CoAP-DoS: An IoT Network Intrusion Dataset

TL;DR

This paper introduces a new dataset of IoT network traffic focused on CoAP denial of service attacks, enabling better machine learning detection of such threats in IoT environments.

Contribution

The paper presents a novel CoAP DoS attack dataset collected from real attacks, filling a gap in IoT intrusion datasets for machine learning research.

Findings

The dataset effectively improves detection across multiple classifiers.

Real attack data enhances the realism and utility of intrusion detection models.

The dataset addresses a critical gap in IoT security research.

Abstract

The need for secure Internet of Things (IoT) devices is growing as IoT devices are becoming more integrated into vital networks. Many systems rely on these devices to remain available and provide reliable service. Denial of service attacks against IoT devices are a real threat due to the fact these low power devices are very susceptible to denial-of-service attacks. Machine learning enabled network intrusion detection systems are effective at identifying new threats, but they require a large amount of data to work well. There are many network traffic data sets but very few that focus on IoT network traffic. Within the IoT network data sets there is a lack of CoAP denial of service data. We propose a novel data set covering this gap. We develop a new data set by collecting network traffic from real CoAP denial of service attacks and compare the data on multiple different machine learning classifiers. We show that the data set is effective on many classifiers.