Dataset of Port Scanning Attacks on Emulation Testbed and Hardware-in-the-loop Testbed

Port scanning attack is popular method to map a remote network or identify operating systems and applications. It allows the attackers to discover and exploit the vulnerabilities in the network. The dataset is generated by performing four scenarios of port scanning attacks on a 8-substation supervisory control and data acquisition (SCADA) system at three different environments, including the minimega at Sandia National Lab (SNL), the Common Open Research Emulator (CORE) at Texas A&M University, and the hardware-in-the-loop RESLab Testbed at Texas A&M University. The purpose of these experiments are to reproduce the attack scenarios in different environments and validate the emulated communication system with hardware-based system, especially the industrial programmable controllers (PLCs). The generated dataset can be beneficial for the community to study the behavior of port scanning attacks and the validate the methodologies for detecting and preventing port scanning attacks.