{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T19:01:04Z","timestamp":1776279664133,"version":"3.50.1"},"reference-count":59,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2025,9,15]],"date-time":"2025-09-15T00:00:00Z","timestamp":1757894400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,9,15]],"date-time":"2025-09-15T00:00:00Z","timestamp":1757894400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"FH Vorarlberg - University of Applied Sciences"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,10]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>The adoption of the Industrial Internet of Things (IIoT) as a complementary technology to Operational Technology (OT) has enabled a new level of standardised data access and process visibility. This convergence of Information Technology (IT), OT, and IIoT has also created new cybersecurity vulnerabilities and risks that must be managed. Artificial Intelligence (AI) is emerging as a powerful tool to monitor OT\/IIoT networks for malicious activity and is a highly active area of research. AI researchers are applying advanced Machine Learning (ML) and Deep Learning (DL) techniques to the detection of anomalous or malicious activity in network traffic. They typically use datasets derived from IoT\/IIoT\/OT network traffic captures to measure the performance of their proposed approaches. Therefore, there is a widespread need for datasets for algorithm testing. This work systematically reviews publicly available network traffic capture-based datasets, including categorisation of contained attack types, review of metadata, and statistical as well as complexity analysis. Each dataset is analysed to provide researchers with metadata that can be used to select the best dataset for their research question. This results in an added benefit to the community as researchers can select datasets more easily and according to specific Machine Learning goals.<\/jats:p>","DOI":"10.1007\/s10207-025-01126-9","type":"journal-article","created":{"date-parts":[[2025,9,15]],"date-time":"2025-09-15T14:36:37Z","timestamp":1757946997000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Systematic review and characterisation of malicious industrial network traffic datasets"],"prefix":"10.1007","volume":"24","author":[{"given":"Martin","family":"Dobler","sequence":"first","affiliation":[]},{"given":"Michael","family":"Hellwig","sequence":"additional","affiliation":[]},{"given":"Nuno","family":"Lopes","sequence":"additional","affiliation":[]},{"given":"Ken","family":"Oakley","sequence":"additional","affiliation":[]},{"given":"Mike","family":"Winterburn","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,9,15]]},"reference":[{"key":"1126_CR1","doi-asserted-by":"publisher","unstructured":"Agrawal, S., Sarkar, S., Aouedi, O., Yenduri, G., Piamrat, K., Alazab, M., Bhattacharya, S., Maddikunta, P.K.R., Gadekallu, T.R.: Federated learning for intrusion detection system: Concepts, challenges and future directions (2022). https:\/\/doi.org\/10.1016\/j.comcom.2022.09.012","DOI":"10.1016\/j.comcom.2022.09.012"},{"key":"1126_CR2","doi-asserted-by":"publisher","unstructured":"Ahmad, Z., Khan, A.S., Shiang, C.W., Abdullah, J., Ahmad, F.: Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies 32 (2021). https:\/\/doi.org\/10.1002\/ett.4150","DOI":"10.1002\/ett.4150"},{"key":"1126_CR3","doi-asserted-by":"publisher","unstructured":"Ahmed, H., Traore, I., Quinan, P., Ganame, K., Boudar, O.: A Collection of Datasets for Intrusion Detection in MIL-STD-1553 Platforms, 2, 81\u2013100 (2023). Springer. https:\/\/doi.org\/10.1007\/978-3-031-16237-4_4","DOI":"10.1007\/978-3-031-16237-4_4"},{"key":"1126_CR4","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2022.100615","volume":"20","author":"H Ahmetoglu","year":"2022","unstructured":"Ahmetoglu, H., Das, R.: A comprehensive review on detection of cyber-attacks: data sets, methods, challenges, and future research