Car Hacking: Attack & Defense Challenge 2020 Dataset

Citation Author(s):
Hyunjae
Kang
Korea University
Byung Il
Kwak
Korea University
Young Hun
Lee
Korea University
Haneol
Lee
Korea University
Hwejae
Lee
Korea University
Huy Kang
Kim
Korea University
Submitted by:
Huy Kang Kim
Last updated:
Wed, 02/03/2021 - 02:39
DOI:
10.21227/qvr7-n418
Data Format:
Links:
License:
0
0 ratings - Please login to submit your rating.

Abstract 

This is the dataset provided and collected while "Car Hacking: Attack & Defense Challenge" in 2020. We are the main organizer of the competition along with Culture Makers and Korea Internet & Security Agency. We are very proud of releasing these valuable datasets for all security researchers for free.

The competition aimed to develop attack and detection techniques of Controller Area Network (CAN), a widely used standard of in-vehicle network. The target vehicle of competition was Hyundai Avante CN7.

Therefore, the dataset is a CAN network traffic of Avante CN7 including normal messages and attack messages. The dataset contains:1) Preliminary round train/test dataset2) Final round dataset of host's attack session

Instructions: 

1. Description

RoundTypeDescription# Normal# Attack# Rows
(Total)
PreliminaryTrainingNormal and four types of attacks dataset with class3,372,743299,4083,672,151
SubmissionNormal and four types of attacks dataset with class
(during the competition, without class)
3,358,210393,8363,752,046
FinalSubmissionNormal and five attacks (4 spoofings, 1 fuzzing) dataset with class
(during the competition, without class)
1,090,312179,9981,270,310
  • Preliminary round contains two status of the vehicle -- S: Stationary, D: Driving.
    In final round, only stationary status traffic was collected for safety reason.

  • All csv files have same headers: Timestamp (logging time), Arbitration_ID (CAN identifier), DLC (data length code), Data (CAN data field), Class (Normal or Attack), and SubClass (attack type) of each CAN message.

 

2. Class

Normal: Normal traffic in CAN bus.

Attack: Attack traffic injected. Four types of attacks are included -- Flooding, Spoofing, Replay, Fuzzing.

  • Flooding: Flooding attack aims to consume CAN bus bandwidth by sending a massive number of messages.

  • Spoofing: CAN messages are injected to control certain desired function.

  • Replay: Replay attack is to extract normal traffic at a specific time and replay (inject) it into the CAN bus.

  • Fuzzing: Random messages are injected to cause unexpected behavior of the vehicle.

 

3. Acknowledgement

This work was supported by Institute for Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2020-0-00866, Challenges for next generation security R&D).

Comments

Kindly provide the dataset

Submitted by Shobana G on Sun, 02/07/2021 - 12:45

Provided ZIP seems to be missing:
"All csv files have same headers: Timestamp (logging time), Arbitration_ID (CAN identifier), DLC (data length code), Data (CAN data field), Class (Normal or Attack), and SubClass (attack type) of each CAN message." Can you please provide it?

Submitted by George Dimitoglou on Tue, 02/23/2021 - 16:10

You can download dataset(.zip) on the right side of this page.
"DATASET FILES"
Car_Hacking_Challenge_Dataset.zip (80.69 MB)
Are there any problems with the files when you unzipped the ZIP file? When I downloaded it, there was no problem with the file.

Submitted by Hyunjae Kang on Fri, 02/26/2021 - 04:16

You can download dataset(.zip) on the right side of this page.
"DATASET FILES"
Car_Hacking_Challenge_Dataset.zip (80.69 MB)

Submitted by Hyunjae Kang on Fri, 02/26/2021 - 04:17

Thank you Hyuajae, can see it now!

Submitted by George Dimitoglou on Fri, 02/26/2021 - 13:43