NetSecBed: A Container-Native Testbed for Reproducible Cybersecurity Experimentation
This provides a reproducible framework for cybersecurity researchers, particularly in IoT and multi-protocol environments, though it is incremental as it builds on existing container and testbed technologies.
The paper tackles the problem of limited reproducibility in cybersecurity research by presenting NetSecBed, a container-native testbed that automates the generation of network traffic evidence and execution artifacts, integrating 60 attack scenarios and 9 target services to reduce operational bias.
Cybersecurity research increasingly depends on reproducible evidence, such as traffic traces, logs, and labeled datasets, yet most public datasets remain static and offer limited support for controlled re-execution and traceability, especially in heterogeneous multi-protocol environments. This paper presents NetSecBed, a container-native, scenario-oriented testbed for reproducible generation of network traffic evidence and execution artifacts under controlled conditions, particularly suitable for IoT, IIoT, and pervasive multi-protocol environments. The framework integrates 60 attack scenarios, 9 target services, and benign traffic generators as single-purpose containers, enabling plug-and-play extensibility and traceability through declarative specifications. Its pipeline automates parametrized execution, packet capture, log collection, service probing, feature extraction, and dataset consolidation. The main contribution is a repeatable, auditable, and extensible framework for cybersecurity experimentation that reduces operational bias and supports continuous dataset generation.