directions. Internet of Things 20, 100615 (2022). https:\/\/doi.org\/10.1016\/j.iot.2022.100615","journal-title":"Internet of Things"},{"key":"1126_CR5","doi-asserted-by":"publisher","unstructured":"Al-Hawawreh, M., Sitnikova, E., Aboutorab, N.: X-iiotid: A connectivity- and device-agnostic intrusion dataset for industrial internet of things. IEEE Dataport (2021). https:\/\/doi.org\/10.21227\/mpb6-py55","DOI":"10.21227\/mpb6-py55"},{"key":"1126_CR6","unstructured":"Alexander, O., Belisle, M., Steele, J.: Mitre attack\u00ae for industrial control systems: Design and philosophy (2020). https:\/\/attack.mitre.org\/docs\/ATTACK_for_ICS_Philosophy_March_2020.pdf"},{"key":"1126_CR7","doi-asserted-by":"publisher","unstructured":"Alruwaili, F.F.: Intrusion detection and prevention in industrial iot: A technological survey. 2021 International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), 1\u20135. IEEE (2021). https:\/\/doi.org\/10.1109\/ICECCME52200.2021.9590961","DOI":"10.1109\/ICECCME52200.2021.9590961"},{"key":"1126_CR8","doi-asserted-by":"publisher","first-page":"165130","DOI":"10.1109\/ACCESS.2020.3022862","volume":"8","author":"A Alsaedi","year":"2020","unstructured":"Alsaedi, A., Moustafa, N., Tari, Z., Mahmood, A., Anwar, A.: Ton_iot telemetry dataset: a new generation dataset of iot and iiot for data-driven intrusion detection systems. IEEE Access 8, 165130\u2013165150 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3022862","journal-title":"IEEE Access"},{"key":"1126_CR9","doi-asserted-by":"crossref","unstructured":"Balaj, M.A., Oakley, K., Dobler, M., Winterburn, M., Hellwig, M., Lopes, N.: Preprocessing Pipelines for OT Network Traffic Capture Data in AI Cybersecurity Applications. IEEE 31st International Conference on Engineering, Technology and Innovation. IEEE (2025)","DOI":"10.1109\/ICE\/ITMC65658.2025.11106595"},{"key":"1126_CR10","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1016\/j.ins.2020.12.006","volume":"553","author":"VH Barella","year":"2021","unstructured":"Barella, V.H., Garcia, L.P., de Souto, M.C., Lorena, A.C., de Carvalho, A.C.: Assessing the data complexity of imbalanced datasets. Inf. Sci. 553, 83\u2013109 (2021). https:\/\/doi.org\/10.1016\/j.ins.2020.12.006","journal-title":"Inf. Sci."},{"key":"1126_CR11","doi-asserted-by":"publisher","unstructured":"Beaver, J.M., Borges-Hink, R.C., Buckner, M.A.: An evaluation of machine learning methods to detect malicious scada communications. 2013 12th International Conference on Machine Learning and Applications, 54\u201359. IEEE (2013). https:\/\/doi.org\/10.1109\/ICMLA.2013.105","DOI":"10.1109\/ICMLA.2013.105"},{"key":"1126_CR12","doi-asserted-by":"publisher","unstructured":"Biswas, P.P., Tan, H.C., Zhu, Q., Li, Y., Mashima, D., Chen, B.: A synthesized dataset for cybersecurity study of iec 61850 based substation. 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm), 1\u20137. IEEE (2019). https:\/\/doi.org\/10.1109\/SmartGridComm.2019.8909783","DOI":"10.1109\/SmartGridComm.2019.8909783"},{"key":"1126_CR13","doi-asserted-by":"publisher","unstructured":"Boakye-Boateng, K., Ghorbani, A.A., Lashkari, A.H.: Securing substations with trust, risk posture, and multi-agent systems: A comprehensive approach. 2023 20th Annual International Conference on Privacy, Security and Trust (PST), 1\u201312. IEEE (2023). https:\/\/doi.org\/10.1109\/PST58708.2023.10320154","DOI":"10.1109\/PST58708.2023.10320154"},{"key":"1126_CR14","doi-asserted-by":"publisher","unstructured":"Booij, T.M., Chiscop, I., Meeuwissen, E., Moustafa, N., Hartog, F.T.: Ton_iot: The role of heterogeneity and the need for standardization of features and attack types in iot network intrusion data sets. IEEE Internet of Things Journal 9 (2022). https:\/\/doi.org\/10.1109\/JIOT.2021.3085194","DOI":"10.1109\/JIOT.2021.3085194"},{"key":"1126_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2022.100568","volume":"19","author":"A