Secure Water Treatment (SWaT) Dataset
Intrusion detection for Cyber Physical Systems (CPS) suffer from accurate evaluation and benchmarking comparisons. This is mainly due to the lack of datasets in this research area. Majority of the intrusion detection datasets currently available focus on network traffic which is inadequate for CPS intrusion detection. Thus, researchers resort to simulating CPS data that are often suboptimal. As cyber-attacks can cause the behaviour of the CPS to change drastically, it is necessary to generate a dataset that reflects the complexity of system through the evolution of the intrusions.
The SWaT Dataset was systematically generated from the Secure Water Treatment Testbed to address this need. The data collected from the testbed consists of 11 days of continuous operation. 7 days’ worth of data was collected under normal operation while 4 days’ worth of data was collected with attack scenarios. During the data collection, all network traffic, sensor and actuator data were collected.
The goal for this dataset is to assist various researchers in designing solutions, testing, evaluation, and comparison purposes for CPSs research.
Characteristics of dataset
- Network Traffic and Cyber Physical Properties: The dataset contains all the network traffic captured during this time. The dataset also consists of all the values obtained from all the 51 sensors and actuators available in SWaT.
- Labelled: All the data acquired during this process are labelled according to normal and abnormal behaviours
- Attack Scenarios: The attacks generated for this dataset were derived through the attack models developed by our research team. The attack model considers the intent space of a CPS as an attack model. 36 attacks were launched during the 4 days and are described in the PDF.
To request the following datasets, please contact firstname.lastname@example.org for login details, and provide your name and organisation details*.
- SWaT Normal Data (7 Days)
- SWaT with Attack Data (4 days)
- SWaT Network Traffic (11 days)
- Attack Descriptions
Technical information of SWaT can be found here.
Goh J., Adepu S., Junejo K. N., and Mathur A., “A Dataset to Support Research in the Design of Secure Water Treatment Systems,” The 11th International Conference on Critical Information Infrastructures Security.
* By requesting for and receiving the dataset, you agree to have your name, the name of your organisation and date of request published below, and to give credit to “iTrust, Centre for Research in Cyber Security, Singapore University of Technology and Design” when the dataset is used for your (published) work.
Historical dataset requests
|S/N||Name||Organisation||Date of request|
|1||Abdolmaleki Yousef||Iran University of Science and Technology||16 Nov 16|
|2||William Jardine||MWR InfoSecurity||12 Dec 16|
|3||Gérald Rocher||Nice Cote d’Azur||25 Jan 17|
|4||Robert Kooij||TNO||9 Feb 17|
|5||Yoriyuki Yamagata||National Institute of Advanced Industrial Science and Technology||10 Feb 17|
|6||Surendar||SASTRA University||15 Feb 17|
|7||Alissa R. Gibson||Coastal Carolina University||28 Feb 17|
|8||Kevin Skender||Uptake||5 Apr 17|
|9||Xiaoxue Liu||University of Toronto||5 Apr 17|
|10||Sicco Verwer||Delft University of Technology||11 Apr 17|
|11||Mohammad Mehdi Ahmadian||Amirkabir University of Technology||15 Apr 17|
|12||Hailong Liu||Beijing University of Aeronautics and Astronautics||29 Apr 17|
|13||Kasun S Perera||Singapore University of Technology and Design||2 May 17|
|14||Yanjie Fu||Missouri University of Science and Technology||3 May 17|
|15||Bo Li||Beihang University||4 May 17|
|16||Shameek Bhattacharjee||Missouri University of Science and Technology||8 May 17|
|17||Meng Guozhu||Nanyang Technological University||10 May 17|
|18||Long Cheng||Virginia Polytechnic Institute and State University||11 May 17|