BlueTack

We developed a Bluetooth dataset using realistic traffic generated using the e-healthcare testbed described above. The dataset comprises of abstract meta-information from traffic flow of the Bluetooth enabled IoMT network. The Dataset was built in 3 phases. Initially, in the pre-processing phase, data were collected, cleaned, and pre-processed to remove redundancies, eliminate noise and impute missing data. In the second phase, statistical feature selection methods were applied for dimensionality reduction and for identifying useful features using various ML algorithms, after which the optimal feature set was selected. In the final phase, the dataset was divided into training and testing data, such that 75\% was training and 25\% was testing data.

We have collected 4.3 GB of data over about 52 hours during the normal traffic patterns and also while performing the attacks. Therefore, the data collected is a combination of benign and malicious traffic. The performed attacks are, DDoS, Bluesmack, and DoS on the L2CAP (Link Layer Control Adaption protocol) layer of the Bluetooth protocol stack. The L2CAP protocol is located in the data link layer of the stack, and it provides connection-less and connection oriented data services to the top layer protocols. It allows the upper level protocols and applications to send and receive the data frames.  After analyzing of the captured traffic in the pre-processing phase, 22 feature candidates were selected.