Chatterjee","year":"2022","unstructured":"Chatterjee, A., Ahmed, B.S.: Iot anomaly detection methods and applications: a survey. Internet of Things 19, 100568 (2022). https:\/\/doi.org\/10.1016\/j.iot.2022.100568","journal-title":"Internet of Things"},{"key":"1126_CR16","doi-asserted-by":"publisher","unstructured":"Chen, X.: Tennessee eastman simulation dataset. IEEE Dataport (2019). https:\/\/doi.org\/10.21227\/4519-z502","DOI":"10.21227\/4519-z502"},{"key":"1126_CR17","doi-asserted-by":"publisher","first-page":"2248","DOI":"10.1109\/COMST.2021.3094360","volume":"23","author":"M Conti","year":"2021","unstructured":"Conti, M., Donadel, D., Turrin, F.: A survey on industrial control system testbeds and datasets for security research. IEEE Communications Surveys & Tutorials 23, 2248\u20132294 (2021). https:\/\/doi.org\/10.1109\/COMST.2021.3094360","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"1126_CR18","doi-asserted-by":"publisher","unstructured":"Fernandes, R., Silva, J., \u00d3scar Ribeiro, Portela, I., Lopes, N.: The impact of identifiable features in ml classification algorithms with the hikari-2021 dataset. 2023 11th International Symposium on Digital Forensics and Security (ISDFS), 1\u20135. IEEE (2023). https:\/\/doi.org\/10.1109\/ISDFS58141.2023.10131864","DOI":"10.1109\/ISDFS58141.2023.10131864"},{"key":"1126_CR19","doi-asserted-by":"publisher","unstructured":"Ferrag, M.A., Friha, O., Hamouda, D., Maglaras, L., Janicke, H.: Edge-iiotset: A new comprehensive realistic cyber security dataset of iot and iiot applications: Centralized and federated learning. IEEE Dataport (2022). https:\/\/doi.org\/10.21227\/mbc1-1h68","DOI":"10.21227\/mbc1-1h68"},{"key":"1126_CR20","doi-asserted-by":"publisher","unstructured":"Fraz\u00e3o, I., Abreu, P.H., Cruz, T., Ara\u00fajo, H., Sim\u00f5es, P.: Denial of Service Attacks: Detecting the Frailties of Machine Learning Algorithms in the Classification Process, 11260, 230\u2013235 (2019). Springer. https:\/\/doi.org\/10.1007\/978-3-030-05849-4_19","DOI":"10.1007\/978-3-030-05849-4_19"},{"key":"1126_CR21","doi-asserted-by":"publisher","unstructured":"Garcia, L.P.F., Lorena, A.C., de\u00a0Souto, M.C.P., Ho, T.K.: Classifier recommendation using data complexity measures. 2018 24th International Conference on Pattern Recognition (ICPR), 874\u2013879 (2018). IEEE. https:\/\/doi.org\/10.1109\/ICPR.2018.8545110","DOI":"10.1109\/ICPR.2018.8545110"},{"key":"1126_CR22","doi-asserted-by":"publisher","first-page":"177460","DOI":"10.1109\/ACCESS.2019.2958284","volume":"7","author":"ALP Gomez","year":"2019","unstructured":"Gomez, A.L.P., Maimo, L.F., Celdran, A.H., Clemente, F.J.G., Sarmiento, C.C., Masa, C.J.D.C., Nistal, R.M.: On the generation of anomaly detection datasets in industrial control systems. IEEE Access 7, 177460\u2013177473 (2019). https:\/\/doi.org\/10.1109\/ACCESS.2019.2958284","journal-title":"IEEE Access"},{"key":"1126_CR23","doi-asserted-by":"publisher","unstructured":"Goyal, A., Rathore, L., Kumar, S.: A Survey on Solution of Imbalanced Data Classification Problem Using SMOTE and Extreme Learning Machine, 31\u201344 (2021). Springer. https:\/\/doi.org\/10.1007\/978-981-16-1089-9_4","DOI":"10.1007\/978-981-16-1089-9_4"},{"key":"1126_CR24","doi-asserted-by":"publisher","first-page":"3744","DOI":"10.3390\/s22103744","volume":"22","author":"E Gyamfi","year":"2022","unstructured":"Gyamfi, E., Jurcut, A.: Intrusion detection in internet of things systems: a review on design approaches leveraging multi-access edge computing, machine learning, and datasets. Sensors 22, 3744 (2022). https:\/\/doi.org\/10.3390\/s22103744","journal-title":"Sensors"},{"key":"1126_CR25","doi-asserted-by":"publisher","unstructured":"Hahn, A.: Operational Technology and Information Technology in Industrial Control Systems, 66, 51\u201368 (2016). Springer Cham. https:\/\/doi.org\/10.1007\/978-3-319-32125-7_4","DOI":"10.1007\/978-3-319-32125-7_4"},{"key":"1126_CR26","unstructured":"iTrust: