NetSecBed: A Container-Native Testbed for Reproducible Cybersecurity Experimentation

View PDF HTML (experimental) Abstract:Cybersecurity research increasingly depends on reproducible evidence, such as traffic traces, logs, and labeled datasets, yet most public datasets remain static and offer limited support for controlled re-execution and traceability, especially in heterogeneous multi-protocol environments. This paper presents NetSecBed, a container-native, scenario-oriented testbed for reproducible generation of network traffic evidence and execution artifacts under controlled conditions, particularly suitable for IoT, IIoT, and pervasive multi-protocol environments. The framework integrates 60 attack scenarios, 9 target services, and benign traffic generators as single-purpose containers, enabling plug-and-play extensibility and traceability through declarative specifications. Its pipeline automates parametrized execution, packet capture, log collection, service probing, feature extraction, and dataset consolidation. The main contribution is a repeatable, auditable, and extensible framework for cybersecurity experimentation that reduces operational bias and supports continuous dataset generation. Comments: 8 pages, including 4 figures and 2 tables, submitted to SBCUP 2026 Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI); Networking and Internet Architecture (cs.NI); Performance (cs.PF) MSC classes: 68M25 ACM classes: D.2; K.3; J.6; I.6 Cite as: arXiv:2604.04121 [cs.CR] (or arXiv:2604.04121v1 [cs.CR] for this version) https://doi.org/10.48550/arXiv.2604.04121 arXiv-issued DOI via DataCite (pending registration) Submission history From: Diego Kreutz [view email] [v1] Sun, 5 Apr 2026 13:46:01 UTC (419 KB)