IoT network intrusion dataset

Name: IoT network intrusion dataset
Creator: Huy Kang Kim
License: https://creativecommons.org/licenses/by/4.0/
Keywords: Security

Citation Author(s):: Hyunjae Kang

Dong Hyun Ahn

Gyung Min Lee

Jeong Do Yoo

Kyung Ho Park

Huy Kang Kim
Submitted by:: Huy Kang Kim
Last updated:: Fri, 09/27/2019 - 08:57
DOI:: 10.21227/q70p-q449
Data Format:: .xlsx.zip
Links:: IoT Network Intrusion Dataset

43070 views

Categories:

Security

Keywords:

internet of things

intrusion detection

Cybersecurity

CITE

Abstract

We created various types of network attacks in Internet of Things (IoT) environment for academic purpose. Two typical smart home devices -- SKT NUGU (NU 100) and EZVIZ Wi-Fi Camera (C2C Mini O Plus 1080P) -- were used. All devices, including some laptops or smart phones, were connected to the same wireless network. The dataset consists of 42 raw network packet files (pcap) at different time points.

* The packet files are captured by using monitor mode of wireless network adapter. The wireless headers are removed by Aircrack-ng.

* All attacks except Mirai Botnet category are the packets captured while simulating attacks using tools such as Nmap. The case of Mirai Botnet category, the attack packets were generated on a laptop and then manipulated to make it appear as if it originated from the IoT device.

Instructions:

The dataset consists of 42 raw network packet files (pcap) at different time points.

* The packet files are captured by using monitor mode of wireless network adapter. The wireless headers are removed by Aircrack-ng.

* All attacks except Mirai Botnet category are the packets captured while simulating attacks using tools such as Nmap. The case of the Mirai Botnet category, the attack packets were generated on a laptop and then manipulated to make it appear as if it originated from the IoT device.

benign-dec.pcap: benign-only traffic

mitm-arpspoofing-n(1~6)-dec.pcap: traffic containing benign and MITM(arp spoofing)

dos-synflooding-n(1~6)-dec.pcap: traffic containing benign and DoS(SYN flooding) attack

scan-hostport-n(1~6)-dec.pcap: traffic containing benign and Scan(host & port scan) attack

scan-portos-n(1~6)-dec.pcap: traffic containing benign and Scan(port & os scan) attack

mirai-udpflooding-n(1~4)-dec.pcap: traffic containing benign and 3 most typical attacks(UDP/ACK/HTTP Flooding) of zombie pc compromised by mirai malware

mirai-ackflooding-n(1~4)-dec.pcap

mirai-httpflooding-n(1~4)-dec.pcap

mirai-hostbruteforce-n(1~5)-dec.pcap: traffic containing benign and initial phase of Mirai malware including host discovery and Telnet brute-force attack

Quick MAC address and IP address summary for your convenience. Here are the MAC addresses and IP addresses of the two IoT devices. 1. EZVIZ (Home camera) - MAC address: bc:1c:81:4b:ae:ba - IP address: 192.168.0.13 2. NUGU (AI speaker) - MAC address: 04:32:f4:45:17:b3 - IP address: 192.168.0.24

Huy Kang Kim Wed, 09/29/2021 - 16:09 Permalink

Very Warm Regards, This side Ankita a research scholar wants permission to access this dataset for my research to continue. Please reply as soon as possible.

Ankita Anand Thu, 01/20/2022 - 13:36 Permalink

You can download IoT dataset on the right side of this page. see "DATASET FILES".

Huy Kang Kim Thu, 01/20/2022 - 14:03 Permalink

Thank you so much

Ankita Anand Thu, 01/20/2022 - 14:38 Permalink

Hello Myself Neetu A Research Scholar want to access your dataset for research Purpose. Please Allow me to do so. Thanks & Regards Neetu

neetu Wadhwa Fri, 01/21/2022 - 07:33 Permalink

You can download IoT dataset on the right side of this page. See the "DATASET FILES".

Huy Kang Kim Thu, 01/27/2022 - 14:16 Permalink

I know its has been a long time but still Thank you so Much Sir.

neetu Wadhwa Thu, 05/04/2023 - 07:39 Permalink

Hello, I want to use your dataset for the university research project. Is it okay to use it?

Drasty Parvin Mon, 04/04/2022 - 13:31 Permalink

Absolutely, yes. Thank you for showing your interest in our dataset.

Huy Kang Kim Sun, 04/10/2022 - 03:05 Permalink

Very Warm Regards, This side Ahmad Houkan a research scholar wants permission to access this dataset for my research to continue. Please reply as soon as possible.

Ahmad Houkan Tue, 05/23/2023 - 18:25 Permalink

Hi, I am sorry for the late reply. You can download IoT dataset on the right side of this page "DATASET FILES" without any permission, as this is an open access dataset. Also you can freely use this dataset for your research. Please cite this dataset when you use it.

Hyunjae Kang Fri, 08/04/2023 - 06:02 Permalink

Hi, I would like to split the given PCAP files in the dataset into packet based and flow based. If anybody have any solution for this, please do reply this comment.

Manush Sekaran C Wed, 12/20/2023 - 04:51 Permalink

I know several months have passed since you queried, though you can parse the packets by writing Python codes using packet handling libraries such as scapy or dpkt. Parse IP addresses, ports, or streams you need using the libraries and save them into another PCAP.

Hyunjae Kang Mon, 05/13/2024 - 06:48 Permalink

I'm looking to conduct a research project for my MSc into the effectiveness of current protocols in securing AI-enabled IoT devices in smart homes from network intrusion. Would your dataset suit this purpose and would you be able to indicate where I could begin with a simulation? Many thanks

Rhys Evans Thu, 02/08/2024 - 19:07 Permalink