Electric power and intelligent control (2021). https:\/\/itrust.sutd.edu.sg\/testbeds\/electric-power-intelligent-control-epic\/"},{"key":"1126_CR27","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1016\/j.neucom.2022.11.056","volume":"521","author":"J Komorniczak","year":"2023","unstructured":"Komorniczak, J., Ksieniewicz, P.: Problexity-an open-source python library for supervised learning problem complexity assessment. Neurocomputing 521, 126\u2013136 (2023). https:\/\/doi.org\/10.1016\/j.neucom.2022.11.056","journal-title":"Neurocomputing"},{"key":"1126_CR28","doi-asserted-by":"publisher","first-page":"8073","DOI":"10.1007\/s10489-022-03793-w","volume":"53","author":"C Lancho","year":"2023","unstructured":"Lancho, C., Diego, I.M.D., Cuesta, M., Ace\u00f1a, V., Moguerza, J.M.: Hostility measure for multi-level study of data complexity. Appl. Intell. 53, 8073\u20138096 (2023). https:\/\/doi.org\/10.1007\/s10489-022-03793-w","journal-title":"Appl. Intell."},{"key":"1126_CR29","doi-asserted-by":"publisher","unstructured":"Li, X., Yan, H.: Malicious network traffic in industrial control system. IEEE Dataport (2019). https:\/\/doi.org\/10.21227\/xwht-8v87","DOI":"10.21227\/xwht-8v87"},{"key":"1126_CR30","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3347711","volume":"52","author":"AC Lorena","year":"2020","unstructured":"Lorena, A.C., Garcia, L.P.F., Lehmann, J., Souto, M.C.P., Ho, T.K.: How complex is your classification problem? ACM Comput. Surv. 52, 1\u201334 (2020). https:\/\/doi.org\/10.1145\/3347711","journal-title":"ACM Comput. Surv."},{"key":"1126_CR31","unstructured":"Martin, L.: The cyber kill chain (2011). https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html"},{"key":"1126_CR32","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.ijcip.2011.06.005","volume":"4","author":"T Morris","year":"2011","unstructured":"Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. 4, 88\u2013103 (2011). https:\/\/doi.org\/10.1016\/j.ijcip.2011.06.005","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"1126_CR33","unstructured":"Morris, T., Thornton, Z., Turnipseed, I.: Industrial control system simulation and data logging for intrusion detection system research. 7th Annual South-eastern Cyber Security Summit (2015). http:\/\/www.ece.uah.edu\/~thm0009\/icsdatasets\/cyberhuntsvillepaper_v4.pdf"},{"key":"1126_CR34","doi-asserted-by":"publisher","unstructured":"Mubarak, S., Habaebi, M.H.: Real-time ics scada system cyber kit testbed with industrial hacking scenarios. Mendeley Data (2021). https:\/\/doi.org\/10.17632\/k76xhm22yj.1","DOI":"10.17632\/k76xhm22yj.1"},{"key":"1126_CR35","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1016\/j.cose.2018.06.002","volume":"78","author":"D Myers","year":"2018","unstructured":"Myers, D., Suriadi, S., Radke, K., Foo, E.: Anomaly detection for industrial control systems using process mining. Computers & Security 78, 103\u2013125 (2018). https:\/\/doi.org\/10.1016\/j.cose.2018.06.002","journal-title":"Computers & Security"},{"key":"1126_CR36","doi-asserted-by":"publisher","unstructured":"Nisha, T.N., Pramod, D.: Insider intrusion detection techniques: A state-of-the-art review. Journal of Computer Information Systems 1\u201318 (2023). https:\/\/doi.org\/10.1080\/08874417.2023.2175337","DOI":"10.1080\/08874417.2023.2175337"},{"key":"1126_CR37","doi-asserted-by":"publisher","unstructured":"NIST: Risk management framework for information systems and organizations (2018). https:\/\/doi.org\/10.6028\/NIST.SP.800-37r2","DOI":"10.6028\/NIST.SP.800-37r2"},{"key":"1126_CR38","unstructured":"NIST: Integrating cybersecurity with industry 4.0 - what it means for manufacturing (2023). https:\/\/www.nist.gov\/mep\/manufacturing-infographics\/integrating-cybersecurity-industry-40-what-it-means-manufacturing"},{"key":"1126_CR39","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1016\/j.compbiomed.2010.12.006","volume":"41","author":"S Oh","year":"2011","unstructured":"Oh, S.: A new dataset evaluation method based on category overlap. Comput. Biol. Med. 41, 115\u2013122 (2011). https:\/\/doi.org\/10.1016\/j.compbiomed.2010.12.006","journal-title":"Comput. Biol. Med."