Table 6.
Some Popular Public Datasets for NIDS for IoT.
| Dataset Description | Telemetry | Attack Types | Year Created |
|---|---|---|---|
| NSL-KDD [217] | General Purpose | 2009 | |
| UNB-ISCX 2012 [199] | General Purpose | DoS, DDoS, Brute Force, XSS, SQL Injection, Infiltration, Portscan, and Botnet | 2012 |
| [203,204] | General Purpose | Analysis, Backdoor, DoS, Exploit, Fizzers, Generic, Reconnaissance, Shellcode, and Worm | 2015 |
| CICIDS2017 [200] | General Purpose | DoS, DDoS, Brute Force, XSS, SQL Injection, Infiltration, Portscan, and Botnet | 2017 |
| AWS(CSE-CIC-IDS2018) [201] | General Purpose | DoS, DDoS, Brute Force, XSS, SQL Injection, Infiltration, Portscan, and Botnet | 2018 |
| IoT Network Intrusion Dataset [205] | IoT | Benign, mitm-arpspoofing, DoS-synflooding, scan-hostport, scan-portos, mirai-udpflooding, mirai-ackflooding, mirai-httpflooding, mirai-hostbruteforce | 2019 |
| IoTID20 Dataset [206] | IoT | DoS/DDoS attacks | 2020 |
| TON_IoT Dataset [207] | IoT, IIoT, MEC, Fog | DoS, DDoS and ransomware | 2019 |
| OPCUA dataset [208] | IoT | DoS, Eavesdropping, Man-in-the-middle, Impersonation, Spoofing attacks | 2020 |
| IOT DOS AND DDOS ATTACK DATASET [209,210,211,218] | IoT | DoS and DDoS attacks | 2021 |
| IOT HEALTHCARE SECURITY DATASET [219] | IoT, SDN, IIoT | Normal and IoT attack traffic | 2021 |
| Mqtt-iot-ids2020 DATASET [213] | IoI, IIoT | Normal operation, aggressive scan, UDP scan, Sparta SSH brute-force, and MQTT brute-force attack. | 2020 |
| Edge-IIoTset DATASET [214] | IoT, IIoT, MEC | DoS/DDoS attacks, Information gathering, Man in the middle attacks, Injection attacks, and Malware attacks | 2022 |
| NSS MIRAI DATASET [220] | IoT | Mirai type botnet attack | 2020 |
| WUSTL-IIOT-2021 [221] | IoT | Command Injection, DoS, Reconnaissance, Backdoor | 2021 |
| IOT-BDA BOTNET ANALYSIS DATASET [216] | IoT | Port scanning, exploitation, C2 communications and DDoS | 2021 |
| THE BOT-IOT DATASET [222] | IoT | DDoS, DoS, OS and Service Scan, Keylogging and Data exfiltration attacks | 2019 |
| X-IIoTID dataset [215] | IoT, IIoT | Brute force attack, dictionary attack, and the malicious insider, reverse shell and Man-in-the-Middle | 2021 |
Note: Network were captured as a Pcap. Users can extract features and records based on their preference.