This dataset accurately models the internal behavior of an IoT spectrum sensor (belonging to the ElectroSense platform and consisting of a Raspberry Pi 3 with a software-defined radio kit) when it is functioning normally and under attack. To accomplish it, the system calls of the IoT sensor are monitored under normal behavior, gathered, cleaned, and stored in a centralized directory. Then, the device is infected with current malware affecting IoT devices, such as the Bashlite botnet, Thetick backdoor, Bdvl rootkit, and a Ransomware proof of concept.

The dataset is generated by performing different Man-in-the-Middle (MiTM) attacks in the synthetic cyber-physical electric grid in RESLab Testbed at Texas AM University, US. The testbed consists of a real-time power system simulator (Powerworld Dynamic Studio), network emulator (CORE), Snort IDS, open DNP3 master, SEL real-time automation controller (RTAC), and Cisco Layer-3 switch. With different scenarios of MiTM attack, we implement a logic-based defense mechanism in RTAC and save the traffic data and related cyber alert data under the attack.

This dataset was created using Wireshark. The dataset contains a total of 30 encrypted communication records, 3 records (.pcap) were created for each application. The records were obtained from a mobile device that was connected to the laptop using wifi technology. The laptop was connected to the Internet and contained a running instance of Wireshark to create a record. The telephone had been restarted before each record was created. After connecting to the network, the device was left without user interaction for 5 minutes.

“ProVerif” is a powerful utility designed to examine “reachability properties,” “correspondence assertions,” and “observational equivalences.” Our protocol modelling addresses both the elemental security requirements, like “impersonation” or “replay” attack, and the most advanced ones, like “perfect forward secrecy” or “password guessing attack.”

Because we had a limited space in our published paper, the program source codes are provided here. The codes can be tested online at "http://proverif16.paris.inria.fr/".

Port scanning attack is popular method to map a remote network or identify operating systems and applications. It allows the attackers to discover and exploit the vulnerabilities in the network.

The goal of our research is to identify malicious advertisement URLs and to apply adversarial attack on ensembles. We extract lexical and web-scrapped features from using python code. And then 4 machine learning algorithms are applied for the classification process and then used the K-Means clustering for the visual understanding. We check the vulnerability of the models by the adversarial examples. We applied Zeroth Order Optimization adversarial attack on the models and compute the attack accuracy.

This dataset's data is from the Alibaba-Security-Algorithm-Challenge, and the related web site is: https://tianchi.aliyun.com/competition/entrance/231694/information

This dataset is used to illustrate an application of the klm-based profiling and preventing security attack (klm-PPSA) system. The klm-PPSA system is developed to detect, profile, and prevent (un)known security attacks before accessing the cloud services/resources. This dataset was generated based on one-user logical scenarios when attempting to access cloud services/resources. You will find attached the comma-separated values file of the dataset, which contains 460 instances and 13 attributes of the dependent and independent variables.

This dataset is used for network anomaly detection and is based on the UGR16 dataset network traffic flows. We used June week 2 to 4 tensors generated from raw flow data to train the models. The dataset includes a set of tensors generated from the whole UGR’16 network traffic (general tensor data) and several sets of port tensors (for specific port numbers). It also includes the trained models for each type of tensor. The tensors extracted from network traffic in the period from July week 5 to the end of August can be used for evaluation. The naming convention is as follows:

BGP volume data aggregated from RIPE and Route Views based on data used by researchers in other work [1].

[1] Z. Li, A. L. G. Rios, and L. Trajkovic, “Detecting Internet Worms, Ransomware, and Blackouts Using Recurrent Neural Networks,” in 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC). Toronto, ON, Canada: IEEE, Oct. 2020, pp. 2165–2172.