},{"key":"1126_CR40","doi-asserted-by":"publisher","first-page":"3104","DOI":"10.1109\/TSG.2015.2409775","volume":"6","author":"S Pan","year":"2015","unstructured":"Pan, S., Morris, T., Adhikari, U.: Developing a hybrid intrusion detection system using data mining for power systems. IEEE Transactions on Smart Grid 6, 3104\u20133113 (2015). https:\/\/doi.org\/10.1109\/TSG.2015.2409775","journal-title":"IEEE Transactions on Smart Grid"},{"key":"1126_CR41","unstructured":"Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Prettenhofer, P., Weiss, R., Dubourg, V., Vanderplas, J., Passos, A., Cournapeau, D., Brucher, M., Perrot, M.: \u00c9douard Duchesnay: Scikit-learn: Machine learning in python. J. Mach. Learn. Res. 12, 2825\u20132830 (2011) http:\/\/jmlr.org\/papers\/v12\/pedregosa11a.html"},{"key":"1126_CR42","unstructured":"Radoglou-Grammatikis, P., Kelli, V., Lagkas, T., Argyriou, V., Sarigiannidis, P.: Dnp3 intrusion detection dataset. IEEE Dataport. https:\/\/dx.doi.org\/10.21227\/s7h0-b081 (2022)"},{"key":"1126_CR43","doi-asserted-by":"publisher","unstructured":"Radoglou-Grammatikis, P., Rompolos, K., Lagkas, T., Argyriou, V., Sarigiannidis, P.: Iec 60870-5-104 intrusion detection dataset. IEEE Dataport (2022). https:\/\/doi.org\/10.21227\/fj7s-f281","DOI":"10.21227\/fj7s-f281"},{"key":"1126_CR44","doi-asserted-by":"publisher","DOI":"10.5204\/thesis.eprints.121760","author":"NR Rodofile","year":"2018","unstructured":"Rodofile, N.R.: Generating attacks and labelling attack datasets for industrial control intrusion detection systems (2018). https:\/\/doi.org\/10.5204\/thesis.eprints.121760","journal-title":"Generating attacks and labelling attack datasets for industrial control intrusion detection systems"},{"key":"1126_CR45","doi-asserted-by":"publisher","unstructured":"Rodofile, N.R., Schmidt, T., Sherry, S.T., Djamaludin, C., Radke, K., Foo, E.: Process Control Cyber-Attacks and Labelled Datasets on S7Comm Critical Infrastructure, 10343, 452\u2013459(2017). Springer . https:\/\/doi.org\/10.1007\/978-3-319-59870-3_30","DOI":"10.1007\/978-3-319-59870-3_30"},{"key":"1126_CR46","unstructured":"SANS: The differences between ics\/ot and it security (2022). https:\/\/www.sans.org\/posters\/the-differences-between-ics-ot-and-it-security\/"},{"key":"1126_CR47","doi-asserted-by":"publisher","first-page":"228","DOI":"10.1016\/j.inffus.2022.08.017","volume":"89","author":"MS Santos","year":"2023","unstructured":"Santos, M.S., Abreu, P.H., Japkowicz, N., Fern\u00e1ndez, A., Santos, J.: A unifying view of class overlap and imbalance: key concepts, multi-view panorama, and open avenues for research. Information Fusion 89, 228\u2013253 (2023). https:\/\/doi.org\/10.1016\/j.inffus.2022.08.017","journal-title":"Information Fusion"},{"key":"1126_CR48","doi-asserted-by":"publisher","unstructured":"Shi, L.: A industry 4.0 production line system and its digital twin under cyber attack. IEEE Dataport (2023). https:\/\/doi.org\/10.21227\/8fn7-gz90","DOI":"10.21227\/8fn7-gz90"},{"key":"1126_CR49","doi-asserted-by":"publisher","unstructured":"Shin, H.K., Lee, W., Yun, J.H., Min, B.G.: Two ics security datasets and anomaly detection contest on the hil-based augmented ics testbed. Cyber Security Experimentation and Test Workshop, 36\u201340. ACM (2021). https:\/\/doi.org\/10.1145\/3474718.3474719","DOI":"10.1145\/3474718.3474719"},{"key":"1126_CR50","doi-asserted-by":"publisher","unstructured":"Stouffer, K., Pease, M., Tang, C., Zimmerman, T., Pillitteri, V., Lightman, S., Hahn, A., Saravia, S., Sherule, A., Thompson, M.: Guide to operational technology (ot) security (2023). https:\/\/doi.org\/10.6028\/NIST.SP.800-82r3","DOI":"10.6028\/NIST.SP.800-82r3"},{"key":"1126_CR51","unstructured":"Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: