This work addresses the limitations of existing cybersecurity datasets, which are predominantly static and ill-suited for enabling controllable replay and traceability in heterogeneous, multi-protocol environments. To overcome this, the authors propose a scenario-oriented, container-native testing platform that leverages declarative configuration to parameterize the generation of both adversarial and benign network traffic, log collection, and dataset integration. The platform encapsulates 60 attack scenarios, nine target services, and benign traffic generators within single-purpose containers and integrates them into an automated pipeline for feature extraction and experimental execution. Designed with reproducibility, auditability, and extensibility in mind, the framework significantly reduces operational bias and supports fully traceable, reproducible experiments in complex settings such as IoT and IIoT networks.

Cybersecurity research increasingly depends on reproducible evidence, such as traffic traces, logs, and labeled datasets, yet most public datasets remain static and offer limited support for controlled re-execution and traceability, especially in heterogeneous multi-protocol environments. This paper presents NetSecBed, a container-native, scenario-oriented testbed for reproducible generation of network traffic evidence and execution artifacts under controlled conditions, particularly suitable for IoT, IIoT, and pervasive multi-protocol environments. The framework integrates 60 attack scenarios, 9 target services, and benign traffic generators as single-purpose containers, enabling plug-and-play extensibility and traceability through declarative specifications. Its pipeline automates parametrized execution, packet capture, log collection, service probing, feature extraction, and dataset consolidation. The main contribution is a repeatable, auditable, and extensible framework for cybersecurity experimentation that reduces operational bias and supports continuous dataset generation.