协议不可解析通信数据集

该数据集是针对工业领域典型行业的安全应用需求，并分别在典型工控系统网络安全测试平台不同的作用位置给出了七种工控网络攻击方式：1.重放大流量攻击；2.IP地址更改；3.数据包丢失；4.数据包伪造；5.端口更改；6.数据包乱序；7.中间人攻击。平台由监督控制层、现场控制层、现场设备层三层组成。监督控制层包含全员操作站、OPC服务器、主工程师站以及时钟同步服务器，现场控制层分别采用国内中控Ecs700、国外Honeywell两套控制器。现场设备层将串级水箱作为控制对象。借助Wireshark工具采集了网络通信数据，为项目的算法研究提供大数据分析的驱动力。

This dataset is developed to address the cybersecurity application requirements of typical industrial sectors. Seven types of industrial control network attacks are conducted at distinct deployment locations on a standard Industrial Control System (ICS) cybersecurity test platform: 1. High-throughput replay attack; 2. IP address modification; 3. Packet loss; 4. Packet forgery; 5. Port modification; 6. Packet out-of-order; 7. Man-in-the-middle (MITM) attack. The test platform is structured in three tiers: the supervisory control layer, the field control layer, and the field device layer. The supervisory control layer includes the operator station, OPC server, main engineer station, and clock synchronization server. The field control layer adopts two sets of controllers: the domestic Supcon Ecs700 and the overseas Honeywell controller. The field device layer takes a cascaded water tank as the control object. Network communication data is collected using Wireshark, which provides robust support for big data analysis in the algorithm research of this project.