Mitre attack\u00ae: Design and philosophy (2020). https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf"},{"key":"1126_CR52","doi-asserted-by":"publisher","unstructured":"Taormina, R., Galelli, S., Tippenhauer, N.O., Salomons, E., Ostfeld, A., Eliades, D.G., Aghashahi, M., Sundararajan, R., Pourahmadi, M., Banks, M.K., Brentan, B.M., Campbell, E., Lima, G., Manzi, D., Ayala-Cabrera, D., Herrera, M., Montalvo, I., Izquierdo, J., Luvizotto, E., Chandy, S.E., Rasekh, A., Barker, Z.A., Campbell, B., Shafiee, M.E., Giacomoni, M., Gatsis, N., Taha, A., Abokifa, A.A., Haddad, K., Lo, C.S., Biswas, P., Pasha, M.F.K., Kc, B., Somasundaram, S.L., Housh, M., Ohar, Z.: Battle of the attack detection algorithms: Disclosing cyber attacks on water distribution networks. Journal of Water Resources Planning and Management 144 (2018). https:\/\/doi.org\/10.1061\/(ASCE)WR.1943-5452.0000969","DOI":"10.1061\/(ASCE)WR.1943-5452.0000969"},{"key":"1126_CR53","doi-asserted-by":"publisher","unstructured":"Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, 1\u20136. IEEE (2009). https:\/\/doi.org\/10.1109\/CISDA.2009.5356528","DOI":"10.1109\/CISDA.2009.5356528"},{"key":"1126_CR54","doi-asserted-by":"publisher","first-page":"76","DOI":"10.3390\/fi10080076","volume":"10","author":"M Teixeira","year":"2018","unstructured":"Teixeira, M., Salman, T., Zolanvari, M., Jain, R., Meskin, N., Samaka, M.: Scada system testbed for cybersecurity research using machine learning approach. Future Internet 10, 76 (2018). https:\/\/doi.org\/10.3390\/fi10080076","journal-title":"Future Internet"},{"key":"1126_CR55","unstructured":"Toth, P.: Cybersecurity and industry 4.0 \u2013 what you need to know (2022)"},{"key":"1126_CR56","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1109\/JIOT.2021.3079916","volume":"9","author":"C Xenofontos","year":"2022","unstructured":"Xenofontos, C., Zografopoulos, I., Konstantinou, C., Jolfaei, A., Khan, M.K., Choo, K.K.R.: Consumer, commercial, and industrial iot (in)security: attack taxonomy and case studies. IEEE Internet Things J. 9, 199\u2013221 (2022). https:\/\/doi.org\/10.1109\/JIOT.2021.3079916","journal-title":"IEEE Internet Things J."},{"key":"1126_CR57","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2022.103580","volume":"212","author":"T Yi","year":"2023","unstructured":"Yi, T., Chen, X., Zhu, Y., Ge, W., Han, Z.: Review on the application of deep learning in network attack detection. J. Netw. Comput. Appl. 212, 103580 (2023). https:\/\/doi.org\/10.1016\/j.jnca.2022.103580","journal-title":"J. Netw. Comput. Appl."},{"key":"1126_CR58","doi-asserted-by":"publisher","unstructured":"Yoo, H., Ahmed, I.: Control Logic Injection Attacks on Industrial Control Systems, 562, 33\u201348. Springer (2019). https:\/\/doi.org\/10.1007\/978-3-030-22312-0_3","DOI":"10.1007\/978-3-030-22312-0_3"},{"key":"1126_CR59","unstructured":"Zolanvari, M., Teixeira, M.A., Gupta, L., Khan, K.M., Jain, R.: Wustl-iiot-2021 dataset for iiot cybersecurity research (2021). http:\/\/www.cse.wustl.edu\/~jain\/iiot2\/index.html"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01126-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01126-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01126-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T11:38:08Z","timestamp":1760614688000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01126-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,15]]},"references-count":59,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2025,10]]}},"alternative-id":["1126"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01126-9","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,15]]},"assertion":[{"value":"23 January 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 September 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 September 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"208"}}