Anomaly detection is a well-known topic in cybersecurity. Its application to the Internet of Things can lead to suitable protection techniques against problems such as denial of service attacks. However, Intrusion Detection Systems based on Artificial Intelligence, as a defense mechanism, need robust data sources to achieve strong generalization levels from the knowledge domain of interest. Therefore, here we present the LATAM-DDoS-IoT dataset, which results from a collaboration among Aligo, Universidad de Antioquia, and Tecnologico de Monterrey. The LATAM-DDoS-IoT dataset includes attack traffic to physical Internet of Things devices and normal traffic from real external users consuming actual services from Aligo's production network.
The LATAM-DDoS-IoT dataset was designed and created during a collaboration among Aligo, Universidad de Antioquia, and Tecnologico de Monterrey. Thanks to Aligo's support, we built and implemented a testbed for DoS and DDoS attacks. This testbed is mainly based on physical IoT devices and real users consuming real services from a production network. We provide the ground truth pcap files and the generated network flows, their features, and the labeled categories and subcategories to facilitate the implementation of supervised learning methods.
The total number of samples for the DoS version of our new dataset is 30,662,911 flows with 20 attributes, and for the DDoS version 49,666,991 flows with the same number of attributes. In total, there is more than 300 GB of information, including .argus, .csv, and .pcap files.