Esteban Damián Gutiérrez Mlot
A dataset to train intrusion detection systems based on machine learning models for electrical substations.
Gutiérrez Mlot, Esteban Damián; Saldana, Jose; Rodríguez, Ricardo J; Kotsiuba, Igor; Gañán, Carlos
Authors
Jose Saldana
Ricardo J Rodríguez
Dr Igor Kotsiuba igor.kotsiuba@durham.ac.uk
Assistant Professor
Carlos Gañán
Abstract
The growing integration of Information and Communication Technology into Operational Technology environments in electrical substations exposes them to new cybersecurity threats. This paper presents a comprehensive dataset of substation traffic, aimed at improving the training and benchmarking of Intrusion Detection Systems (IDS) installed in these facilities that are based on machine learning techniques. The dataset includes raw network captures and flows from real substations, filtered and anonymized to ensure privacy. It covers the main protocols and standards used in substation environments: IEC61850, IEC104, NTP, and PTP. Additionally, the dataset includes traces obtained during several cyberattacks, which were simulated in a controlled laboratory environment, providing a rich resource for developing and testing machine learning models for cybersecurity applications in substations. A set of complementary tools for dataset creation and preprocessing are also included to standardize the methodology, ensuring consistency and reproducibility. In summary, the dataset addresses the critical need for high-quality, targeted data for tuning IDS at electrical substations and contributes to the advancement of secure and reliable power distribution networks. [Abstract copyright: © 2024 The Author(s).]
Citation
Gutiérrez Mlot, E. D., Saldana, J., Rodríguez, R. J., Kotsiuba, I., & Gañán, C. (2024). A dataset to train intrusion detection systems based on machine learning models for electrical substations. Data in Brief, 57, Article 111153. https://doi.org/10.1016/j.dib.2024.111153
| Journal Article Type | Data Article / Data Paper |
|---|---|
| Acceptance Date | Nov 13, 2024 |
| Online Publication Date | Nov 28, 2024 |
| Publication Date | 2024-12 |
| Deposit Date | Jan 15, 2025 |
| Publicly Available Date | Jan 15, 2025 |
| Journal | Data in brief |
| Electronic ISSN | 2352-3409 |
| Publisher | Elsevier |
| Peer Reviewed | Peer Reviewed |
| Volume | 57 |
| Article Number | 111153 |
| DOI | https://doi.org/10.1016/j.dib.2024.111153 |
| Keywords | IEC60870-5-104, Cybersecurity, IEC61850, Critical infrastructure, IEC104, Testbed |
| Public URL | https://durham-repository.worktribe.com/output/3324187 |
Files
Published Journal Article
(1.6 Mb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc/4.0/
You might also like
Achieving Security and Privacy in NG-IoT Using Blockchain Techniques
(2024)
Book Chapter
Empirical study of new metrics for the internet route hijack risk assessment
(2023)
Presentation / Conference Contribution
Explainable AI-based Intrusion Detection in the Internet of Things
(2023)
Presentation / Conference Contribution
Cyber Security of Electric Vehicle Charging Infrastructure: Open Issues and Recommendations
(2022)
Presentation / Conference Contribution
Downloadable Citations
About Durham Research Online (DRO)
Administrator e-mail: dro.admin@durham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search