Difference between revisions of "Fieldbus traffic simulation logs"

From OpenScience
Jump to: navigation, search
(KNX correcting files behind links)
(Publications)
 
Line 66: Line 66:
  
 
=== Publications ===
 
=== Publications ===
 +
* [https://ieeexplore.ieee.org/document/8631474 Designing and Implementing a Benchmark Collection for Attack Simulation in Field bus Systems]

Latest revision as of 15:22, 22 July 2019

Project Description

Benchmark collection for simulated fieldbus traffic.

A modular, extendable, open test case collection to simulate attacks on field bus systems. Contribution welcome!

Contact contributors

Datasets

KNX

ID File Reference_ID Author E-Mail Notes
1 https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attack_free_referencedataset_with_seconds_csv.zip

https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attack_free_referencedataset_with_seconds_json.zip

1 Simeon Wiedenmann A log of normal KNX traffic without any attacks in csv / json format

Zip compressed CSV-file 14,3 MB (uncompressed 302,5 MB) CC BY-SA 4.0 (CSV: Line Separator = LF, Enclosing Strings in = ", Field Separator = ; )

Zip compressed JSON-file 20,8 MB (uncompressed 817,7 MB) CC BY-SA 4.0

Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier.

2 https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attacks_with_seconds_csv.zip

https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attacks_with_seconds_json.zip

1 Simeon Wiedenmann A log of KNX traffic with artificially introduced attack telegrams deduced from ID = 1 following this documentation and creation script. Introduced attacks are documented at the bottom of that file and include manipulated hop_count values, new source_addresses, time shifted telegrams, replay attacks, negation attacks and the deletion of telegrams.

Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier.

3 https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/replay_telegrams.zip

https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/negation_telegrams.zip

2 and 1 Simeon Wiedenmann These zip files contain csv and json versions of tables that contain certain telegrams that have been introduced into ID = 2 (attacks_with_seconds). In case one wants to match sequence_numbers of telegrams from attacks_with_seconds with those from attack_free_referencedataset_with_seconds, the following applies:

-- For attacks of type 4: Table replay_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds. -- For attacks of type 5: Table negation_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds.

Other Systems

Do you have any traffic for CAN, Profibus, Foundation Fieldbus, LON, EIA-485, RS-485 or any other fieldbus technology to offer, please contact Simeon Wiedenmann

Licence

All test cases of this benchmark collection are licensed under the Free Culture License CC BY-SA 4.0 (see [1] for more infos). When using individual test cases the test case author as well as this benchmark collection need to be named: e.g. Test Case by <author> published via [2]

Publications