Search: onr:"swepub:oai:DiVA.org:mdh-65227" >
Anomaly Detection D...
Anomaly Detection Dataset for Industrial Control Systems
-
- Dehlaghi Ghadim, Alireza (author)
- RISE,Mälardalens universitet,Inbyggda system,RISE Res Inst, S-50115 Pitea, Sweden.,Industriella system,Mälardalens University, Sweden
-
- Helali Moghadam, Mahshid (author)
- Mälardalens universitet,Inbyggda system,Malardalen Univ, Sch Innovat Design & Engn, S-72123 Vasteras, Sweden.,Mälardalens University, Sweden
-
- Balador, Ali (author)
- Mälardalens universitet,Inbyggda system,Mälardalens University, Sweden
-
show more...
-
- Hansson, Hans (author)
- RISE,Mälardalens universitet,Inbyggda system,RISE Res Inst, S-50115 Pitea, Sweden.,Industriella system,Mälardalens University, Sweden
-
show less...
-
(creator_code:org_t)
- IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 2023
- 2023
- English.
-
In: IEEE Access. - : IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC. - 2169-3536. ; 11, s. 107982-107996
- Related links:
-
https://doi.org/10.1...
-
show more...
-
https://urn.kb.se/re...
-
https://doi.org/10.1...
-
https://urn.kb.se/re...
-
show less...
Abstract
Subject headings
Close
- Over the past few decades, Industrial Control Systems (ICS) have been targeted by cyberattacks and are becoming increasingly vulnerable as more ICSs are connected to the internet. Using Machine Learning (ML) for Intrusion Detection Systems (IDS) is a promising approach for ICS cyber protection, but the lack of suitable datasets for evaluating ML algorithms is a challenge. Although a few commonly used datasets may not reflect realistic ICS network data, lack necessary features for effective anomaly detection, or be outdated. This paper introduces the 'ICS-Flow' dataset, which offers network data and process state variables logs for supervised and unsupervised ML-based IDS assessment. The network data includes normal and anomalous network packets and flows captured from simulated ICS components and emulated networks, where the anomalies were applied to the system through various cyberattacks. We also proposed an open-source tool, "ICSFlowGenerator," for generating network flow parameters from Raw network packets. The final dataset comprises over 25,000,000 raw network packets, network flow records, and process variable logs. The paper describes the methodology used to collect and label the dataset and provides a detailed data analysis. Finally, we implement several ML models, including the decision tree, random forest, and artificial neural network to detect anomalies and attacks, demonstrating that our dataset can be used effectively for training intrusion detection ML models.
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Keyword
- Anomaly detection dataset
- industrial control system
- intrusion detection
- cyberattack
- network flow
- artificial intelligence
Publication and Content Type
- ref (subject category)
- art (subject category)
Find in a library
To the university's database