In September 2020, Target.com had ***** million visits, down from ***** million visits in April 2020. Online shopping, especially digital grocery purchases have surged in the United States due to the coronavirus pandemic, leading to an increased traffic on retailer's sites.

Unlock the Potential of Your Web Traffic with Advanced Data Resolution

In the digital age, understanding and leveraging web traffic data is crucial for businesses aiming to thrive online. Our pioneering solution transforms anonymous website visits into valuable B2B and B2C contact data, offering unprecedented insights into your digital audience. By integrating our unique tag into your website, you unlock the capability to convert 25-50% of your anonymous traffic into actionable contact rows, directly deposited into an S3 bucket for your convenience. This process, known as "Web Traffic Data Resolution," is at the forefront of digital marketing and sales strategies, providing a competitive edge in understanding and engaging with your online visitors.

Comprehensive Web Traffic Data Resolution Our product stands out by offering a robust solution for "Web Traffic Data Resolution," a process that demystifies the identities behind your website traffic. By deploying a simple tag on your site, our technology goes to work, analyzing visitor behavior and leveraging proprietary data matching techniques to reveal the individuals and businesses behind the clicks. This innovative approach not only enhances your data collection but does so with respect for privacy and compliance standards, ensuring that your business gains insights ethically and responsibly.

Deep Dive into Web Traffic Data At the core of our solution is the sophisticated analysis of "Web Traffic Data." Our system meticulously collects and processes every interaction on your site, from page views to time spent on each section. This data, once anonymous and perhaps seen as abstract numbers, is transformed into a detailed ledger of potential leads and customer insights. By understanding who visits your site, their interests, and their contact information, your business is equipped to tailor marketing efforts, personalize customer experiences, and streamline sales processes like never before.

Benefits of Our Web Traffic Data Resolution Service Enhanced Lead Generation: By converting anonymous visitors into identifiable contact data, our service significantly expands your pool of potential leads. This direct enhancement of your lead generation efforts can dramatically increase conversion rates and ROI on marketing campaigns.

Targeted Marketing Campaigns: Armed with detailed B2B and B2C contact data, your marketing team can create highly targeted and personalized campaigns. This precision in marketing not only improves engagement rates but also ensures that your messaging resonates with the intended audience.

Improved Customer Insights: Gaining a deeper understanding of your web traffic enables your business to refine customer personas and tailor offerings to meet market demands. These insights are invaluable for product development, customer service improvement, and strategic planning.

Competitive Advantage: In a digital landscape where understanding your audience can make or break your business, our Web Traffic Data Resolution service provides a significant competitive edge. By accessing detailed contact data that others in your industry may overlook, you position your business as a leader in customer engagement and data-driven strategies.

Seamless Integration and Accessibility: Our solution is designed for ease of use, requiring only the placement of a tag on your website to start gathering data. The contact rows generated are easily accessible in an S3 bucket, ensuring that you can integrate this data with your existing CRM systems and marketing tools without hassle.

How It Works: A Closer Look at the Process Our Web Traffic Data Resolution process is streamlined and user-friendly, designed to integrate seamlessly with your existing website infrastructure:

Tag Deployment: Implement our unique tag on your website with simple instructions. This tag is lightweight and does not impact your site's loading speed or user experience.

Data Collection and Analysis: As visitors navigate your site, our system collects web traffic data in real-time, analyzing behavior patterns, engagement metrics, and more.

Resolution and Transformation: Using advanced data matching algorithms, we resolve the collected web traffic data into identifiable B2B and B2C contact information.

Data Delivery: The resolved contact data is then securely transferred to an S3 bucket, where it is organized and ready for your access. This process occurs daily, ensuring you have the most up-to-date information at your fingertips.

Integration and Action: With the resolved data now in your possession, your business can take immediate action. From refining marketing strategies to enhancing customer experiences, the possibilities are endless.

Security and Privacy: Our Commitment Understanding the sensitivity of web traffic data and contact information, our solution is built with security and privacy at its core. We adhere to strict data protection regulat...

In December 2023, Pinterest was the top social media traffic referrer to target.com, responsible for 20 percent of referrals to Target's website. In second place was Reddit, with approximately 21 percent, followed closely by YouTube with about 19 percent.

Analysis of ‘Popular Website Traffic Over Time ’ provided by Analyst-2 (analyst-2.ai), based on source dataset retrieved from https://www.kaggle.com/yamqwe/popular-website-traffice on 13 February 2022.

--- Dataset description provided by original source is as follows ---

About this dataset

Background

Have you every been in a conversation and the question comes up, who uses Bing? This question comes up occasionally because people wonder if these sites have any views. For this research study, we are going to be exploring popular website traffic for many popular websites.

