UCM_FibIoT2024

Description

The UCM_FibIoT2024 dataset is a detailed collection of data aimed at improving the understanding of Distributed Denial of Service (DDoS) attacks against smart home central control units, specifically the Fibaro Home Center 3. This dataset documents various types of DDoS attacks, including TCP SYN flood, ICMP flood, and HTTP flood, to provide insight into their impact on the functionality and availability of IoT devices. Data collection was performed on a local network using the hping3 tool for SYN and ICMP flood attacks, and the LOIC tool for HTTP flood attacks. Network traffic was captured using Wireshark software, and the dataset is available in both PCAP and CSV formats for detailed analysis. The captured data includes key attributes such as timestamps, source and destination IP addresses, protocols, packet lengths, and port numbers. The primary goal of this dataset is to facilitate the simulation and analysis of DDoS attacks on smart home central control units, providing a resource for researchers focused on cybersecurity and IoT device protection. By examining the network traffic logs and packet captures, researchers can identify attack patterns, understand the dynamics of different types of DDoS attacks, and develop effective mitigation mechanisms. The dataset is organized to include detailed logs of each attack, such as start and end times, frame numbers, and total number of attack packets. For ease of use, the data is organized into folders, and the SYN flood attack data is further subdivided by the ports targeted (80, 443, and 500). The UCM_FibIoT2024 dataset serves as a valuable tool for analyzing and developing defenses against DDoS attacks on IoT devices. It provides a practical resource for researchers and cybersecurity professionals to effectively simulate, analyze, and mitigate DDoS attacks.

Steps to reproduce

In order to reproduce the data set, the first step is to set up the environment with the necessary hardware and software. This includes two computers running Kali Linux as attack sources, a Fibaro Home Center 3 central control unit, a WiFi router, two network switches, a laptop for monitoring and data collection, and a mobile phone for monitoring the smart home system. The network configuration involves connecting Attacker 1 to the router at 100 Mbps, Attacker 2 to Switch 1 at 1000 Mbps, the Fibaro Home Center 3 to Switch 2 at 100 Mbps, the monitoring laptop to Switch 2 at 1000 Mbps, and the mobile phone to the router via WiFi at 866 Mbps. Install the necessary software on these devices, including Wireshark on the monitoring laptop to capture network traffic, hping3 on the attack machines for SYN and ICMP flood attacks, and LOIC for HTTP flood attacks. Begin the data collection process by ensuring that all devices are properly configured and connected, and start Wireshark on the monitoring laptop to capture network traffic. Perform the attacks sequentially: SYN flood attacks on ports 80, 443, and 500 using hping3, ICMP flood attacks at various intervals using hping3, and HTTP flood attacks on ports 80, 443, and 500 using LOIC. During these attacks, monitor the functionality of the Fibaro Home Center 3 and its mobile application and note any alerts from the sensors. Capture the network traffic logs in PCAP format using Wireshark, then convert these files to CSV format for easier analysis.

Institutions

Categories

Funding

Licence