ICS Dataset for Smart Grid Anomaly Detection

Citation Author(s):
Petr
Matoušek
Brno University of Technology, Czech Republic
Ondřej
Ryšavý
Brno University of Technology, Czech Republic
Peter
Grofčík
Brno University of Technology, Czech Republic
Submitted by:
Petr Matousek
Last updated:
Wed, 03/16/2022 - 11:08
DOI:
10.21227/1trw-n685
Data Format:
License:
0
0 ratings - Please login to submit your rating.

Abstract 

The dataset comprises of several files that contain smart grid communication, namely protocols IEC 60870-104 (IEC 104) and IEC 61850 (MMS) in form of CSV traces. The traces were generated from PCAP files using IPFIX flow probe or an extraction script. CSV traces include the timestamp, IP addresses and ports of communicating devices, and selected IEC 104 and MMS headers that are interesting for security monitoring and anomaly detection. Datasets were by obtained partly by monitoring communication of real ICS devices and partly by monitoring communication of virtual ICS applications. Datasets contain both normal traffic within a few days and traffic with attack like scanning, switching, command blocking, etc.

Instructions: 

The dataset is provided in the form of CSV traces obtained from MMS or IEC 104 packets. It contains both normal traffic and communication with anomalies (cyber attacks, link failure, etc.). Dataset is available as a ZIP file with folders containing captured communication.

Funding Agency: 
Ministry of Interior, Czech Republic

Comments

I want to access this dataset.
Please show me how to do that.

Submitted by Prithwish Maiti on Tue, 04/26/2022 - 03:59