Cyber4OT数据集：用于工业控制系统中网络安全漏洞评估的网络痕迹

IF 2.4 4区计算机科学 Q2 COMPUTER SCIENCE, SOFTWARE ENGINEERING

SoftwareX Pub Date : 2025-05-30 DOI:10.1016/j.softx.2025.102196

Krzysztof Cabaj , Sebastian Plamowski , Patryk Chaber , Maciej Ławryńczuk , Piotr Marusak , Robert Nebeluk , Andrzej Wojtulewicz , Krzysztof Zarzycki

{"title":"Cyber4OT数据集：用于工业控制系统中网络安全漏洞评估的网络痕迹","authors":"Krzysztof Cabaj , Sebastian Plamowski , Patryk Chaber , Maciej Ławryńczuk , Piotr Marusak , Robert Nebeluk , Andrzej Wojtulewicz , Krzysztof Zarzycki","doi":"10.1016/j.softx.2025.102196","DOIUrl":null,"url":null,"abstract":"<div><div>The article introduces the Cyber4OT dataset containing network traces concerning normal and simulated attacker-hostile activity in an Industrial Control System (ICS) environment. As many as 96 traces contain over 4.25 million packets and have over 385 MB capacity. The simulated attacks have been performed on a dedicated laboratory testbed. The testbed mimics industrial plants’ Information Technology (IT) and Operational Technology (OT) infrastructure. The testbed deliberately uses continuous and binary control processes of fast and slow dynamics. Industrial Programmable Logic Controllers (PLCs) are used to control the processes. A dedicated industrial network provides the communication between the ICS equipment, Supervisory Control and Data Acquisition (SCADA) system and Human Machine Interface (HMI) panels. The communication is configured to test multiple communication protocols, including the standard industrial Modbus protocol. The entire industrial infrastructure is connected to an external office network. Since the infrastructure and its components are typical of industrial solutions, the described dataset collected using such a realistic testbed could be beneficial for a broad scope of researchers to evaluate the vulnerability of ICSs to cyber attacks using classical and artificial intelligence methods.</div></div>","PeriodicalId":21905,"journal":{"name":"SoftwareX","volume":"31 ","pages":"Article 102196"},"PeriodicalIF":2.4000,"publicationDate":"2025-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyber4OT dataset: Network traces for cyber-security vulnerability evaluation in industrial control systems\",\"authors\":\"Krzysztof Cabaj , Sebastian Plamowski , Patryk Chaber , Maciej Ławryńczuk , Piotr Marusak , Robert Nebeluk , Andrzej Wojtulewicz , Krzysztof Zarzycki\",\"doi\":\"10.1016/j.softx.2025.102196\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The article introduces the Cyber4OT dataset containing network traces concerning normal and simulated attacker-hostile activity in an Industrial Control System (ICS) environment. As many as 96 traces contain over 4.25 million packets and have over 385 MB capacity. The simulated attacks have been performed on a dedicated laboratory testbed. The testbed mimics industrial plants’ Information Technology (IT) and Operational Technology (OT) infrastructure. The testbed deliberately uses continuous and binary control processes of fast and slow dynamics. Industrial Programmable Logic Controllers (PLCs) are used to control the processes. A dedicated industrial network provides the communication between the ICS equipment, Supervisory Control and Data Acquisition (SCADA) system and Human Machine Interface (HMI) panels. The communication is configured to test multiple communication protocols, including the standard industrial Modbus protocol. The entire industrial infrastructure is connected to an external office network. Since the infrastructure and its components are typical of industrial solutions, the described dataset collected using such a realistic testbed could be beneficial for a broad scope of researchers to evaluate the vulnerability of ICSs to cyber attacks using classical and artificial intelligence methods.</div></div>\",\"PeriodicalId\":21905,\"journal\":{\"name\":\"SoftwareX\",\"volume\":\"31 \",\"pages\":\"Article 102196\"},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2025-05-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"SoftwareX\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2352711025001633\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"SoftwareX","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2352711025001633","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

本文介绍了包含工业控制系统（ICS）环境中正常和模拟攻击者敌对活动的网络跟踪的Cyber4OT数据集。多达96条trace包含超过425万个数据包，容量超过385 MB。模拟攻击已在专门的实验室测试台上进行。该试验台模拟了工业工厂的信息技术（IT）和操作技术（OT）基础设施。试验台故意采用连续和二元控制过程的快慢动态。工业可编程逻辑控制器（plc）用于控制过程。专用工业网络提供ICS设备，监控和数据采集（SCADA）系统和人机界面（HMI）面板之间的通信。该通信配置为测试多种通信协议，包括标准工业Modbus协议。整个工业基础设施连接到外部办公网络。由于基础设施及其组件是典型的工业解决方案，因此使用这种现实测试平台收集的所描述的数据集可能有利于广泛的研究人员使用经典和人工智能方法评估ics对网络攻击的脆弱性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Cyber4OT dataset: Network traces for cyber-security vulnerability evaluation in industrial control systems

The article introduces the Cyber4OT dataset containing network traces concerning normal and simulated attacker-hostile activity in an Industrial Control System (ICS) environment. As many as 96 traces contain over 4.25 million packets and have over 385 MB capacity. The simulated attacks have been performed on a dedicated laboratory testbed. The testbed mimics industrial plants’ Information Technology (IT) and Operational Technology (OT) infrastructure. The testbed deliberately uses continuous and binary control processes of fast and slow dynamics. Industrial Programmable Logic Controllers (PLCs) are used to control the processes. A dedicated industrial network provides the communication between the ICS equipment, Supervisory Control and Data Acquisition (SCADA) system and Human Machine Interface (HMI) panels. The communication is configured to test multiple communication protocols, including the standard industrial Modbus protocol. The entire industrial infrastructure is connected to an external office network. Since the infrastructure and its components are typical of industrial solutions, the described dataset collected using such a realistic testbed could be beneficial for a broad scope of researchers to evaluate the vulnerability of ICSs to cyber attacks using classical and artificial intelligence methods.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

SoftwareX COMPUTER SCIENCE, SOFTWARE ENGINEERING-

CiteScore

5.50

自引率

2.90%

发文量

184

审稿时长

9 weeks

期刊介绍： SoftwareX aims to acknowledge the impact of software on today''s research practice, and on new scientific discoveries in almost all research domains. SoftwareX also aims to stress the importance of the software developers who are, in part, responsible for this impact. To this end, SoftwareX aims to support publication of research software in such a way that: The software is given a stamp of scientific relevance, and provided with a peer-reviewed recognition of scientific impact; The software developers are given the credits they deserve; The software is citable, allowing traditional metrics of scientific excellence to apply; The academic career paths of software developers are supported rather than hindered; The software is publicly available for inspection, validation, and re-use. Above all, SoftwareX aims to inform researchers about software applications, tools and libraries with a (proven) potential to impact the process of scientific discovery in various domains. The journal is multidisciplinary and accepts submissions from within and across subject domains such as those represented within the broad thematic areas below: Mathematical and Physical Sciences; Environmental Sciences; Medical and Biological Sciences; Humanities, Arts and Social Sciences. Originating from these broad thematic areas, the journal also welcomes submissions of software that works in cross cutting thematic areas, such as citizen science, cybersecurity, digital economy, energy, global resource stewardship, health and wellbeing, etcetera. SoftwareX specifically aims to accept submissions representing domain-independent software that may impact more than one research domain.