Dataset of Port Scanning Attacks on Emulation Testbed and Hardware-in-the-loop Testbed

There are four folders in this dataset: SNL_MathModel, SNL_minimega_emulation, TAMU_CORE_emulation, and TAMU_RESLab_physical. In each folder, it has the processed data from each environment under four port scanning scenarios.

• SNL_minimega_emulation: This folder contains four datasets generated from minimega. There are two folders inside. The 100 sample folder contains two datasets that consider the attack scenarios of sequentially scanning the ports considering 0% packet loss rate using Fast Loud scanning strategy and Slow Stealthy scanning strategy with 100 samples, respectively. The 1000 sample folder contains two datasets that consider the attack scenarios of sequentially scanning the ports considering 10% packet loss rate using Fast Loud scanning strategy and Slow Stealthy scanning strategy with 1000 samples, respectively. For each dataset, it shows the number of discovered Open, Closed, Filtered (Inconclusive) ports in the given system with a time interval of 1 second at each sample (run).

• TAMU_CORE_emulation: This folder contains four datasets generated from CORE. There are four folders inside. Each folder has the corresponding dataset as the folder name indicates. The Random_fast_10percent Drop folder contains the dataset that consider the attack scenarios of randomly scanning the ports considering 10% packet loss rate using Fast Loud scanning strategy with 1000 samples. The Random_slow_10percent_Drop folder contains the dataset that consider the attack scenarios of randomly scanning the ports considering 10% packet loss rate using Slow Stealthy scanning strategy with 1000 samples. The Sequential_fast_0percent_Drop folder contains the dataset that consider the attack scenarios of sequentially scanning the ports considering 0% packet loss rate using Fast Loud scanning strategy with 1000 samples. The Sequential_slow_0percent_Drop folder contains the dataset that consider the attack scenarios of sequentially scanning the ports considering 0% packet loss rate using Slow Stealthy scanning strategy with 1000 samples. For each dataset, it shows the number of discovered Open, Closed, Filtered (Inconclusive) ports in the given system with a time interval of 1 second at each sample (run). 

• TAMU_RESLab_physical: This folder contains four datasets generated from RESLab Testbed. There are four folders inside. Each folder has the corresponding dataset as the folder name indicates. The Random_fast_10percent_Drop folder contains the dataset that consider the attack scenarios of randomly scanning the ports considering 10% packet loss rate using Fast Loud scanning strategy with 1000 samples. The Random_slow_10percent_Drop folder contains the dataset that consider the attack scenarios of randomly scanning the ports considering 10% packet loss rate using Slow Stealthy scanning strategy with 1000 samples. The Sequential_fast_0percent_Drop folder contains the dataset that consider the attack scenarios of sequentially scanning the ports considering 0% packet loss rate using Fast Loud scanning strategy with 1000 samples. The Sequential_slow_0percent_Drop folder contains the dataset that consider the attack scenarios of sequentially scanning the ports considering 0% packet loss rate using Slow Stealthy scanning strategy with 1000 samples. For each dataset, it shows the number of discovered Open, Closed, Filtered (Inconclusive) ports in the given system with a time interval of 1 second at each sample (run). 

• SNL_MathModel: This folder contains two datasets generated from a math model that describes port scanning progress by an attacker and intrusion detection by a defender. They consider the attack scenarios of randomly scanning the ports considering 10% packet loss rate using Fast Loud scanning strategy and Slow Stealthy scanning strategy, respectively. The datasets describe the average discovered Open ports and Closed ports in the given system at a time interval of 10 seconds.