Methodology

The data collected originates from SimilarWeb.com.

Source

For the analysis and study, go to The Concept Center

This dataset was created by Chase Willden and contains around 0 samples along with 1/1/2017, Social Media, technical information and other features such as: - 12/1/2016 - 3/1/2017 - and more.

How to use this dataset

• Analyze 11/1/2016 in relation to 2/1/2017
• Study the influence of 4/1/2017 on 1/1/2017
• More datasets

Acknowledgements

If you use this dataset in your research, please credit Chase Willden

Start A New Notebook!

--- Original source retains full ownership of the source dataset ---

The cycling concept comprehensively documents the status of the cycling infrastructure in Potsdam based on a detailed inventory and analysis and presents the necessary measures for improving the infrastructure against the background of a coordinated target network for cycling. The data describe the target network of the cycling concept of the state capital Potsdam with attributes such as Section number, street name, planned measures and priority. Further information on the respective route can be found in the cycling concept on the website.

Network Traffic Analysis Solutions Market Outlook

The global network traffic analysis solutions market size was estimated at USD 3.5 billion in 2023 and is projected to reach USD 9.8 billion by 2032, reflecting a compound annual growth rate (CAGR) of 12.1%. This substantial growth is largely driven by the increasing demand for robust cybersecurity measures across various sectors. With an ever-growing volume of network traffic due to the proliferation of connected devices and the adoption of digital transformation initiatives, organizations are compelled to deploy sophisticated traffic analysis tools to effectively monitor, manage, and secure their networks. The expansion of cloud services, coupled with the rise in cyber threats, further accentuates the need for advanced traffic analysis capabilities.

The surge in cyber threats, including sophisticated hacking techniques and ransomware attacks, has become a pivotal growth factor for the network traffic analysis solutions market. As organizations strive to protect sensitive data and ensure the integrity of their networks, there is a heightened demand for solutions that can provide real-time visibility and control over network traffic. This growing emphasis on cybersecurity is not limited to large enterprises but is increasingly becoming a priority for small and medium enterprises (SMEs) as well. Consequently, the increasing cyber threat landscape is stimulating the adoption of network traffic analysis solutions across different organizational sizes, driving market growth.

Moreover, the rise of Internet of Things (IoT) devices is significantly contributing to the increased need for network traffic analysis. IoT devices generate vast amounts of data that need to be managed effectively to prevent network congestion and potential security breaches. By leveraging traffic analysis solutions, organizations can optimize IoT device performance and ensure seamless data flow while maintaining robust security protocols. As the IoT ecosystem continues to expand, it is expected to further fuel the demand for network traffic analysis solutions, facilitating better management and security of network resources.

In addition to cybersecurity concerns and IoT proliferation, regulatory compliance is another critical growth driver for the network traffic analysis solutions market. Organizations across various industries, such as BFSI, healthcare, and government sectors, are under increasing pressure to comply with stringent data protection regulations. Network traffic analysis solutions help these organizations monitor compliance effectively by providing detailed insights into network activity and data flows. As regulations continue to evolve and become more complex, the role of network traffic analysis solutions in ensuring compliance and mitigating risks is expected to become increasingly important, further bolstering market growth.

Network Telemetry Solutions are becoming increasingly essential in the realm of network traffic analysis. These solutions provide real-time data collection and analysis, enabling organizations to gain deeper insights into their network operations. By leveraging network telemetry, businesses can proactively identify and address potential issues before they escalate into significant problems. This capability is particularly valuable in today's fast-paced digital environment, where network performance and security are critical to maintaining operational efficiency. As the demand for more granular visibility into network activities grows, network telemetry solutions are poised to play a pivotal role in enhancing the capabilities of traffic analysis tools, offering a more comprehensive approach to network management and security.

From a regional perspective, North America is anticipated to maintain a dominant position in the network traffic analysis solutions market. This can be attributed to the presence of major technology companies, a high adoption rate of advanced technologies, and stringent cybersecurity regulations. The region's established digital infrastructure and focus on innovation also contribute to market growth. Meanwhile, the Asia Pacific region is projected to witness the highest growth rate due to rapid digitalization, increasing internet penetration, and growing investments in IT infrastructure. As businesses in this region continue to adopt digital technologies and face rising cyber threats, the demand for network traffic analysis solutions is expected to surge significantly.

Component Analysis</h2

We provide detailed web activity data from users browsing popular websites worldwide. This comprehensive data allows for in-depth analysis of web behavior, enabling the creation of precise audience segments based on web activity. These segments can be used to target ads effectively, focusing on users' interests and their search or browsing intent.

