attack_detection_datasets

Our repository lists a collection of datasets for detecting advanced persistent threat (APT) attacks in cyber-physical systems (CPS). Given the challenges in acquiring comprehensive datasets to this domain, our repository shows a range of data covering various areas related to CPS security.

Advanced Persistent Threat (APT) Datasets

Dataset Name	Classification	Date	Format	Reference	Description
DARPA STARC TRANSPARENT COMPUTING Engagement 3	Provenance Graph	08/2018	CDM	Github
DARPA STARC TRANSPARENT COMPUTING Engagement 5	Provenance Graph	04/2020	CDM	Github
OPERATIONALLY TRANSPARENT CYBER (OPTC)	Provenance Graph	05/2020	eCAR	Github
PWNJUTSU	System and Network Logs	06/2022	pcap & text	Dataset Paper
SCVIC-APT-2021	Network Logs	06/2022	csv	Dataset Paper
ATTACK DB OTX-XFORCE-VT	CTI	04/2019	json	Dataset Paper
A SEMI REAL DATASET OF META-ALERTS FOR APT ATTACK DETECTION	Alerts	09/2020	text	Dataset Paper
Linux-APT-Dataset-2024	Alerts	02/2024	text	Dataset
SAPPAN: Advanced Threat Data	Windows and Network Logs	10/2021	json & pcap	Dataset
Advanced Persistent Threats (APTs) campaigns database	CTI	10/2021	text	Dataset Github Paper
DAPT 2020	System and Network Logs	08/2020	text & pcap	Dataset Paper

Other Provenance Graph Datasets

Dataset Name	Classification	Date	Format	Reference	Description
ProvSec	Provenance Graph	11/2023	json	Dataset Paper
LANL Unified Host and Network Data Set	Provenance Graph	11/2018	csv & json	Dataset Paper
CERT Insider Threat Test Dataset	Provenance Graph	09/2020	csv	Dataset Paper
The ADFA Intrusion Detection Datasets (UNSW)	Provenance Graph	2013 & 2014	Linux & Windows Logs	Website

Other Network Log Datasets

Dataset Name	Classification	Date	Format	Reference	Description
Bot-IoT	Network Logs	05/2017	csv	Website
TON-IoT	Network Logs	05/2017	csv	Website
Edge-IIoTset	Network Logs	04/2022	csv	Website Paper
IOT HEALTHCARE SECURITY DATASET	Network Logs	08/2021	csv	Dataset Paper Github

Other Datasets

Dataset Name	Classification	Date	Format	Reference	Description
Cyber-Physical Dataset for MITM Attacks in Power Systems	Network Logs	05/2022	csv/json	Dataset
A hardware-in-the-loop Water Distribution Testbed (WDT) dataset for cyber-physical security testing	Network Logs and Physical Measurements	03/2023	csv	Dataset
Anomaly Detection Dataset for Industrial Control Systems	Network Logs	05/2023	csv	Dataset Paper
WUSTL-IIOT-2018	Network Logs	05/2023	csv	Dataset Website Paper
HAI (HIL-based Augmented ICS) Security Dataset	Physical Measurements	05/2023	csv	Github
Dataset from syslrn: learning what to monitor for efficient anomaly detection	Application Logs	03/2022	text	Dataset Paper

Dataset Collections

• University of New Brunswick - Canadian Institute for Cybersecurity (CIC): https://www.unb.ca/cic/datasets/index.html
• Korea University - Hacking and Countermeasure Research Lab (HCRL): https://ocslab.hksecurity.net/Datasets
• Hochschule Coburg: https://www.hs-coburg.de/forschung/forschungsprojekte-oeffentlich/informationstechnologie/cidds-coburg-intrusion-detection-data-sets.html
• Professor Tommy Morris (University of Alabama in Huntsville): https://sites.google.com/a/uah.edu/tommy-morris-uah/ics-data-sets
• iTrust Singapore University of Technology and Design: https://itrust.sutd.edu.sg/itrust-labs_datasets/dataset_info/
• loghub: https://github.com/logpai/loghub

Related Work (Github Repos)

• Awesome-Cybersecurity-Datasets: https://github.com/shramos/Awesome-Cybersecurity-Datasets
• Real-CyberSecurity-Datasets: https://github.com/gfek/Real-CyberSecurity-Datasets
• End-to-end-provenance.github.io: https://github.com/End-to-end-provenance/End-to-end-provenance.github.io
• provenance-papers: https://github.com/tfjmp/provenance-papers

Related Work (Surveys)

• Survey of intrusion detection systems: techniques, datasets and challenges (17 July 2019): https://cybersecurity.springeropen.com/articles/10.1186/s42400-019-0038-7
• An Extensive Survey on Intrusion Detection Systems: Datasets and Challenges for Modern Scenario (27 November 2021): https://ieeexplore.ieee.org/abstract/document/9664737
• A Survey of Advanced Persistent Threats Attack and Defense (11 April 2022): https://ieeexplore.ieee.org/document/9750472
• Advanced Persistent Threat Detection: A Survey (05 April 2021) https://ieeexplore.ieee.org/document/9392626
• Cyber Attack Detection Dataset: A Review (26/10/2021) https://iopscience.iop.org/article/10.1088/1742-6596/2319/1/012029
• Provenance-based Intrusion Detection Systems: A Survey (15 December 2022) https://dl.acm.org/doi/10.1145/3539605