In 2023, most of the global website traffic was still generated by humans but bot traffic is constantly growing. Fraudulent traffic through bad bot actors accounted for 32 percent of global web traffic in the most recently measured period, representing an increase of 1.8 percent from the previous year. Sophistication of Bad Bots on the rise The complexity of malicious bot activity has dramatically increased in recent years. Advanced bad bots have doubled in prevalence over the past two years, indicating a surge in the sophistication of cyber threats. Simultaneously, simple bad bots saw a 6 percent increase compared to the previous year, suggesting a shift in the landscape of automated threats. Meanwhile, areas like entertainment, and law & government face the highest amount of advanced bad bots, with more than 78 percent of their bot traffic affected by evasive applications. Good and bad bots across industries The impact of bot traffic varies across different sectors. Bad bots accounted for over 57.2 percent of the gaming segment's web traffic. Meanwhile, almost half of the online traffic for telecom and ISPs was moved by malicious applications. However, not all bot traffic is considered bad. Some of these applications help index websites for search engines or monitor website performance, assisting users throughout their online search. Therefore, areas like entertainment, food and groceries, and financial services experienced notable levels of good bot traffic, demonstrating the diverse applications of benign automated systems across different sectors.

In 2023, the majority of website traffic was still generated by humans but bot traffic is constantly increasing. Fraudulent traffic through bad bot actors accounted for 57.2 percent of web traffic in the gaming industry, a stark contrast to the mere 16.5 percent of bad bot traffic in the marketing segment. On the other hand, entertainment, food and groceries, and financial services were also categories with notable percentages of good bot traffic.

In 2023, most of the worldwide website traffic is generated by humans but bot traffic is constantly increasing. Fraudulent traffic through bad bot actors also exists at various levels of sophistication. Over the last two years, the amount of advanced bad bots exploded, doubling what was registered in the previous years. However, simple bad bots have increased by over 6 percent compared to the previous year, suggesting a decrease in the number of moderate bad bots.

In 2023, the majority of website traffic was still generated by humans but bot traffic is steadily increasing. Fraudulent traffic through bad bot actors also exists at various levels of sophistication. In the education sector, most bad bots were considered simple, while in the marketing sector, the majority were considered moderate. In contrast, over 75 percent of bad bot traffic in the law and government industry was considered advanced.

The dataset on maritime transport of goods, passengers and vessels in the European main ports was created in 2014 by Eurofish and Cogea for the European Marine Observation and Data Network (EMODnet). It is available for viewing and download on EMODnet web portal (Human Activities, https://emodnet.ec.europa.eu/en/human-activities). The dataset is the result of the harmonization and aggregation on annual basis of the quarterly Eurostat Maritime transport data, provided by port in the EU Member States, Montenegro, Norway, Turkey and the UK. It is updated every year, and is available for viewing and download on EMODnet - Human Activities web portal (https://emodnet.ec.europa.eu/en/human-activities). EUROSTAT data have been related to the 'Ports 2013' EUROSTAT GISCO's points georeferenced dataset, when available, or to the ports locations coming from other sources, as UN/LOCODE, Lloyd’s List, Marine Traffic and VESSEL TRACKER. Goods traffic data are reported in thousands tonnes by type of cargo and direction. Passengers traffic data are reported in thousands passengers (excluding cruise passengers) by direction and traffic type. Vessels traffic data are reported in unit and gross tonnage (thousands) of vessels by vessel size class and vessel type. Where available, the latest update includes data from the 1997 up to the 2023.

The global predictive analytics market size reached USD 18.9 Billion in 2024. Looking forward, IMARC Group expects the market to reach USD 104.7 Billion by 2033, exhibiting a growth rate (CAGR) of 19.9% during 2025-2033.

IMARC Group provides an analysis of the key trends in each segment of the global predictive analytics market report, along with forecasts at the global, regional and country levels from 2025-2033. Our report has categorized the market based on business function, solution, service, deployment, organization size and end use industry.

General information of 8 purchased fish antibiotics.

DPSNN-STDP is a natively distributed mini-application benchmark representative of plastic spiking neural network simulators. Processes describe synapses in input to cluster of neurons with an irregular interconnection topology, with complex inter-process traffic patterns broadly varying in time and per process. This dataset is comprised of textual data set describing all the details of the inter-processor communication for five different neural network configurations. Each file contains a 3D numerical matrix describing, for each millisecond time-step of simulated neural activity (and for a total duration of 3 seconds of simulation) the size of the payload to be exchanged between all pairs of processes.