Web Data Reach

Our web data reach includes extensive counts across various categories, covering attributes such as country, anonymous ID, IP addresses, search queries, and more.

• Record Count: 200 Million
• Capturing Frequency: Once per Event
• Delivering Frequency: Once per Day
• Updated: Monthly
• Historic Data: Past 6 Months

Data Export Methodology

We dynamically collect and update data, providing the latest insights through the most appropriate method at intervals that best suit your needs, whether daily, weekly, or monthly.

Use Cases

Our web activity data is instrumental for personalized targeting, data enrichment, market intelligence, and enhancing fraud and cybersecurity measures, helping businesses optimize their strategies and security efforts.

This dataset contains various network data to examine the impact of a DDoS (Distributed Denial of Service) attack on network traffic. The data consists of 1,048,444 rows, including communication information from different network layers, source and destination IP addresses, port numbers, packet lengths, the number of packets sent, and time intervals.

Columns ;

Highest Layer: Represents the highest layer of communication in the network. This includes upper-level protocols like the Application Layer (HTTP, FTP, etc.).

Transport Layer: Represents the protocol used in the transport layer (TCP, UDP, etc.). This layer is responsible for the transmission and routing of data packets.

Source IP: Indicates the IP address from which the DDoS attack originates. This is the internet address of the device that starts the attack.

Dest IP: Indicates the IP address that is the target of the DDoS attack. This is the IP address of the target server.

Source Port: Represents the port number used by the device at the source of the attack.

Dest Port: Represents the port number of the target device that is being attacked.

Packet Length: Represents the length of each data packet sent. This shows how large the packets are.

Packets/Time: Represents the number of packets sent in a specific time interval. This shows the intensity and speed of the attack.

Target: This column indicates whether each row is associated with a DDoS attack or not. Typically, it is marked as 0 (normal traffic) or 1 (DDoS attack).

Analysis of ‘Traffic Count Segments’ provided by Analyst-2 (analyst-2.ai), based on source dataset retrieved from https://catalog.data.gov/dataset/d81619ba-78d6-4252-a540-b647adaf367a on 11 February 2022.

--- Dataset description provided by original source is as follows ---

This dataset consists of 24-hour traffic volumes which are collected by the City of Tempe high (arterial) and low (collector) volume streets. Data located in the tabular section shares with its users total volume of vehicles passing through the intersection selected along with the direction of flow.

Historical data from this feature layer extends from 2016 to present day.

Contact: Sue Taaffe

Contact E-Mail: sue_taaffe@tempe.gov

Contact Phone: 480-350-8663

Link to embedded web map:http://www.tempe.gov/city-hall/public-works/transportation/traffic-counts

Link to site containing historical traffic counts by node: https://gis.tempe.gov/trafficcounts/Folders/

Data Source: SQL Server/ArcGIS Server

Data Source Type: Geospatial

Preparation Method: N/A

Publish Frequency: As information changes

Publish Method: Automatic

Data Dictionary

--- Original source retains full ownership of the source dataset ---

Network Traffic Analysis Tool Market Outlook

The global network traffic analysis tool market size was valued at approximately USD 1.8 billion in 2023 and is projected to reach around USD 4.5 billion by 2032, growing at a compound annual growth rate (CAGR) of 10.5% during the forecast period. The market is primarily driven by the increasing need for robust network security and the growing volume of data traffic across various industries. Additionally, the rising number of cyber-attacks and the adoption of advanced technologies such as IoT and cloud computing further propel market growth.

One of the key growth factors for the network traffic analysis tool market is the escalating concern over data breaches and cyber threats. With the digital transformation of businesses, sensitive data is increasingly being stored and transmitted over networks, making them prime targets for cybercriminals. Network traffic analysis tools help in monitoring, detecting, and mitigating potential threats, thereby safeguarding critical data and ensuring business continuity. This increased awareness around cybersecurity is expected to fuel the demand for advanced network traffic analysis solutions.

Another significant growth driver is the adoption of cloud-based services and the proliferation of Internet of Things (IoT) devices. As more organizations migrate to cloud environments and integrate IoT devices into their operations, the complexity and volume of network traffic grow exponentially. Network traffic analysis tools are essential for managing and securing these dynamic and complex network environments. They provide visibility into network performance, help in optimizing resource utilization, and ensure compliance with regulatory standards, which is crucial for maintaining operational efficiency and security.

