information and Communication Technology into Operational Technology environments in electrical substations exposes them to new cybersecurity threats. This paper presents a comprehensive dataset of substation traffic, aimed at improving the training and benchmarking of Intrusion Detection Systems (IDS) installed in these facilities that are based on machine learning techniques. The dataset includes raw network captures and flows from real substations, filtered and anonymized to ensure privacy. It covers the main protocols and standards used in substation environments: IEC61850, IEC104, NTP, and PTP. Additionally, the dataset includes traces obtained during several cyberattacks, which were simulated in a controlled laboratory environment, providing a rich resource for developing and testing machine learning models for cybersecurity applications in substations. A set of complementary tools for dataset creation and preprocessing are also included to standardize the methodology, ensuring consistency and reproducibility. In summary, the dataset addresses the critical need for high-quality, targeted data for tuning IDS at electrical substations and contributes to the advancement of secure and reliable power distribution networks.</p>","PeriodicalId":10973,"journal":{"name":"Data in Brief","volume":"57 ","pages":"111153"},"PeriodicalIF":1.0000,"publicationDate":"2024-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC11647109/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Data in Brief","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1016/j.dib.2024.111153","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/1 0:00:00","PubModel":"eCollection","JCR":"Q3","JCRName":"MULTIDISCIPLINARY SCIENCES","Score":null,"Total":0}

引用次数: 0

Abstract

The growing integration of Information and Communication Technology into Operational Technology environments in electrical substations exposes them to new cybersecurity threats. This paper presents a comprehensive dataset of substation traffic, aimed at improving the training and benchmarking of Intrusion Detection Systems (IDS) installed in these facilities that are based on machine learning techniques. The dataset includes raw network captures and flows from real substations, filtered and anonymized to ensure privacy. It covers the main protocols and standards used in substation environments: IEC61850, IEC104, NTP, and PTP. Additionally, the dataset includes traces obtained during several cyberattacks, which were simulated in a controlled laboratory environment, providing a rich resource for developing and testing machine learning models for cybersecurity applications in substations. A set of complementary tools for dataset creation and preprocessing are also included to standardize the methodology, ensuring consistency and reproducibility. In summary, the dataset addresses the critical need for high-quality, targeted data for tuning IDS at electrical substations and contributes to the advancement of secure and reliable power distribution networks.

查看原文本刊更多论文

基于变电站机器学习模型的入侵检测系统训练数据集。

信息和通信技术日益融入变电站的操作技术环境，使变电站面临新的网络安全威胁。本文介绍了变电站流量的综合数据集，旨在改进安装在这些设施中基于机器学习技术的入侵检测系统（IDS）的培训和基准测试。数据集包括来自真实变电站的原始网络捕获和流量，经过过滤和匿名处理以确保隐私。它涵盖了变电站环境中使用的主要协议和标准：IEC61850， IEC104， NTP和PTP。此外，该数据集还包括在受控实验室环境中模拟的几次网络攻击期间获得的痕迹，为开发和测试变电站网络安全应用的机器学习模型提供了丰富的资源。还包括一组用于数据集创建和预处理的补充工具，以标准化方法，确保一致性和可重复性。总而言之，该数据集满足了对高质量、有针对性的数据的关键需求，用于调整变电站的IDS，并有助于推进安全可靠的配电网络。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Data in Brief MULTIDISCIPLINARY SCIENCES-

CiteScore

3.10

自引率

0.00%

发文量

996

审稿时长

70 days

期刊介绍： Data in Brief provides a way for researchers to easily share and reuse each other''s datasets by publishing data articles that: -Thoroughly describe your data, facilitating reproducibility. -Make your data, which is often buried in supplementary material, easier to find. -Increase traffic towards associated research articles and data, leading to more citations. -Open up doors for new collaborations. Because you never know what data will be useful to someone else, Data in Brief welcomes submissions that describe data from all research areas.