Systematic review and characterisation of malicious industrial network traffic datasets
Martin Dobler, Michael Hellwig, Nuno Lopes, Ken Oakley and, Mike Winterburn
TL;DR
This paper systematically reviews publicly available datasets of industrial network traffic, categorizing attack types and analyzing metadata to aid researchers in selecting suitable datasets for AI-based cybersecurity research.
Contribution
It provides a comprehensive categorization and analysis of industrial network traffic datasets, facilitating better dataset selection for AI cybersecurity research.
Findings
Datasets vary significantly in attack types and metadata
Analysis helps identify datasets suitable for specific ML tasks
Community benefits from structured dataset overview
Abstract
The adoption of the Industrial Internet of Things (IIoT) as a complementary technology to Operational Technology (OT) has enabled a new level of standardised data access and process visibility. This convergence of Information Technology (IT), OT, and IIoT has also created new cybersecurity vulnerabilities and risks that must be managed. Artificial Intelligence (AI) is emerging as a powerful tool to monitor OT/IIoT networks for malicious activity and is a highly active area of research. AI researchers are applying advanced Machine Learning (ML) and Deep Learning (DL) techniques to the detection of anomalous or malicious activity in network traffic. They typically use datasets derived from IoT/IIoT/OT network traffic captures to measure the performance of their proposed approaches. Therefore, there is a widespread need for datasets for algorithm testing. This work systematically reviews…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection