Power grids worldwide are increasingly victims of cyberattacks, where attackers can cause immense damage to critical infrastructure. The growing digitalization and networking in power grids combined with insufficient protection against cyberattacks further exacerbate this trend. Hence, security engineers and researchers must counter these new risks by continuously improving security measures. Data sets of real network traffic during cyberattacks play a decisive role in analyzing and understanding such attacks. Therefore, this paper presents PowerDuck, a publicly available security data set containing network traces of GOOSE communication in a physical substation testbed. The data set includes recordings of various scenarios with and without the presence of attacks. Furthermore, all network packets originating from the attacker are clearly labeled to facilitate their identification. We thus envision PowerDuck improving and complementing existing data sets of substations, which are often generated synthetically, thus enhancing the security of power grids.
翻译:全球电网日益成为网络攻击的受害者,攻击者可以对关键基础设施造成巨大破坏。电网日益数字化和网络化,再加上对网络攻击的保护不足,使这一趋势进一步恶化。因此,安全工程师和研究人员必须通过不断改进安全措施来应对这些新的风险。网络攻击期间的实际网络交通数据集在分析和了解这种攻击方面发挥着决定性作用。因此,本文展示了PowerDuck,这是一套公开可用的安全数据集,载有全球观测系统在物理分站测试台进行通信的网络痕迹。数据集包括各种情况的记录,有攻击次数和没有攻击次数。此外,攻击者提供的所有网络包都明确贴上标签,以便于识别。因此,我们设想PowerDuck改进和补充现有的分站数据集,这些分站往往是合成生成的,从而增强电网的安全。