Furthermore, the rapid advancements in machine learning and artificial intelligence are enhancing the capabilities of network traffic analysis tools. These technologies enable real-time analytics, predictive insights, and automated responses to detected threats, making network management more efficient and effective. The integration of AI and ML into network traffic analysis tools not only improves threat detection accuracy but also reduces response times, thereby minimizing potential damage from cyber incidents. This technological evolution is expected to create new growth opportunities in the market.

In the context of network security, the role of a Deep Packet Inspection Tool is becoming increasingly significant. These tools are essential for analyzing network traffic at a granular level, allowing organizations to identify and mitigate potential threats more effectively. By examining the data packets that traverse a network, a Deep Packet Inspection Tool can detect anomalies, unauthorized access attempts, and malicious activities that traditional security measures might overlook. This capability is particularly crucial as cyber threats become more sophisticated and targeted, necessitating advanced solutions to protect sensitive data and maintain network integrity.

On the regional front, North America currently holds the largest market share due to the high adoption rate of advanced technologies and the presence of major market players. The region's stringent regulatory landscape also necessitates robust network security measures, further driving the demand for network traffic analysis tools. Meanwhile, the Asia Pacific region is anticipated to witness the highest growth rate during the forecast period. This growth can be attributed to the rapid digitization, increasing IT infrastructure investments, and the growing focus on cybersecurity across emerging economies like China and India.

Component Analysis

The network traffic analysis tool market is segmented by component into software, hardware, and services. The software segment dominates the market owing to its critical role in providing detailed insights and analytics on network traffic. Network traffic analysis software leverages advanced algorithms and machine learning models to analyze vast amounts of data in real-time, identifying patterns, anomalies, and potential threats. This segment is expected to grow significantly as organizations increasingly prioritize cybersecurity and demand more sophisticated solutions to protect their networks.

The hardware segment, while not as dominant as software, still plays a crucial role in the network traffic analys

All Data is stored at https://github.com/lyzzzzyy/CSW-YOLO.git. (ZIP)

This dataset contains estimates of the average number of vehicles that used roads throughout the City of Detroit. Each record indicates the Annual Average Daily Traffic (AADT) and Commercial Annual Average Daily Traffic (CAADT) for a road segment, where the road segment is located, and other characteristics. This data is derived from Michigan Department of Transportation's (MDOT) Open Data Portal. SEMCOG was the source for speed limits and number of lanes.

The primary measure, Annual Average Daily Traffic (AADT), is the estimated mean daily traffic volume for all types of vehicles. Commercial Annual Average Daily Traffic (CAADT) is the estimated mean daily traffic volume for commercial vehicles, a subset of vehicles included in the AADT. The Route ID is an identifier for each road in Detroit (e.g., Woodward Ave). Routes are divided into segments by features such as cross streets, and Location ID's are used to uniquely identify those segments. Along with traffic volume, each record also states the number of lanes, the posted speed limit, and the type of road (e.g., Trunkline or Ramp) based on the Federal Highway Administration (FHWA) functional classification system.

According to MDOT's Traffic Monitoring Program a commercial vehicle would be anything Class 4 and up in the FHWA vehicle classification system. This includes vehicles such as buses, semi-trucks, and personal recreational vehicles (i.e., RVs or campers). Methods used to determine traffic volume vary by site, and may rely on continuous monitoring or estimates based on short-term studies. Approaches to vehicle classification similarly vary, depending on the equipment used at a site, and may consider factors such as vehicle weight and length between axles.

For more information, please visit MDOT Traffic Monitoring Program.

Network Traffic Analyzer Market Outlook

In 2023, the global network traffic analyzer market size was valued at approximately USD 2.5 billion and is anticipated to grow to USD 6.7 billion by 2032, with a CAGR of 11.5% during the forecast period. The significant growth factor driving this market is the increasing demand for sophisticated network management tools to manage the exponential growth in data traffic. As enterprises continue to digitize their operations, the necessity for advanced network traffic analysis solutions escalates, ensuring network reliability, security, and performance.

The growth of the network traffic analyzer market is propelled by several key factors. Firstly, the rapid expansion of internet usage and the proliferation of connected devices generate vast amounts of data traffic, necessitating robust tools to monitor and analyze this traffic effectively. With the surge in cyber threats and network security breaches, organizations are increasingly adopting network traffic analyzers to detect, respond to, and mitigate potential security risks. The ability of these tools to provide real-time visibility into network operations and detect anomalies is critical in safeguarding enterprise networks.

Secondly, the advent of advanced technologies such as Internet of Things (IoT), cloud computing, and 5G networks has significantly boosted the demand for network traffic analyzers. These technologies generate enormous amounts of network traffic, which need to be monitored and managed efficiently to ensure optimal performance and security. Network traffic analyzers play a vital role in managing this complexity, offering insights that help in optimizing network resources and improving overall operational efficiency.

