Using datasets from industrial control systems for cyber security research and education

Qin Lin, Sicco Verwer, Robert Kooij*, Aditya Mathur

*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

5 Citations (Scopus)
25 Downloads (Pure)

Abstract

The availability of high-quality benchmark datasets is an important prerequisite for research and education in the cyber security domain. Datasets from realistic systems offer a platform for researchers to develop and test novel models and algorithms. Such datasets also offer students opportunities for active and project-centric learning. In this paper, we describe six publicly available datasets from the domain of Industrial Control Systems (ICS). Five of these datasets are obtained through experiments conducted in the context of operational ICS while the sixth is obtained from a widely used simulation tool, namely EPANET, for large scale water distribution networks. This paper presents two studies on the use of the datasets. The first study uses the dataset from a live water treatment plant. This study leads to a novel and explainable anomaly detection method based upon Timed Automata and Bayesian Networks. The study conducted in the context of education made use of the water distribution network dataset in a graduate course on cyber data analytics. Through an assignment, students explored the effectiveness of various methods for anomaly detection. Research outcomes and the success of the course indicate an appreciation in the research community and positive learning experience in education.

Original languageEnglish
Title of host publicationCritical Information Infrastructures Security - 14th International Conference, CRITIS 2019, Revised Selected Papers
EditorsSimin Nadjm-Tehrani
PublisherSpringer
Pages122-133
Number of pages12
Volume11777
ISBN (Print)9783030376697
DOIs
Publication statusPublished - 2020
Event14th International Conference on Critical Information Infrastructures Security, CRITIS 2019 - Linköping, Sweden
Duration: 23 Sept 201925 Sept 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11777 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference14th International Conference on Critical Information Infrastructures Security, CRITIS 2019
Country/TerritorySweden
CityLinköping
Period23/09/1925/09/19

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

  • Anomaly detection
  • Cyber Data Analytics
  • Cyber security
  • Cyber-physical systems
  • Industrial Control Systems
  • Research and education

Fingerprint

Dive into the research topics of 'Using datasets from industrial control systems for cyber security research and education'. Together they form a unique fingerprint.

Cite this