This work presents the development of an air gapped physical network to serve as a testbed to find innovative methods for the detection and mitigation of modern cyber threats, known as the Cyber Innovation Lab. The project involved designing a network to provide a realistic platform to launch attacks against, then installing and configuring various web applications and services on both Windows and Linux platforms. The systems were designed to be easy to reconfigure to their original state, to allow for consistency in attack outcomes. In order to build the data set to support research, an attack taxonomy was devised from both current practitioner and academic literature. Additionally, a data pre-processing framework was devised. Finally, live attacks were run against the network to allow for data collection via host and network-based sensors. This data will be used to support investigations into machine learning based intrusion detection systems and the analysis of system memory to determine attack types
