Data collected for our paper at ACM SOSR 2019
We release packet-level traffic traces (PCAP files) of a mixed set of consumer IoT devices. Daily traces are categorized as follows: (a) "benign," representing the behavior of devices under normal conditions when performing their intended functions, and (b) "attack and benign," representing the behavior of devices under attack conditions.
Benign Data
Attack & Benign Data
Instructions
Flow data
contains
flow counters of MUD flow, each instance in the file are collected every one minute.
Annotations
contains information about the start, end time of the attack and corresponsing MUD
flows
that are impacted through the Attack.
More information about the device and the attacker can be found in here
Below is an example of the annotations from the Samsung smart camera.
eg: “1527838552,1527839153,Localfeatures|Arpfeatures,ArpSpoof100L2D”
The above line indicates that the start time of the attack to be 1527838552 and end
time is
1527839153.
"Localfeatures|Arpfeatures" explains that it should impact the local communication
and ARP
protocol.
"ArpSpoof100L2D” means that the attack was arpspoof lauched with the maximum rate of
100
packets per seconds.
In order to identify the attack rows in flow stats you can use below condition.
“if (flowtime >= startTime*1000 and endTime*1000>=flowtime) then attack = true” --
This
corresponds to the line 4470 to 4479 in the samsung smart camera.
Tools
Cite our data
License
SPDX-License-Identifier: MIT-0
Copyright 2021 IoT Traffic Analytics Research Group, School of EE&T, UNSW Sydney.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.