Another major growth factor is the increasing adoption of network traffic analyzer solutions by small and medium enterprises (SMEs). Traditionally, these solutions were predominantly used by large enterprises due to their high cost and complexity. However, recent advancements have made these tools more accessible and affordable for SMEs, enabling them to harness the benefits of network traffic analysis. This democratization of technology is expected to further drive market growth in the coming years.

From a regional perspective, North America currently holds the largest share of the network traffic analyzer market, driven by strong technological infrastructure and the presence of major market players. However, the Asia Pacific region is expected to witness the highest growth rate during the forecast period. The rapid digital transformation in countries like China and India, coupled with increasing investments in network infrastructure and cybersecurity, is propelling the market forward in this region. Europe and Latin America are also expected to see steady growth, driven by regulatory mandates and the increasing need for network security solutions.

Component Analysis

The network traffic analyzer market is segmented by component into software, hardware, and services. The software segment holds the largest market share, attributed to the increasing deployment of advanced software solutions for network monitoring and traffic analysis. These software solutions offer comprehensive insights into network performance, enabling organizations to proactively manage network issues and optimize performance. With the integration of AI and machine learning, these solutions are becoming even more sophisticated, capable of predictive analysis and automated responses.

Network Packet Broker (NPB) solutions are becoming increasingly vital in the context of network traffic analysis. These devices play a crucial role in optimizing the flow of data across complex network infrastructures by aggregating, filtering, and directing traffic to specific monitoring tools. As networks grow in complexity with the proliferation of IoT devices and cloud services, NPBs help ensure that only relevant data is sent to analysis tools, thereby enhancing the efficiency and accuracy of network monitoring. By offloading the processing burden from network analyzers, NPBs enable organizations to maintain high performance and reliability in their network operations, making them an indispensable component of modern network management strategies.

The hardware segment, although smaller than the software segment, plays a crucial role in the network traffic analyzer market. Hardware components such as network probes, packet brokers, an

Network Traffic Monitor Market Outlook

The network traffic monitor market size is projected to grow from USD 2.5 billion in 2023 to USD 5.6 billion by 2032, at a compound annual growth rate (CAGR) of 9.3% during the forecast period. The primary growth driver for this market is the increasing need for network security and optimization in the face of rising cyber threats and data traffic. As organizations continue to expand their digital presence and rely on networked systems for critical operations, the demand for robust network traffic monitoring solutions is expected to surge.

One significant factor propelling the growth of the network traffic monitor market is the escalating prevalence of cyber threats. With cyberattacks becoming more sophisticated and frequent, organizations are prioritizing network security, thereby increasing the demand for advanced monitoring solutions that can detect and mitigate threats in real-time. Moreover, the integration of Artificial Intelligence (AI) and Machine Learning (ML) in monitoring tools enhances the ability to identify anomalous patterns, providing a proactive approach to cybersecurity. This, in turn, drives market growth as businesses seek to safeguard their assets and data from potential breaches.

Another key growth driver is the rapid adoption of cloud computing and the Internet of Things (IoT). As more devices get connected to networks, the volume of data traffic has dramatically increased, necessitating efficient traffic management and monitoring solutions. Cloud-based network monitoring solutions offer scalability, flexibility, and cost-efficiency, making them attractive to organizations of all sizes. The proliferation of IoT devices further underscores the need for comprehensive monitoring solutions to ensure seamless connectivity and optimal performance, thereby fueling market growth.

Furthermore, regulatory compliance and data privacy concerns are compelling organizations to implement robust network traffic monitoring systems. Regulatory frameworks such as GDPR, HIPAA, and CCPA mandate stringent data protection and security measures, which include continuous monitoring of network traffic to detect and prevent data breaches. Compliance with these regulations not only helps organizations avoid hefty fines but also strengthens their reputation and trustworthiness among stakeholders. Consequently, the increasing emphasis on regulatory compliance acts as a catalyst for market expansion.

Network Monitoring Tools play a crucial role in enhancing the security and efficiency of network traffic monitoring solutions. These tools provide comprehensive insights into network performance, enabling organizations to detect anomalies and potential threats in real-time. As the complexity of network environments increases with the adoption of cloud computing and IoT, the demand for sophisticated network monitoring tools that can handle large volumes of data and provide actionable insights is on the rise. By leveraging these tools, businesses can ensure optimal network performance, minimize downtime, and protect sensitive data from cyber threats. The integration of AI and ML in network monitoring tools further enhances their capabilities, allowing for predictive analytics and automated threat response, which are essential in today's fast-paced digital landscape.