The geodatabase on maritime transport in EU main ports includes goods, passengers and vessels traffic in the EU and was created in 2014 by Eurofish and Cogea for the European Marine Observation and Data Network (EMODnet). It is the result of the aggregation and harmonization of datasets provided to EUROSTAT by ports in EU Member States and Norway. EUROSTAT data have been related to GISCO's georeferenced ports. These datasets are updated on an annual basis where the most recent update includes annual data from 2014, 2015 and 2016 (where available). Goods and Passengers data are available from 2001 while vessel is maintained from 2006 onwards. Goods traffic data are reported in thousand tonnes by type of cargo and direction. Passengers traffic data are reported in thousand passengers (excluding cruise passengers) by direction and traffic type. Vessels traffic data are reported in unit and gross tonnage (thousand) of vessels by vessel size class and vessel type. Original data is reported quarterly by EUROSTAT, but has been aggregated on an annual basis to produce this dataset.

1.Introduction

In the digital era of the Industrial Internet of Things (IIoT), the conventional Critical Infrastructures (CIs) are transformed into smart environments with multiple benefits, such as pervasive control, self-monitoring and self-healing. However, this evolution is characterised by several cyberthreats due to the necessary presence of insecure technologies. DNP3 is an industrial communication protocol which is widely adopted in the CIs of the US. In particular, DNP3 allows the remote communication between Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA). It can support various topologies, such as Master-Slave, Multi-Drop, Hierarchical and Multiple-Server. Initially, the architectural model of DNP3 consists of three layers: (a) Application Layer, (b) Transport Layer and (c) Data Link Layer. However, DNP3 can be now incorporated into the Transmission Control Protocol/Internet Protocol (TCP/IP) stack as an application-layer protocol. However, similarly to other industrial protocols (e.g., Modbus and IEC 60870-5-104), DNP3 is characterised by severe security issues since it does not include any authentication or authorisation mechanisms. More information about the DNP3 security issue is provided in [1-3]. This dataset contains labelled Transmission Control Protocol (TCP) / Internet Protocol (IP) network flow statistics (Common-Separated Values - CSV format) and DNP3 flow statistics (CSV format) related to 9 DNP3 cyberattacks. These cyberattacks are focused on DNP3 unauthorised commands and Denial of Service (DoS). The network traffic data are provided through Packet Capture (PCAP) files. Consequently, this dataset can be used to implement Artificial Intelligence (AI)-powered Intrusion Detection and Prevention (IDPS) systems that rely on Machine Learning (ML) and Deep Learning (DL) techniques.

2.Instructions

This DNP3 Intrusion Detection Dataset was implemented following the methodological frameworks of A. Gharib et al. in [4] and S. Dadkhah et al in [5], including eleven features: (a) Complete Network Configuration, (b) Complete Traffic, (c) Labelled Dataset, (d) Complete Interaction, (e) Complete Capture, (f) Available Protocols, (g) Attack Diversity, (h) Heterogeneity, (i) Feature Set and (j) Metadata.

A network topology consisting of (a) eight industrial entities, (b) one Human Machine Interfaces (HMI) and (c) three cyberattackers was used to implement this DNP3 Intrusion Detection Dataset. In particular, the following cyberattacks were implemented.

On Thursday, May 14, 2020, the DNP3 Disable Unsolicited Messages Attack was executed for 4 hours.

On Friday, May 15, 2020, the DNP3 Cold Restart Message Attack was executed for 4 hours.

On Friday, May 15, 2020, the DNP3 Warm Restart Message Attack was executed for 4 hours.

On Saturday, May 16, 2020, the DNP3 Enumerate Attack was executed for 4 hours.

On Saturday, May 16, 2020, the DNP3 Info Attack was executed for 4 hours.

On Monday, May 18, 2020, the DNP3 Initialisation Attack was executed for 4 hours.

On Monday, May 18, 2020, the Man In The Middle (MITM)-DoS Attack was executed for 4 hours.

On Monday, May 18, 2020, the DNP3 Replay Attack was executed for 4 hours.

On Tuesday, May 19, 2020, the DNP3 Stop Application Attack was executed for 4 hours.

