IoT network intrusion dataset

Citation Author(s):
Hyunjae
Kang
Dong Hyun
Ahn
Gyung Min
Lee
Jeong Do
Yoo
Kyung Ho
Park
Huy Kang
Kim
Submitted by:
Huy Kang Kim
Last updated:
Fri, 09/27/2019 - 04:57
DOI:
10.21227/q70p-q449
Data Format:
Links:
License:
25187 Views
Citations:
9
Categories:
Keywords:
5
1 rating - Please login to submit your rating.

Abstract 

We created various types of network attacks in Internet of Things (IoT) environment for academic purpose. Two typical smart home devices -- SKT NUGU (NU 100) and EZVIZ Wi-Fi Camera (C2C Mini O Plus 1080P) -- were used. All devices, including some laptops or smart phones, were connected to the same wireless network. The dataset consists of 42 raw network packet files (pcap) at different time points.

* The packet files are captured by using monitor mode of wireless network adapter. The wireless headers are removed by Aircrack-ng.

* All attacks except Mirai Botnet category are the packets captured while simulating attacks using tools such as Nmap. The case of Mirai Botnet category, the attack packets were generated on a laptop and then manipulated to make it appear as if it originated from the IoT device.

Instructions: 

The dataset consists of 42 raw network packet files (pcap) at different time points.

* The packet files are captured by using monitor mode of wireless network adapter. The wireless headers are removed by Aircrack-ng.

* All attacks except Mirai Botnet category are the packets captured while simulating attacks using tools such as Nmap. The case of the Mirai Botnet category, the attack packets were generated on a laptop and then manipulated to make it appear as if it originated from the IoT device.

 

<packet file description>

benign-dec.pcap: benign-only traffic

mitm-arpspoofing-n(1~6)-dec.pcap: traffic containing benign and MITM(arp spoofing)

dos-synflooding-n(1~6)-dec.pcap: traffic containing benign and DoS(SYN flooding) attack

scan-hostport-n(1~6)-dec.pcap: traffic containing benign and Scan(host & port scan) attack

scan-portos-n(1~6)-dec.pcap: traffic containing benign and Scan(port & os scan) attack

mirai-udpflooding-n(1~4)-dec.pcap: traffic containing benign and 3 most typical attacks(UDP/ACK/HTTP Flooding) of zombie pc compromised by mirai malware

mirai-ackflooding-n(1~4)-dec.pcap

mirai-httpflooding-n(1~4)-dec.pcap

mirai-hostbruteforce-n(1~5)-dec.pcap: traffic containing benign and initial phase of Mirai malware including host discovery and Telnet brute-force attack

Comments

Quick MAC address and IP address summary for your convenience.

Here are the MAC addresses and IP addresses of the two IoT devices.

1. EZVIZ (Home camera)
- MAC address: bc:1c:81:4b:ae:ba
- IP address: 192.168.0.13

2. NUGU (AI speaker)
- MAC address: 04:32:f4:45:17:b3
- IP address: 192.168.0.24

Submitted by Huy Kang Kim on Wed, 09/29/2021 - 12:09

Very Warm Regards,
This side Ankita a research scholar wants permission to access this dataset for my research to continue. Please reply as soon as possible.

Submitted by Ankita Anand on Thu, 01/20/2022 - 08:36

You can download IoT dataset on the right side of this page.
see "DATASET FILES".

Submitted by Huy Kang Kim on Thu, 01/20/2022 - 09:03

Thank you so much

Submitted by Ankita Anand on Thu, 01/20/2022 - 09:38

Hello
Myself Neetu A Research Scholar want to access your dataset for research Purpose. Please Allow me to do so.

Thanks & Regards
Neetu

Submitted by neetu Wadhwa on Fri, 01/21/2022 - 02:33

You can download IoT dataset on the right side of this page. See the "DATASET FILES".

Submitted by Huy Kang Kim on Thu, 01/27/2022 - 09:16

Hello,
I want to use your dataset for the university research project. Is it okay to use it?

Submitted by Drasty Parvin on Mon, 04/04/2022 - 09:31

Absolutely, yes. Thank you for showing your interest in our dataset.

Submitted by Huy Kang Kim on Sat, 04/09/2022 - 23:05

Dataset Files

LOGIN TO ACCESS DATASET FILES
Open Access dataset files are accessible to all logged in  users. Don't have a login?  Create a free IEEE account.  IEEE Membership is not required.