Regionally, North America holds a significant share of the network traffic monitor market, attributed to the presence of major technology companies and stringent cybersecurity regulations. The Asia Pacific region is expected to witness the highest growth rate, driven by the rapid digitalization and increasing investments in network infrastructure. Europe also shows substantial growth potential, supported by the stringent data protection laws and the growing adoption of advanced network monitoring solutions. Latin America and the Middle East & Africa are gradually emerging as promising markets due to the increasing focus on enhancing network security and infrastructure development.

Component Analysis

The network traffic monitor market is segmented into software, hardware, and services. The software segment dominates the market, driven by the increasing adoption of advanced software solutions for network traffic monitoring and analysis. These software tools offer real-time visibility, threat detection, and analytics cap

🇩🇪 독일 German We developed TomTom Intermediate Traffic to deliver detailed, real-time traffic content to business customers who integrate it into their own applications. Target customers for TomTom Intermediate Traffic include automotive OEMs, web and application developers, and governments. We deliver bulk traffic flow information that provides a comprehensive view of the entire road network. TomTom delivered our first live traffic product in 2007 and our experience has taught us how to continue delivering the best traffic products in the market. Our real-time traffic products are created by merging multiple data sources, including anonymized measurement data from over 650 million GPS-enabled devices. Using highly granular data, gathered on nearly every stretch of road, we can calculate travel times and speeds for virtually any day or time. We focus on our travel information so our customers can focus on their own business objectives.

The Crossfire attack traffic flows congest a small set of selected network links using benign low-rate flows from bots to publicly accessible servers, while degrading connectivity to the target area.

This dataset contains estimates of the average number of vehicles that used roads throughout the City of Detroit. Each record indicates the Annual Average Daily Traffic (AADT) and Commercial Annual Average Daily Traffic (CAADT) for a road segment, where the road segment is located, and other characteristics. This data is derived from Michigan Department of Transportation's (MDOT) Open Data Portal. SEMCOG was the source for speed limits and number of lanes.

The primary measure, Annual Average Daily Traffic (AADT), is the estimated mean daily traffic volume for all types of vehicles. Commercial Annual Average Daily Traffic (CAADT) is the estimated mean daily traffic volume for commercial vehicles, a subset of vehicles included in the AADT. The Route ID is an identifier for each road in Detroit (e.g., Woodward Ave). Routes are divided into segments by features such as cross streets, and Location ID's are used to uniquely identify those segments. Along with traffic volume, each record also states the number of lanes, the posted speed limit, and the type of road (e.g., Trunkline or Ramp) based on the Federal Highway Administration (FHWA) functional classification system.

According to MDOT's Traffic Monitoring Program a commercial vehicle would be anything Class 4 and up in the FHWA vehicle classification system. This includes vehicles such as buses, semi-trucks, and personal recreational vehicles (i.e., RVs or campers). Methods used to determine traffic volume vary by site, and may rely on continuous monitoring or estimates based on short-term studies. Approaches to vehicle classification similarly vary, depending on the equipment used at a site, and may consider factors such as vehicle weight and length between axles.

For more information, please visit MDOT Traffic Monitoring Program.

This dataset contains estimates of the average number of vehicles that used roads throughout the City of Detroit. Each record indicates the Annual Average Daily Traffic (AADT) and Commercial Annual Average Daily Traffic (CAADT) for a road segment, where the road segment is located, and other characteristics. This data is derived from Michigan Department of Transportation's (MDOT) Open Data Portal. SEMCOG was the source for speed limits and number of lanes.

The primary measure, Annual Average Daily Traffic (AADT), is the estimated mean daily traffic volume for all types of vehicles. Commercial Annual Average Daily Traffic (CAADT) is the estimated mean daily traffic volume for commercial vehicles, a subset of vehicles included in the AADT. The Route ID is an identifier for each road in Detroit (e.g., Woodward Ave). Routes are divided into segments by features such as cross streets, and Location ID's are used to uniquely identify those segments. Along with traffic volume, each record also states the number of lanes, the posted speed limit, and the type of road (e.g., Trunkline or Ramp) based on the Federal Highway Administration (FHWA) functional classification system.

According to MDOT's Traffic Monitoring Program a commercial vehicle would be anything Class 4 and up in the FHWA vehicle classification system. This includes vehicles such as buses, semi-trucks, and personal recreational vehicles (i.e., RVs or campers). Methods used to determine traffic volume vary by site, and may rely on continuous monitoring or estimates based on short-term studies. Approaches to vehicle classification similarly vary, depending on the equipment used at a site, and may consider factors such as vehicle weight and length between axles.

