Skip to main content
SpringerLink
Log in
Book cover

International Conference on Risks and Security of Internet and Systems

CRiSIS 2020: Risks and Security of Internet and Systems pp 273–288Cite as

New Dataset for Industry 4.0 to Address the Change in Threat Landscape

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12528))

Abstract

Because of its connectivity and its convergence with the IT world, industry 4.0 has become one of the main target sectors of the attackers. These last few years, they improve their operating mode and hit with more sophisticated attacks. Anomaly-based Intrusions Detection Systems (IDS) use datasets to train the classification algorithms they use to detect these attacks. Their detection capacity is therefore strongly linked to the representativeness of these datasets and the attacks they address. Actually, few datasets focus on the specificities of Industry 4.0 and even less propose a realistic labeled dataset. Therefore, the main goal of this paper is to propose an industrial labeled dataset. It is characterized by several novelties consisting firstly in the fact that this data adds application features related to the industrial protocol Modbus. Then, it simulates twelve IT and OT attacks in a real environment. And finally in the labelling process, it contains 3 labels: one to characterize normal traffic, another for abnormal traffic and a specific label to distinguish the equipment reaction against an attack from the other types of data.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Alem, S., Espes, D., Martin, E., Nana, L., De Lamotte, F.: A hybrid intrusion detection system in industry 4.0 based on ISA95 standard. In: 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), pp. 1–8 (2019)

    Google Scholar 

  2. Almalawi, A., Fahad, A., Tari, Z., Alamri, A., AlGhamdi, R., Zomaya, A.Y.: An efficient data-driven clustering technique to detect attacks in SCADA systems. IEEE Trans. Inf. Forensics Secur. 11(5), 893–906 (2015)

    Article  Google Scholar 

  3. Aparicio-Navarro, F.J., Kyriakopoulos, K.G., Parish, D.J.: Automatic dataset labelling and feature selection for intrusion detection systems. In: 2014 IEEE Military Communications Conference, pp. 46–51. IEEE (2014)

    Google Scholar 

  4. Bhattacharya, S., Selvakumar, S.: SSENet-2014 dataset: a dataset for detection of multiconnection attacks. In: 2014 3rd International Conference on Eco-friendly Computing and Communication Systems, pp. 121–126. IEEE (2014)

    Google Scholar 

  5. Brown, C., Cowperthwaite, A., Hijazi, A., Somayaji, A.: Analysis of the 1999 DARPA/Lincoln laboratory IDS evaluation data with netadhict. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–7 (2009)

    Google Scholar 

  6. Cimpean, D., Meire, J., Bouckaert, V., Vande Casteele, S., Pelle, A., Hellebooge, L.: Analysis of cyber security aspects in the maritime sector (2011)

    Google Scholar 

  7. Ferrag, M.A., Maglaras, L., Moschoyiannis, S., Janicke, H.: Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J. Inf. Secur. Appl. 50, 102419 (2020)

    Google Scholar 

  8. Gao, J., et al.: Omni SCADA intrusion detection using deep learning algorithms. arXiv preprint arXiv:1908.01974 (2019)

  9. Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100–123 (2014)

    Article  Google Scholar 

  10. Gharib, A., Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: An evaluation framework for intrusion detection dataset. In: 2016 International Conference on Information Science and Security (ICISS), pp. 1–6. IEEE (2016)

    Google Scholar 

  11. Gringoli, F., Salgarelli, L., Dusi, M., Cascarano, N., Risso, F., Claffy, K.: GT: picking up the truth from the ground for internet traffic. ACM SIGCOMM Comput. Commun. Rev. 39(5), 12–18 (2009)

    Article  Google Scholar 

  12. Gurung, S., Ghose, M.K., Subedi, A.: Deep learning approach on network intrusion detection system using NSL-KDD dataset. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 11(3), 8–14 (2019)

    Google Scholar 

  13. Hettich, S., Bay, S.D.: The UCI KDD archive [http://kdd.ics.uci.edu]. University of California, Irvine, CA. Department of Information and Computer Science 152 (1999)

    Google Scholar 

  14. Hijazi, A., El Safadi, A., Flaus, J.M.: A deep learning approach for intrusion detection system in industry network. In: BDCSIntell, pp. 55–62 (2018)

    Google Scholar 

  15. Teixeira, M., Zolanvari, M., Jain, R.: WUSTL-IIOT-2018 (2020). https://doi.org/10.21227/kzgp-7t84

  16. Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 20 (2019)

    Article  Google Scholar 

  17. Lashkari, A.H., Draper-Gil, G., Mamun, M.S.I., Ghorbani, A.A.: Characterization of tor traffic using time based features. In: ICISSP, pp. 253–262 (2017)

    Google Scholar 

  18. Lemay, A., Fernandez, J.M.: Providing \(\{\)SCADA\(\}\) network data sets for intrusion detection research. In: 9th Workshop on Cyber Security Experimentation and Test (\(\{\)CSET\(\}\) 2016) (2016)

    Google Scholar 

  19. Linda, O., Vollmer, T., Manic, M.: Neural network based intrusion detection system for critical infrastructures. In: 2009 International Joint Conference on Neural Networks, pp. 1827–1834. IEEE (2009)

