ICS Dataset for Smart Grid Anomaly Detection

Citation Author(s):: Petr Matoušek (Brno University of Technology, Czech Republic)

Ondřej Ryšavý (Brno University of Technology, Czech Republic)

Peter Grofčík (Brno University of Technology, Czech Republic)
Submitted by:: Petr Matousek
Last updated:: Wed, 03/16/2022 - 15:08
DOI:: 10.21227/1trw-n685
Data Format:: *.csv; *.pcap; *.txt; *.zip

8423 views

Categories:

Keywords:

smart grid; IEC 104; MMS; anomaly detection; industrial network

ACCESS DATASET CITE

Abstract

The dataset comprises of several files that contain smart grid communication, namely protocols IEC 60870-104 (IEC 104) and IEC 61850 (MMS) in form of CSV traces. The traces were generated from PCAP files using IPFIX flow probe or an extraction script. CSV traces include the timestamp, IP addresses and ports of communicating devices, and selected IEC 104 and MMS headers that are interesting for security monitoring and anomaly detection. Datasets were by obtained partly by monitoring communication of real ICS devices and partly by monitoring communication of virtual ICS applications. Datasets contain both normal traffic within a few days and traffic with attack like scanning, switching, command blocking, etc.

Instructions:

The dataset is provided in the form of CSV traces obtained from MMS or IEC 104 packets. It contains both normal traffic and communication with anomalies (cyber attacks, link failure, etc.). Dataset is available as a ZIP file with folders containing captured communication.

Funding Agency

Ministry of Interior, Czech Republic

I want to access this dataset. Please show me how to do that.

Prithwish Maiti Tue, 04/26/2022 - 07:59 Permalink

I want to do some research in ics Abnormal traffic detection，I need this dataset.

QIU SHAOYONG Tue, 06/27/2023 - 05:47 Permalink

I download the dataset, but I was surprised that connection-loss, dos-attacks, injection-attack and normal-traffic are exactly the same file. The same issue with folder gis-mms.

najet hamdi Tue, 01/17/2023 - 19:23 Permalink

hi najet brother can you provide me this dataset

Hasan Khan Thu, 02/08/2024 - 12:47 Permalink

excuse me, have you got this data set?

an an Thu, 03/28/2024 - 10:54 Permalink

I came across your work which matches with my area of interest. I along with my scholars are working on building models for network intrusion detection using ML techniques. May I request you to provide access to the ICS dataset which will be solely used for academic purposes to build ML based models for anomaly based IDS.

Prof. M R Patra

mrpatra@nist.edu

Manas Patra Sat, 07/27/2024 - 09:09 Permalink

Can you provide me the dataset ,Please! !!

Subhashini Thilakar Thu, 09/05/2024 - 04:44 Permalink

I want this data because I am doing some research

Rahaf Althomali Thu, 09/05/2024 - 11:57 Permalink

Hi. I would like to access this dataset for my research project.

Niranjana Unnithan Wed, 10/02/2024 - 14:06 Permalink

Hi. I would like to access this dataset for my research project.

li jiejing Sat, 10/19/2024 - 07:53 Permalink

Hi. I would like to access this dataset for my research project.

Zeyad Al-Odat Tue, 11/05/2024 - 17:45 Permalink

Hi, I would like to have access this dataset, for my research on my master thesis project.

Francisco Alves Wed, 02/26/2025 - 10:19 Permalink

Hi, could you please provie me the dataset, for my research on the development of my master thesis.
Could you please send it to me? "pg53820@uminho.pt".

Francisco Alves Wed, 02/26/2025 - 10:41 Permalink

I want this data because I am doing some research,thank you very much!!

weiyi sun Mon, 03/03/2025 - 02:30 Permalink

This dataset has been released under the creative common license. How come I need to have an active IEEE subscription to download it?

Stefano Iannucci Wed, 03/26/2025 - 09:14 Permalink