For more information, please visit MDOT Traffic Monitoring Program.

1.Introduction

In the digital era of the Industrial Internet of Things (IIoT), the conventional Critical Infrastructures (CIs) are transformed into smart environments with multiple benefits, such as pervasive control, self-monitoring and self-healing. However, this evolution is characterised by several cyberthreats due to the necessary presence of insecure technologies. DNP3 is an industrial communication protocol which is widely adopted in the CIs of the US. In particular, DNP3 allows the remote communication between Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA). It can support various topologies, such as Master-Slave, Multi-Drop, Hierarchical and Multiple-Server. Initially, the architectural model of DNP3 consists of three layers: (a) Application Layer, (b) Transport Layer and (c) Data Link Layer. However, DNP3 can be now incorporated into the Transmission Control Protocol/Internet Protocol (TCP/IP) stack as an application-layer protocol. However, similarly to other industrial protocols (e.g., Modbus and IEC 60870-5-104), DNP3 is characterised by severe security issues since it does not include any authentication or authorisation mechanisms. More information about the DNP3 security issue is provided in [1-3]. This dataset contains labelled Transmission Control Protocol (TCP) / Internet Protocol (IP) network flow statistics (Common-Separated Values - CSV format) and DNP3 flow statistics (CSV format) related to 9 DNP3 cyberattacks. These cyberattacks are focused on DNP3 unauthorised commands and Denial of Service (DoS). The network traffic data are provided through Packet Capture (PCAP) files. Consequently, this dataset can be used to implement Artificial Intelligence (AI)-powered Intrusion Detection and Prevention (IDPS) systems that rely on Machine Learning (ML) and Deep Learning (DL) techniques.

2.Instructions

This DNP3 Intrusion Detection Dataset was implemented following the methodological frameworks of A. Gharib et al. in [4] and S. Dadkhah et al in [5], including eleven features: (a) Complete Network Configuration, (b) Complete Traffic, (c) Labelled Dataset, (d) Complete Interaction, (e) Complete Capture, (f) Available Protocols, (g) Attack Diversity, (h) Heterogeneity, (i) Feature Set and (j) Metadata.

A network topology consisting of (a) eight industrial entities, (b) one Human Machine Interfaces (HMI) and (c) three cyberattackers was used to implement this DNP3 Intrusion Detection Dataset. In particular, the following cyberattacks were implemented.

On Thursday, May 14, 2020, the DNP3 Disable Unsolicited Messages Attack was executed for 4 hours.

On Friday, May 15, 2020, the DNP3 Cold Restart Message Attack was executed for 4 hours.

On Friday, May 15, 2020, the DNP3 Warm Restart Message Attack was executed for 4 hours.

On Saturday, May 16, 2020, the DNP3 Enumerate Attack was executed for 4 hours.

On Saturday, May 16, 2020, the DNP3 Info Attack was executed for 4 hours.

On Monday, May 18, 2020, the DNP3 Initialisation Attack was executed for 4 hours.

On Monday, May 18, 2020, the Man In The Middle (MITM)-DoS Attack was executed for 4 hours.

On Monday, May 18, 2020, the DNP3 Replay Attack was executed for 4 hours.

On Tuesday, May 19, 2020, the DNP3 Stop Application Attack was executed for 4 hours.

The aforementioned DNP3 cyberattacks were executed, utilising penetration testing tools, such as Nmap and Scapy. For each attack, a relevant folder is provided, including the network traffic and the network flow statistics for each entity. In particular, for each cyberattack, a folder is given, providing (a) the pcap files for each entity, (b) the Transmission Control Protocol (TCP)/ Internet Protocol (IP) network flow statistics for 120 seconds in a CSV format and (c) the DNP3 flow statistics for each entity (using different timeout values in terms of second (such as 45, 60, 75, 90, 120 and 240 seconds)). The TCP/IP network flow statistics were produced by using the CICFlowMeter, while the DNP3 flow statistics were generated based on a Custom DNP3 Python Parser, taking full advantage of Scapy.

1. Dataset Structure

The dataset consists of the following folders:

20200514_DNP3_Disable_Unsolicited_Messages_Attack: It includes the pcap and CSV files related to the DNP3 Disable Unsolicited Message attack.

20200515_DNP3_Cold_Restart_Attack: It includes the pcap and CSV files related to the DNP3 Cold Restart attack.

20200515_DNP3_Warm_Restart_Attack: It includes the pcap and CSV files related to DNP3 Warm Restart attack.

20200516_DNP3_Enumerate: It includes the pcap and CSV files related to the DNP3 Enumerate attack.

20200516_DNP3_Ιnfo: It includes the pcap and CSV files related to the DNP3 Info attack.

20200518_DNP3_Initialize_Data_Attack: It includes the pcap and CSV files related to the DNP3 Data Initialisation attack.

20200518_DNP3_MITM_DoS: It includes the pcap and CSV files related to the DNP3 MITM-DoS attack.

20200518_DNP3_Replay_Attack: It includes the pcap and CSV files related to the DNP3 replay attack.

20200519_DNP3_Stop_Application_Attack: It includes the pcap and CSV files related to the DNP3 Stop Application attack.

Training_Testing_Balanced_CSV_Files: It includes balanced CSV files from CICFlowMeter and the Custom DNP3 Python Parser that could be utilised for training ML and DL methods. Each folder includes different sub-folder for the corresponding flow timeout values used by the DNP3 Python Custom Parser. For CICFlowMeter, only the timeout value of 120 seconds was used.

Each folder includes respective subfolders related to the entities/devices (described in the following section) participating in each attack. In particular, for each entity/device, there is a folder including (a) the DNP3 network traffic (pcap file) related to this entity/device during each attack, (b) the TCP/IP network flow statistics (CSV file) generated by CICFlowMeter for the timeout value of 120 seconds and finally (c) the DNP3 flow statistics (CSV file) from the Custom DNP3 Python Parser. Finally, it is noteworthy that the network flows from both CICFlowMeter and Custom DNP3 Python Parser in each CSV file are labelled based on the DNP3 cyberattacks executed for the generation of this dataset. The description of these attacks is provided in the following section, while the various features from CICFlowMeter and Custom DNP3 Python Parser are presented in Section 5.

4.Testbed & DNP3 Attacks

The following figure shows the testbed utilised for the generation of this dataset. It is composed of eight industrial entities that play the role of the DNP3 outstations/slaves, such as Remote Terminal Units (RTUs) and Intelligent Electron Devices (IEDs). Moreover, there is another workstation which plays the role of the Master station like a Master Terminal Unit (MTU). For the communication between, the DNP3 outstations/slaves and the master station, opendnp3 was used.

Table 1: DNP3 Attacks Description

DNP3 Attack

Description

Dataset Folder

DNP3 Disable Unsolicited Message Attack

This attack targets a DNP3 outstation/slave, establishing a connection with it, while acting as a master station. The false master then transmits a packet with the DNP3 Function Code 21, which requests to disable all the unsolicited messages on the target.

20200514_DNP3_Disable_Unsolicited_Messages_Attack

DNP3 Cold Restart Attack

The malicious entity acts as a master station and sends a DNP3 packet that includes the “Cold Restart” function code. When the target receives this message, it initiates a complete restart and sends back a reply with the time window before the restart process.

20200515_DNP3_Cold_Restart_Attack

DNP3 Warm Restart Attack

This attack is quite similar to the “Cold Restart Message”, but aims to trigger a partial restart, re-initiating a DNP3 service on the target outstation.

20200515_DNP3_Warm_Restart_Attack

DNP3 Enumerate Attack

This reconnaissance attack aims to discover which DNP3 services and functional codes are used by the target system.

20200516_DNP3_Enumerate

DNP3 Info Attack

This attack constitutes another reconnaissance attempt, aggregating various DNP3 diagnostic information related the DNP3 usage.

20200516_DNP3_Ιnfo

Data Initialisation Attack

This cyberattack is related to Function Code 15 (Initialize Data). It is an unauthorised access attack, which demands from the slave to re-initialise possible configurations to their initial values, thus changing potential values defined by legitimate masters

20200518_Initialize_Data_Attack

MITM-DoS Attack

In this cyberattack, the cyberattacker is placed between a DNP3 master and a DNP3 slave device, dropping all the messages coming from the DNP3 master or the DNP3 slave.

20200518_MITM_DoS

DNP3 Replay Attack

This cyberattack replays DNP3 packets coming from a legitimate DNP3 master or DNP3 slave.

20200518_DNP3_Replay_Attack

DNP3 Step Application Attack

This attack is related to the Function Code 18 (Stop Application) and demands from the slave to stop its function so that the slave cannot receive messages from the master.

20200519_DNP3_Stop_Application_Attack

1. Features

The TCP/IP network flow statistics generated by CICFlowMeter are summarised below. The TCP/IP network flows and their statistics generated by CICFlowMeter are labelled based on the DNP3 attacks described above, thus allowing the training of ML/DL models. Finally, it is worth mentioning that these statistics are generated when the flow timeout value is equal with 120 seconds.

Table