    Google Scholar 

  20. Maciá-Fernández, G., Camacho, J., Magán-Carrión, R., García-Teodoro, P., Therón, R.: UGR’16: a new dataset for the evaluation of cyclostationarity-based network IDSs. Comput. Secur. 73, 411–424 (2018)

    Article  Google Scholar 

  21. McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. (TISSEC) 3(4), 262–294 (2000)

    Article  Google Scholar 

  22. Mellia, M., Carpani, A., Lo Cigno, R.: TStat: TCP STatistic and analysis tool. In: Marsan, M.A., Corazza, G., Listanti, M., Roveri, A. (eds.) QoS-IP 2003. LNCS, vol. 2601, pp. 145–157. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36480-3_11

    Chapter  Google Scholar 

  23. Morris, T., Gao, W.: Industrial control system traffic data sets for intrusion detection research. In: Butts, J., Shenoi, S. (eds.) ICCIP 2014. IAICT, vol. 441, pp. 65–78. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45355-1_5

    Chapter  Google Scholar 

  24. Ostermann, S.: Tcptrace (2005)

    Google Scholar 

  25. Pereira, L., Nunes, N.J.: Semi-automatic labeling for public non-intrusive load monitoring datasets. In: 2015 Sustainable Internet and ICT for Sustainability (SustainIT), pp. 1–4. IEEE (2015)

    Google Scholar 

  26. Prusty, S., Levine, B.N., Liberatore, M.: Forensic investigation of the oneswarm anonymous filesharing system. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 201–214 (2011)

    Google Scholar 

  27. Ring, M., Wunderlich, S., Grüdl, D., Landes, D., Hotho, A.: Flow-based benchmark data sets for intrusion detection. In: Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS), pp. 361–369. ACPI (2017)

    Google Scholar 

  28. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP, pp. 108–116 (2018)

    Google Scholar 

  29. Sharafaldin, I., Gharib, A., Lashkari, A.H., Ghorbani, A.A.: Towards a reliable intrusion detection benchmark dataset. Softw. Netw. 2018(1), 177–200 (2018)

    Google Scholar 

  30. Sharma, R., Singla, R.K., Guleria, A.: A new labeled flow-based DNS dataset for anomaly detection: PUF dataset. Procedia Comput. Sci. 132, 1458–1466 (2018)

    Article  Google Scholar 

  31. Shiravi, A., Shiravi, H., Tavallaee, M., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)

    Article  Google Scholar 

  32. Frazão, I., Abreu, P., Cruz, T., Araújo, H., Simões, P.: Cyber-security modbus ICS dataset (2019). https://doi.org/10.21227/pjff-1a03. http://dx.doi.org/10.21227/pjff-1a03

  33. Song, J., Takakura, H., Okabe, Y., Eto, M., Inoue, D., Nakao, K.: Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation. In: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 29–36 (2011)

    Google Scholar 

  34. Swearingen, R.: Internet security threat report. Technical report, Symantec Security Center (2018)

    Google Scholar 

  35. Swearingen, R.: Internet security threat report. Technical report, Symantec Security Center (2017)

    Google Scholar 

  36. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)

    Google Scholar 

  37. Wheelus, C., Khoshgoftaar, T.M., Zuech, R., Najafabadi, M.M.: A session based approach for aggregating network traffic data-the SANTA dataset. In: 2014 IEEE International Conference on Bioinformatics and Bioengineering, pp. 369–378. IEEE (2014)

    Google Scholar 

  38. Williams, M.: The benefits and challenges of IT/OT convergence: rewriting the rules (2016). https://www.automation.com/en-us/articles/2016-2/the-benefits-and-challenges-of-itot-convergence-re

  39. Zuech, R., Khoshgoftaar, T.M., Seliya, N., Najafabadi, M.M., Kemp, C.: A new intrusion detection benchmarking system. In: The Twenty-Eighth International Flairs Conference (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University Bretagne Sud, Lab-STICC (Laboratoire des Sciences et Techniques de l’Information de la Communicationet de la Connaissance), Lorient, France

    Salwa Alem, Eric Martin & Florent de Lamotte

  2. University of Western Brittany, University of Brest, Lab-STICC CNRS, UMR 6285, 29200, Brest, France

    Salwa Alem, David Espes & Laurent Nana

Authors
  1. Salwa Alem
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Espes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eric Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Laurent Nana
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Florent de Lamotte
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Salwa Alem , David Espes , Eric Martin , Laurent Nana or Florent de Lamotte .

Editor information

Editors and Affiliations

  1. Telecom SudParis, Palaiseau, France

    Joaquin Garcia-Alfaro

  2. Telecom Paris, Palaiseau, France

    Jean Leneutre

  3. Polytechnique Montréal, Montréal, QC, Canada

    Nora Cuppens

  4. IRT SystemX, Palaiseau, France

    Reda Yaich

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alem, S., Espes, D., Martin, E., Nana, L., de Lamotte, F. (2021). New Dataset for Industry 4.0 to Address the Change in Threat Landscape. In: Garcia-Alfaro, J., Leneutre, J., Cuppens, N., Yaich, R. (eds) Risks and Security of Internet and Systems. CRiSIS 2020. Lecture Notes in Computer Science(), vol 12528. Springer, Cham. https://doi.org/10.1007/978-3-030-68887-5_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68887-5_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68886-8

  • Online ISBN: 978-3-030-68887-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation