Skip to main content

Research Repository

Advanced Search

A dataset to train intrusion detection systems based on machine learning models for electrical substations.

Gutiérrez Mlot, Esteban Damián; Saldana, Jose; Rodríguez, Ricardo J; Kotsiuba, Igor; Gañán, Carlos

A dataset to train intrusion detection systems based on machine learning models for electrical substations. Thumbnail


Authors

Esteban Damián Gutiérrez Mlot

Jose Saldana

Ricardo J Rodríguez

Carlos Gañán



Abstract

The growing integration of Information and Communication Technology into Operational Technology environments in electrical substations exposes them to new cybersecurity threats. This paper presents a comprehensive dataset of substation traffic, aimed at improving the training and benchmarking of Intrusion Detection Systems (IDS) installed in these facilities that are based on machine learning techniques. The dataset includes raw network captures and flows from real substations, filtered and anonymized to ensure privacy. It covers the main protocols and standards used in substation environments: IEC61850, IEC104, NTP, and PTP. Additionally, the dataset includes traces obtained during several cyberattacks, which were simulated in a controlled laboratory environment, providing a rich resource for developing and testing machine learning models for cybersecurity applications in substations. A set of complementary tools for dataset creation and preprocessing are also included to standardize the methodology, ensuring consistency and reproducibility. In summary, the dataset addresses the critical need for high-quality, targeted data for tuning IDS at electrical substations and contributes to the advancement of secure and reliable power distribution networks. [Abstract copyright: © 2024 The Author(s).]

Citation

Gutiérrez Mlot, E. D., Saldana, J., Rodríguez, R. J., Kotsiuba, I., & Gañán, C. (2024). A dataset to train intrusion detection systems based on machine learning models for electrical substations. Data in Brief, 57, Article 111153. https://doi.org/10.1016/j.dib.2024.111153

Journal Article Type Data Article / Data Paper
Acceptance Date Nov 13, 2024
Online Publication Date Nov 28, 2024
Publication Date 2024-12
Deposit Date Jan 15, 2025
Publicly Available Date Jan 15, 2025
Journal Data in brief
Electronic ISSN 2352-3409
Publisher Elsevier
Peer Reviewed Peer Reviewed
Volume 57
Article Number 111153
DOI https://doi.org/10.1016/j.dib.2024.111153
Keywords IEC60870-5-104, Cybersecurity, IEC61850, Critical infrastructure, IEC104, Testbed
Public URL https://durham-repository.worktribe.com/output/3324187

Files





You might also like



Downloadable Citations