论文信息 - Process Control Cyber-Attacks and Labelled Datasets on S7Comm Critical Infrastructure

Process Control Cyber-Attacks and Labelled Datasets on S7Comm Critical Infrastructure

Cyber-security of their critical infrastructure is the current grand challenge facing nation-states. Development and research of cyber-security solutions for operational technology environments of critical infrastructure is being inhibited by the lack of publically available datasets. This paper provides a collection of labelled datasets containing attacks on the widely used STEP 7 (S7) protocol. To achieve this goal, we designed and executed a series of process-control attacks, using our physical critical infrastructure test-bed. The created labelled datasets, and the associated process logs, will directly aid in the development and assessment of intrusion detection systems (IDSs). We validate our dataset using Snort, configured with openly available S7 rule-sets.

[1] Aiko Pras,et al. A first look into SCADA network traffic , 2012, 2012 IEEE Network Operations and Management Symposium.

[2] Wei Gao,et al. On SCADA control system command and response injection and intrusion detection , 2010, 2010 eCrime Researchers Summit.

[3] Ronald M. van der Knijff,et al. Control systems/SCADA forensics, what's the difference? , 2014, Digit. Investig..

[4] Wei Gao,et al. Industrial Control System Traffic Data Sets for Intrusion Detection Research , 2014, Critical Infrastructure Protection.

[5] Christian Haas,et al. Anomaly Detection in Industrial Networks using Machine Learning: A Roadmap , 2016, ML4CPS.

[6] Aiko Pras,et al. Difficulties in Modeling SCADA Traffic: A Comparative Analysis , 2012, PAM.

[7] Ernest Foo,et al. Framework for SCADA cyber-attack dataset creation , 2017, ACSW.