The increasing number of attacks against Industrial Control Systems (ICS) have demonstrated that there is a need to secure such systems. Unfortunately, directly applying existing ICT security mechanisms is hard due to constraints of ICS, such as availability requirements or resource limitations of the field devices. Thus, the solution preferred by researchers is the use of network-based intrusion detection systems (N-IDS). An issue that many researchers encounter is how to validate and evaluate their N-IDS since it is very difficult to get access to real and large ICS for experimentation. The few public traffic datasets that could be used for off-line experiments are either synthetic, collected at small testbeds or not suited for network experimentations.

In this paper, we present a tool to generate network traces based on statistical properties that the tool extracts from empirical traces. We demonstrate its usability by applying it to an empirical trace collected at the Heating, Ventilation and Air Conditioning (HVAC) management system of a university campus and using the generated traces to evaluate several IDS published in the literature. We make the original trace available to other researchers. To our knowledge, we are the first to publish a network dataset collected at a real and operational control and automation system.

针对工业控制系统（ICS）的攻击越来越多，这表明需要保护此类系统。不幸的是，由于ICS的限制（例如可用性要求或现场设备的资源限制），直接应用现有的ICT安全机制非常困难。因此，研究人员首选的解决方案是使用基于网络的入侵检测系统（N-IDS）。许多研究人员遇到的问题是如何验证和评估其N-IDS，因为很难获得用于实际实验的大型ICS。少数可用于离线实验的公共交通数据集要么是合成的，要么在小型测试台上收集，要么不适合网络实验。

在本文中，我们介绍了一种基于统计属性从网络跟踪中提取网络跟踪的工具。我们通过将其应用于在大学校园的供暖，通风和空调（HVAC）管理系统中收集到的经验迹线并使用生成的迹线评估文献中发表的多个IDS，来证明其可用性。我们将原始痕迹提供给其他研究人员。据我们所知，我们是第一个发布在实际和运营控制与自动化系统中收集的网络数据集的公司。