The aforementioned DNP3 cyberattacks were executed, utilising penetration testing tools, such as Nmap and Scapy. For each attack, a relevant folder is provided, including the network traffic and the network flow statistics for each entity. In particular, for each cyberattack, a folder is given, providing (a) the pcap files for each entity, (b) the Transmission Control Protocol (TCP)/ Internet Protocol (IP) network flow statistics for 120 seconds in a CSV format and (c) the DNP3 flow statistics for each entity (using different timeout values in terms of second (such as 45, 60, 75, 90, 120 and 240 seconds)). The TCP/IP network flow statistics were produced by using the CICFlowMeter, while the DNP3 flow statistics were generated based on a Custom DNP3 Python Parser, taking full advantage of Scapy.

1. Dataset Structure

The dataset consists of the following folders:

20200514_DNP3_Disable_Unsolicited_Messages_Attack: It includes the pcap and CSV files related to the DNP3 Disable Unsolicited Message attack.

20200515_DNP3_Cold_Restart_Attack: It includes the pcap and CSV files related to the DNP3 Cold Restart attack.

20200515_DNP3_Warm_Restart_Attack: It includes the pcap and CSV files related to DNP3 Warm Restart attack.

20200516_DNP3_Enumerate: It includes the pcap and CSV files related to the DNP3 Enumerate attack.

20200516_DNP3_Ιnfo: It includes the pcap and CSV files related to the DNP3 Info attack.

20200518_DNP3_Initialize_Data_Attack: It includes the pcap and CSV files related to the DNP3 Data Initialisation attack.

20200518_DNP3_MITM_DoS: It includes the pcap and CSV files related to the DNP3 MITM-DoS attack.

20200518_DNP3_Replay_Attack: It includes the pcap and CSV files related to the DNP3 replay attack.

20200519_DNP3_Stop_Application_Attack: It includes the pcap and CSV files related to the DNP3 Stop Application attack.

Training_Testing_Balanced_CSV_Files: It includes balanced CSV files from CICFlowMeter and the Custom DNP3 Python Parser that could be utilised for training ML and DL methods. Each folder includes different sub-folder for the corresponding flow timeout values used by the DNP3 Python Custom Parser. For CICFlowMeter, only the timeout value of 120 seconds was used.

Each folder includes respective subfolders related to the entities/devices (described in the following section) participating in each attack. In particular, for each entity/device, there is a folder including (a) the DNP3 network traffic (pcap file) related to this entity/device during each attack, (b) the TCP/IP network flow statistics (CSV file) generated by CICFlowMeter for the timeout value of 120 seconds and finally (c) the DNP3 flow statistics (CSV file) from the Custom DNP3 Python Parser. Finally, it is noteworthy that the network flows from both CICFlowMeter and Custom DNP3 Python Parser in each CSV file are labelled based on the DNP3 cyberattacks executed for the generation of this dataset. The description of these attacks is provided in the following section, while the various features from CICFlowMeter and Custom DNP3 Python Parser are presented in Section 5.

4.Testbed & DNP3 Attacks

The following figure shows the testbed utilised for the generation of this dataset. It is composed of eight industrial entities that play the role of the DNP3 outstations/slaves, such as Remote Terminal Units (RTUs) and Intelligent Electron Devices (IEDs). Moreover, there is another workstation which plays the role of the Master station like a Master Terminal Unit (MTU). For the communication between, the DNP3 outstations/slaves and the master station, opendnp3 was used.

Table 1: DNP3 Attacks Description

DNP3 Attack

Description

Dataset Folder

DNP3 Disable Unsolicited Message Attack

This attack targets a DNP3 outstation/slave, establishing a connection with it, while acting as a master station. The false master then transmits a packet with the DNP3 Function Code 21, which requests to disable all the unsolicited messages on the target.

20200514_DNP3_Disable_Unsolicited_Messages_Attack

DNP3 Cold Restart Attack

The malicious entity acts as a master station and sends a DNP3 packet that includes the “Cold Restart” function code. When the target receives this message, it initiates a complete restart and sends back a reply with the time window before the restart process.

20200515_DNP3_Cold_Restart_Attack

DNP3 Warm Restart Attack

This attack is quite similar to the “Cold Restart Message”, but aims to trigger a partial restart, re-initiating a DNP3 service on the target outstation.

20200515_DNP3_Warm_Restart_Attack

DNP3 Enumerate Attack

This reconnaissance attack aims to discover which DNP3 services and functional codes are used by the target system.

20200516_DNP3_Enumerate

DNP3 Info Attack

This attack constitutes another reconnaissance attempt, aggregating various DNP3 diagnostic information related the DNP3 usage.

