ICS-ADD -A Smart Industry Testbed Dataset for Cyber-Physical Security Monitoring Testing

The increasing integration of cyber-physical systems in industrial environments has under scored the critical need for robust security measures to counteract evolving cyber threats. In response to this need, this work introduces an open-source dataset designed to enhance the development and evaluation of cybersecurity solutions for smart industries. The dataset comprises a traffic capture of an industrial control system (ICS) subjected to a variety of simulated cyber-attacks, including but not limited to denial of service (DoS), man-in-the-middle (MITM), and malware infiltration. In addition to raw network traffic, the dataset presents the output of two widely utilized open-source security monitoring tools, OSSIM (Open Source Security Information Management) and Suricata, which offer insights into the detection and analysis capabilities of existing security frameworks against these simulated threats. By providing a detailed account of attack methodologies, network traffic characteristics, and tool responses, this dataset serves as a valuable resource for researchers and practitioners aiming to develop, test, and benchmark new cyber-physical security monitoring and detection technologies.

随着信息物理系统（Cyber-Physical Systems）在工业环境中的集成度不断提升，业界对于能够抵御不断演变的网络威胁的稳健安全方案的迫切需求愈发凸显。针对这一需求，本研究推出一款开源数据集，旨在助力智能工业领域网络安全解决方案的开发与评估。该数据集包含工业控制系统（Industrial Control System, ICS）在遭受各类模拟网络攻击后的流量捕获数据，涵盖拒绝服务（Denial of Service, DoS）、中间人（Man-in-the-Middle, MITM）攻击与恶意软件渗透等多种攻击类型（但不限于此）。除原始网络流量数据外，该数据集还提供两款广泛使用的开源安全监控工具的输出结果：OSSIM（开源安全信息管理系统，Open Source Security Information Management）与Suricata，二者可用于分析现有安全框架针对上述模拟威胁的检测与分析能力。本数据集详细记录了攻击方法、网络流量特征以及工具响应情况，可为致力于开发、测试与基准测试新型信息物理安全监控与检测技术的研究人员与从业者提供宝贵的研究资源。