Intrusion Detection System

In the contemporary cybersecurity landscape, robust attack detection mechanisms are important for organizations. However, the current state of research in Software-Defined Networking (SDN) suffers from a notable lack of recent SDN-OpenFlow-based datasets. Here we introduce a novel dataset for intrusion detection in Software-Defined Networking named SDNFlow. The dataset, derived from OpenFlow statistics gathered from real traffic, integrates a comprehensive range of network activities.

This dataset consists of “.csv” files of 4 different routing attacks (Blackhole Attack, Flooding Attack, DODAG Version Number Attack, and Decreased Rank Attack) targeting the RPL protocol, and these files are taken from Cooja (Contiki network simulator). It allows researchers to develop IDS for RPL-based IoT networks using Artificial Intelligence and Machine Learning methods without simulating attacks. Simulating these attacks by mimicking real-world attack scenarios is essential to developing and testing protection mechanisms against such attacks.

The Advanced Metering Infrastructure is established in Electrical Drives Laboratory, School of Electrical and Electronics Engineering, SASTRA Deemed to be University, Thanjavur, Tamil Nadu,India. Further, the ARP spoofing attack emulation is deliberated between Smart Meter and Data Concentrator through the Ettercap tool in two different test beds by incorporating Modbus TCP/IP and MQTT.Then, the benign and malicious traffic patterns of two protocols are captured using Wireshark to form the dataset.

Anomaly detection is a well-known topic in cybersecurity. Its application to the Internet of Things can lead to suitable protection techniques against problems such as denial of service attacks.