- Philips Healthcare (PSN) Normal State Network Traffic Data Set 1
- Description: Medical device network traffic collected from a Philips Healthcare Supplied Network (PSN). The data collection system consisted of a Fluke ProSim 8 patient simulator, Philips MX800 patient monitor, network equipment, Philips PIIC IX Central Station. Network traffic was collected under baseline, system initialization and alarm state conditions.
- Intrusion Detection Evaluation Dataset (CIC-IDS2017)
- Description: The CIC-IDS2017 dataset consists of labeled network flows, including full packet payloads in pcap format, the corresponding profiles and the labeled flows (GeneratedLabelledFlows.zip) and CSV files for machine and deep learning purpose (MachineLearningCSV.zip)
- The Westermo network traffic data set
- Paper: The Westermo network traffic data set
- Description: There is a growing body of knowledge on network intrusion detection, and several open data sets with network traffic and cyber-security threats have been released in the past decades. However, many data sets have aged, were not collected in a contemporary industrial communication system, or do not easily support research focusing on distributed anomaly detection. This paper presents the Westermo network traffic data set, 1.8 million network packets recorded in over 90 minutes in a network built up of twelve hardware devices. In addition to the raw data in PCAP format, the data set also contains pre-processed data in the form of network flows in CSV files. This data set can support the research community for topics such as intrusion detection, anomaly detection, misconfiguration detection, distributed or federated artificial intelligence, and attack classification. In particular, we aim to use the data set to continue work on resource-constrained distributed artificial intelligence in edge devices. The data set contains six types of events: harmless SSH, bad SSH, misconfigured IP address, duplicated IP address, port scan, and man in the middle attack.
- Publicly available PCAP files
- PCAPS (GitHub)
- Machine Learning-Based Intrusion Detection in IoT Medical Networks
- Description: The ZIP folder comprises two main components: Captures and Datasets. Within the captures folder, we have included all the captures used in this project. These captures are organized into separate folders corresponding to the type of network analysis: BLE or IP-Based. Similarly, the datasets folder follows a similar organizational approach. It contains datasets categorized by type: BLE, IP-Based Packet, and IP-Based Flows. To cater to diverse analytical needs, the datasets are provided in two formats: CSV (Comma-Separated Values) and pickle. The CSV format facilitates seamless integration with various data analysis tools, while the pickle format preserves the intricate structures and relationships within the dataset. This organization enables researchers to easily locate and utilize the specific captures and datasets they require, based on their preferred network analysis type or dataset type. The availability of different formats further enhances the flexibility and usability of the provided data.
- Attack Vectors in Healthcare Devices - A Multi-Protocol Dataset for Assessing IoMT Device Security
- Description: The main goal of this research is to propose a realistic benchmark dataset to enable the development and evaluation of Internet of Medical Things (IoMT) security solutions. To accomplish this, 18 attacks were executed against an IoMT testbed composed of 40 IoMT devices (25 real devices and 15 simulated devices), considering the plurality of protocols used in healthcare (e.g., Wi-Fi, MQTT and Bluetooth). These attacks are categorized into five classes: DDoS, DoS, Recon, MQTT, and spoofing. This effort aims to establish a baseline complementary to the state-of-the-art contributions and supports researchers in investigating and developing new solutions to make healthcare systems more secure using different mechanisms (e.g., machine learning - ML).