20200516_DNP3_Ιnfo

Data Initialisation Attack

This cyberattack is related to Function Code 15 (Initialize Data). It is an unauthorised access attack, which demands from the slave to re-initialise possible configurations to their initial values, thus changing potential values defined by legitimate masters

20200518_Initialize_Data_Attack

MITM-DoS Attack

In this cyberattack, the cyberattacker is placed between a DNP3 master and a DNP3 slave device, dropping all the messages coming from the DNP3 master or the DNP3 slave.

20200518_MITM_DoS

DNP3 Replay Attack

This cyberattack replays DNP3 packets coming from a legitimate DNP3 master or DNP3 slave.

20200518_DNP3_Replay_Attack

DNP3 Step Application Attack

This attack is related to the Function Code 18 (Stop Application) and demands from the slave to stop its function so that the slave cannot receive messages from the master.

20200519_DNP3_Stop_Application_Attack

1. Features

The TCP/IP network flow statistics generated by CICFlowMeter are summarised below. The TCP/IP network flows and their statistics generated by CICFlowMeter are labelled based on the DNP3 attacks described above, thus allowing the training of ML/DL models. Finally, it is worth mentioning that these statistics are generated when the flow timeout value is equal with 120 seconds.

Table

The global number of internet users in was forecast to continuously increase between 2024 and 2029 by in total 1.3 billion users (+23.66 percent). After the fifteenth consecutive increasing year, the number of users is estimated to reach 7 billion users and therefore a new peak in 2029. Notably, the number of internet users of was continuously increasing over the past years.Depicted is the estimated number of individuals in the country or region at hand, that use the internet. As the datasource clarifies, connection quality and usage frequency are distinct aspects, not taken into account here.The shown data are an excerpt of Statista's Key Market Indicators (KMI). The KMI are a collection of primary and secondary indicators on the macro-economic, demographic and technological environment in up to 150 countries and regions worldwide. All indicators are sourced from international and national statistical offices, trade associations and the trade press and they are processed to generate comparable data sets (see supplementary notes under details for more information).Find more key insights for the number of internet users in countries like the Americas and Asia.

When asked about "Attitudes towards the internet", most Mexican respondents pick "It is important to me to have mobile internet access in any place at any time" as an answer. 55 percent did so in our online survey in 2024. Looking to gain valuable insights about users of internet providers worldwide? Check out our

When asked about "Attitudes towards the internet", most Chinese respondents pick "It is important to me to have mobile internet access in any place at any time" as an answer. 49 percent did so in our online survey in 2024. Looking to gain valuable insights about users of internet providers worldwide? Check out our

When asked about "Attitudes towards the internet", most Japanese respondents pick "I could no longer imagine my everyday life without the internet" as an answer. 56 percent did so in our online survey in 2024. Looking to gain valuable insights about users of internet providers worldwide? Check out our

When asked about "Attitudes towards the internet", most Australian respondents pick "It is important to me to have mobile internet access in any place at any time" as an answer. 53 percent did so in our online survey in 2024. Looking to gain valuable insights about users of internet providers worldwide? Check out our

As of the third quarter of 2024, internet users spent six hours and 38 minutes online daily. This is a slight increase in comparison to the previous quarter. Overall, between the third quarter of 2015 and the third quarter of 2024, the average daily internet use has increased by 19 minutes. Most online countries Internet users between 16 and 64 years old in South Africa spent the longest time online daily, nine hours and 27 minutes, followed by Brazil and the Philippines. These figures include the time spent using the internet on any device. In Japan, internet users spent around three hours and 57 minutes online per day. Users in Denmark also spent relatively less time on the internet, reaching about five hours daily. Most common online activities According to a 2024 survey, more than six in 10 people worldwide used the internet to find information. Furthermore, the usage of communication platforms was also a common reason for going online, followed by online content consumption, such as watching videos, TV shows, or movies.

In March 2024, nih.gov was the leading health website in the United States. During the measured period, the National Institutes of Health (NIH), a part of the U.S. Department of Health and Human Services, accounted for over 4.97 percent of desktop traffic in the health subcategory. Aarp.com was ranked second with a 1.48 percent market share.

In 2023, Snapchat was used in three new criminal sex-trafficking cases in the United States. Skip the Games, a website which has been used in the last three years, was also used in 9 new criminal sex-trafficking cases in 2023.