CYSAS-S3: a novel dataset for validating cyber situational awareness related tools for supporting military operations

Abstract

The lack of suitable datasets and evaluation processes entails one of the most challenging gaps on the digital transformation era, where data-driven solutions like machine learning algorithms constitute a key pillar of the digitalization, virtualization and analytical on the emerging cyber-physical and ergonomic capabilities. This problem is even greater in the cyber defence domain, where for security or technical reasons, there is not data publicly or on-demand available concerning the role of the cyberspace on military operations. In this context, the expression popularized by the machine learning community "you go to the war with the data you have, not the data you might want" can be literally applied. In order to contribute to overcome this gap, this paper introduces CYSAS-S3, a novel dataset designed and created as the result of a research action that explores the principal needs on datasets by cyber commands, resulting in the generation of a collection of samples that correlated the impact of Advanced Persistent Threat (APT) behaviours and each phase of their cyber kill chain, regarding mission-level operations and goals.