Dataset & Models
Intrusion detection for Cyber Physical Systems (CPS) suffer from accurate evaluation and benchmarking comparisons. This is mainly due to the lack of datasets in this research area. Majority of the intrusion detection datasets currently available focus on network traffic which is inadequate for CPS intrusion detection. Thus, researchers resort to simulating CPS data that are often suboptimal. As cyber-attacks can cause the behaviour of the CPS to change drastically, it is necessary to generate a dataset that reflects the complexity of system through the evolution of the intrusions.
Secure Water Treatment (SWaT) Dataset
The SWaT Dataset was systematically generated from the Secure Water Treatment Testbed to address this need. The data collected from the testbed consists of 11 days of continuous operation. 7 days’ worth of data was collected under normal operation while 4 days’ worth of data was collected with attack scenarios. During the data collection, all network traffic, sensor and actuator data were collected.
The goal for this dataset is to assist various researchers in designing solutions, testing, evaluation, and comparison purposes for CPSs research.
Characteristics of dataset
- Network Traffic and Cyber Physical Properties: The dataset contains all the network traffic captured during this time. The dataset also consists of all the values obtained from all the 51 sensors and actuators available in SWaT.
- Labelled: All the data acquired during this process are labelled according to normal and abnormal behaviours
- Attack Scenarios: The attacks generated for this dataset were derived through the attack models developed by our research team. The attack model considers the intent space of a CPS as an attack model. 36 attacks were launched during the 4 days and are described in the PDF.
To request the following datasets, please contact firstname.lastname@example.org for login details, and provide your name and organisation details*.
- SWaT Normal Data (7 Days)
- SWaT with Attack Data (4 days)
- SWaT Network Traffic (11 days)
- Attack Descriptions
Technical information of SWaT can be found here.
Complete Set of Invariants based on Design Centric and Data Centric Approaches
1. Set of Rules with antecedent 1
2. Set of Rules with antecedent 2
3. Set of Rules with antecedent 3
4. Set of Rules with antecedent 4
5. Set of Rules with antecedent 5
6. Set of Rules with antecedent 6
7. Set of Rules with antecedent 7
Goh J., Adepu S., Junejo K. N., and Mathur A., “A Dataset to Support Research in the Design of Secure Water Treatment Systems,” The 11th International Conference on Critical Information Infrastructures Security.
* By requesting for and receiving the dataset, you agree to have your name, the name of your organisation and date of request published below, and to give credit to “iTrust, Centre for Research in Cyber Security, Singapore University of Technology and Design” when the dataset is used for your (published) work.