DALHOUSIE NIMS LAB IoT ATTACK DATASET 2025-1

Citation Author(s):
Jeffrey Attakorah
Adjei
Dalhousie University
Nur
Zincir-Heywood
Dalhousie University
Malcom
Heywood
Dalhousie University
Nabil
Seddigh
Solana Networks
Biswajit
Nandy
Solana Networks
Submitted by:
Jeffrey Adjei
Last updated:
Tue, 01/28/2025 - 14:41
DOI:
10.21227/vrwj-bc48
Data Format:
*.pcap
License:
Creative Commons Attribution
22 Views
Categories:
Wireless Networking
IoT
Machine Learning
Security
Standards Research Data
Keywords:
Attack, IoT Traffic, Machine Learning, network security
0
0 ratings - Please login to submit your rating.
ACCESS DATASET CITE SHARE/EMBED

Abstract 

DALHOUSIE NIMS LAB ATTACK IOT DATASET 2025-1 dataset comprises of four prevalent types attacks, namely Portscan, Slowloris, Synflood, and Vulnerability Scan, on nine distinct Internet of Things (IoT) devices. These attacks are very common on the IoT eco-systems because they often serve as precursors to more sophisticated attack vectors. By analyzing attack vector traffic characteristics and IoT device responses, our dataset will aid to shed light on IoT eco-system vulnerabilities. A Raspberry Pi was utilized to launch the attacks, targetting the devices in a controlled environment and each attack lasted 50 minutes.

Each device's traffic of an attack is stored in individual .pcap files. For our research, we extract flows from these .pcap files using Tranalyzer2 flow analysis tool.. Within this folder, you will find folders named after each attack, each containing the nine device name along with attack type. These states are detailed through pcap files, labelled as attack_device.pcap. All captures were conducted using IEEE 802.11 (Wi-Fi) in 2.4GHz channels.

Comprehensive details regarding our setup and methodology are provided in our paper. Notably, all captured data has attack signatures.

Instructions: 

Further details about the method we used to in analyzing these files can be found in our paper below:

[1] Jeffrey A. Adjei, Nur Zincir-Heywood, Malcom Heywood, Biswajit Nandy and Nabil Seddigh, Can Flow Metadata based Signatures Generalize for Identifying Attacks on IoT Devices?," Accepted for publication in the proceedings of the 2025 IEEE/IFIP Network Operations and Management Symposium, Honolulu, Hawaii, USA. 

The .pcap files, for each device, can be extracted from the .zip and ready to use.

Please contact one of these authors to get access to the source code: jeffrey.adjei@dal.ca or zincir@cs.dal.ca.

Please refer to the README file for further information. 

Dataset Files

LOGIN TO ACCESS DATASET FILES

 

QUESTIONS?