IoT-deNAT: Outbound flow-based network traffic data of IoT and non-IoT devices behind a home NAT

From MaRDI portal
(Redirected from Dataset:6711191)



DOI10.5281/zenodo.3924770Zenodo3924770MaRDI QIDQ6711191FDOQ6711191

Dataset published at Zenodo repository.

Yair Meidan, Vinay Sachidananda, Asaf Shabtai, Yuval Elovici, Hongyi Peng, Racheli Sagron

Publication date: 1 July 2020



Description

This dataset is comprised of NetFlow records, which capture the outbound network traffic of 8 commercial IoT devices and 5 non-IoT devices, collected during a period of 37 days in a lab at Ben-Gurion University of The Negev. The dataset was collected in order to develop a method for telecommunication providers to detect vulnerable IoT models behind home NATs. Each NetFlow record is labeled with the device model which produced it; for research reproducibilty, each NetFlow is also allocated to either the training or test set, in accordance with the partitioning described in: Y. Meidan, V. Sachidananda,H. Peng, R. Sagron, Y. Elovici, and A. Shabtai,A novel approach for detecting vulnerable IoT devices connected behind a home NAT, Computers Security, Volume 97,2020,101968,ISSN 0167-4048, https://doi.org/10.1016/j.cose.2020.101968.(http://www.sciencedirect.com/science/article/pii/S0167404820302418) Please note: The dataset itself is free to use, however users are requested to cite the above-mentioned paper, which describes in detail the research objectives as well as the data collection, preparation and analysis. Following is a brief description of the features used in this dataset. # NetFlow features, used in the related paper for analysis FIRST_SWITCHED:System uptime at which the first packet of this flow was switched IN_BYTES:Incoming counter for the number of bytes associated with an IP Flow IN_PKTS:Incoming counter for the number of packets associated with an IP Flow IPV4_DST_ADDR:IPv4 destination address L4_DST_PORT:TCP/UDP destination port number L4_SRC_PORT:TCP/UDP source port number LAST_SWITCHED:System uptime at which the last packet of this flow was switched PROTOCOL:IP protocol byte (6: TCP, 17: UDP) SRC_TOS:Type of Service byte setting when there is an incoming interface TCP_FLAGS:Cumulative of all the TCP flags seen for this flow # Features added by the authors IP: Prefix of the destination IP address, representing the network (without the host) DURATION: Time (seconds) between first/last packet switching # Label device_model: type.manufacturer.model number # Partition partition: Training or test # Additional NetFlow features (mostly zero-variance) SRC_AS:Source BGP autonomous system number DST_AS:Destination BGP autonomous system number INPUT_SNMP:Input interface index OUTPUT_SNMP:Output interface index IPV4_SRC_ADDR:IPv4 source address MAC: MAC address of the source # Additional data category: IoT or non-IoT type: IoT,access_point, smartphone, laptop date: Datepart ofFIRST_SWITCHED inter_arrival_time: Time (seconds) between successive flows of the same device (identified by its MAC address)







This page was built for dataset: IoT-deNAT: Outbound flow-based network traffic data of IoT and non-IoT devices behind a home NAT

Retrieved from "https://portal.mardi4nfdi.de/w/index.php?title=IoT-deNAT:_Outbound_flow-based_network_traffic_data_of_IoT_and_non-IoT_devices_behind_a_home_NAT&oldid=54667130"
Powered by MediaWiki