Serial Number: 78
Year: 2020
Kind of Traffic: Real
Publicly Available: Yes
Count of Records: 17,845,567 packets
Features Count: 100+
No. of citations: 131
Attack Type: Mrai,Bashlite, etc
Download Links: https://cs.taltech.ee/research/data/medbiot/
Abstract: Guerra-Manzanares and co-authors contended that the existing datasets intended IDS based on Machine learning in IoT environments were limited in both quantity and size. The dataset MedBIoT were publicly introduced to solve this inadequacy. Both emulated and genuine IoT devices are combined in annotated dataset within a network containing 83 devices of IoT. Among them, Three devices are physical devices consisting of one smart bulb, and two smart switches, while eighty devices are emulated in Docker containers. To generate attack traffic malicious software, including BASHLITE, Mirai, and Torii, was deployed, and from all endpoints and servers, data was gathered during propagation of botnet. The researchers concentrated specifically on the early phases of botnet deployment, specifically the processes of propagation and Command and Control (C&C) communication. The network was segmented into three parts: the monitoring network (for storing and processing collected data from the network switch), the Internet network (for connectivity), and the IoT LAN network (to allow controlled malware spread). The utilization of the Kitsune auto-encoder tool facilitated the extraction of machine learning features from raw data (PCAP files), resulting in the generation of 100 statistical features computed across various time windows.