Difference between revisions of "Fieldbus traffic simulation logs"
m (→Project Description) |
(→KNX correcting files behind links) |
||
| Line 21: | Line 21: | ||
|- | |- | ||
|1 | |1 | ||
| − | |https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/ | + | |https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attack_free_referencedataset_with_seconds_csv.zip |
| − | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/ | + | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attack_free_referencedataset_with_seconds_json.zip |
|1 | |1 | ||
|[[User:sw674|Simeon Wiedenmann]] | |[[User:sw674|Simeon Wiedenmann]] | ||
|A log of normal KNX traffic without any attacks in csv / json format | |A log of normal KNX traffic without any attacks in csv / json format | ||
| − | Zip compressed CSV-file 14, | + | Zip compressed CSV-file 14,3 MB (uncompressed 302,5 MB) CC BY-SA 4.0 |
(CSV: Line Separator = LF, Enclosing Strings in = ", Field Separator = ; ) | (CSV: Line Separator = LF, Enclosing Strings in = ", Field Separator = ; ) | ||
| − | Zip compressed JSON-file | + | Zip compressed JSON-file 20,8 MB (uncompressed 817,7 MB) CC BY-SA 4.0 |
| − | Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. | + | Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier. |
|- | |- | ||
|2 | |2 | ||
| − | |https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/ | + | |https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attacks_with_seconds_csv.zip |
| − | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/ | + | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attacks_with_seconds_json.zip |
|1 | |1 | ||
|[[User:sw674|Simeon Wiedenmann]] | |[[User:sw674|Simeon Wiedenmann]] | ||
| − | |A log of KNX traffic with artificially introduced attack telegrams | + | |A log of KNX traffic with artificially introduced attack telegrams deduced from ID = 1 following this [https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/creationprocess_of_attacks_table_script.sql documentation and creation script]. Introduced attacks are documented at the bottom of that file and include manipulated hop_count values, new source_addresses, time shifted telegrams, replay attacks, negation attacks and the deletion of telegrams. |
| − | + | Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier. | |
| − | Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. | + | |- |
| − | + | |3 | |
| + | |https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/replay_telegrams.zip | ||
| + | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/negation_telegrams.zip | ||
| + | |2 and 1 | ||
| + | |[[User:sw674|Simeon Wiedenmann]] | ||
| + | |These zip files contain csv and json versions of tables that contain certain telegrams that have been introduced into ID = 2 (attacks_with_seconds). In case one wants to match sequence_numbers of telegrams from attacks_with_seconds with those from attack_free_referencedataset_with_seconds, the following applies: | ||
| + | -- For attacks of type 4: Table replay_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds. | ||
| + | -- For attacks of type 5: Table negation_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds. | ||
| + | |- | ||
|} | |} | ||
Revision as of 15:21, 22 July 2019
Contents
Project Description
Benchmark collection for simulated fieldbus traffic.
A modular, extendable, open test case collection to simulate attacks on field bus systems. Contribution welcome!
Contact contributors
Datasets
KNX
| ID | File | Reference_ID | Author E-Mail | Notes |
|---|---|---|---|---|
| 1 | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attack_free_referencedataset_with_seconds_csv.zip | 1 | Simeon Wiedenmann | A log of normal KNX traffic without any attacks in csv / json format
Zip compressed CSV-file 14,3 MB (uncompressed 302,5 MB) CC BY-SA 4.0 (CSV: Line Separator = LF, Enclosing Strings in = ", Field Separator = ; ) Zip compressed JSON-file 20,8 MB (uncompressed 817,7 MB) CC BY-SA 4.0 Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier. |
| 2 | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/attacks_with_seconds_csv.zip | 1 | Simeon Wiedenmann | A log of KNX traffic with artificially introduced attack telegrams deduced from ID = 1 following this documentation and creation script. Introduced attacks are documented at the bottom of that file and include manipulated hop_count values, new source_addresses, time shifted telegrams, replay attacks, negation attacks and the deletion of telegrams.
Due to too low timestamp resolution in our log-mechanisms the time stamps are only accurate to the second, which is unfortunate. However the temporal order of the telegrams still can be determined by the correctly set sequence_number. For telegrams with identical timestamps, those with lower sequence_number happened earlier. |
| 3 | https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/replay_telegrams.zip
https://opsci.informatik.uni-rostock.de/repos/datasets/fieldbus-traffic/knx/negation_telegrams.zip |
2 and 1 | Simeon Wiedenmann | These zip files contain csv and json versions of tables that contain certain telegrams that have been introduced into ID = 2 (attacks_with_seconds). In case one wants to match sequence_numbers of telegrams from attacks_with_seconds with those from attack_free_referencedataset_with_seconds, the following applies:
-- For attacks of type 4: Table replay_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds. -- For attacks of type 5: Table negation_telegrams shows the same telegrams that have been introduced into attacks_with_seconds but with the original sequence_number as in attack_free_referencedataset_with_seconds. |
Other Systems
Do you have any traffic for CAN, Profibus, Foundation Fieldbus, LON, EIA-485, RS-485 or any other fieldbus technology to offer, please contact Simeon Wiedenmann
Licence
All test cases of this benchmark collection are licensed under the Free Culture License CC BY-SA 4.0 (see [1] for more infos). When using individual test cases the test case author as well as this benchmark collection need to be named: e.g. Test Case by <author> published via [2]
CC
BY
SA
