A tool set to collect data from a virtual ICS network
| Filename | Description |
|---|---|
| KBD.csv | key press and release events |
| M_CLK.csv | mouse button click and release events |
| M_MOVE.csv | mouse move events |
| M_SCR.csv | mouse wheel scroll events |
| SCADA.csv | SCADA system metrics |
| all-in-one.csv | processed dataset including user input and system metrics |
| Column | Description |
|---|---|
| src | source host of the data |
| timestamp | unix timestamp |
| cpu_percent | CPU utilization percentage (average all cores) |
| memory_percent | Memory utilization percentage (excluding SWAP) |
| is_user_operating | if the user is actively operating (filtered from user input with a sliding window) |
| is_attack | labeled value if an attack is happening |
| other attributes | see document of psutil |