The dataset has been introduced by the below-mentioned researches: E. C. P. Neto, S. Dadkhah, R. Ferreira, A. Zohourian, R. Lu, A. A. Ghorbani. "CICIoT2023: A real-time dataset and benchmark for large-scale attacks in IoT environment," Sensor (2023) – (submitted to Journal of Sensors). The present data contains different kinds of IoT intrusions. The categories of the IoT intrusions enlisted in the data are as follows: DDoS Brute Force Spoofing DoS Recon Web-based Mirai

There are several subcategories are present in the data for each kind of intrusion types in the IoT. The dataset contains 1191264 instances of network for intrusions and 47 features of each of the intrusions. The dataset can be used to prepare the predictive model through which different kind of intrusive attacks can be detected. The data is also suitable for designing the IDS system.

🇺🇸 English:

This dataset simulates network traffic to help build intrusion detection models. It includes source/destination IPs, protocols, connection durations, and labels for different types of attacks.

Use this dataset to:

• Train anomaly detection or classification models
• Experiment with imbalanced cybersecurity data
• Build intrusion detection systems with ML algorithms like XGBoost or Isolation Forest

Features:

• src_ip: Source IP address
• dst_ip: Destination IP address
• protocol: Network protocol (TCP, UDP, ICMP)
• duration: Duration of the connection
• attack: Attack type label (e.g., normal, dos, probe, etc.)

🇹🇷 Türkçe:

Bu veri seti, siber güvenlik alanında ağ trafiği üzerinden saldırı tespiti yapılmasını sağlamak için oluşturulmuştur. Kaynak/varış IP'leri, protokol, bağlantı süresi ve saldırı türü etiketlerini içerir.

Bu veri seti ile:

• Dengesiz veri üzerinde anomali tespiti yapabilirsiniz
• Saldırı sınıflandırma algoritmaları geliştirebilirsiniz
• XGBoost ve Isolation Forest gibi algoritmaları test edebilirsiniz

Özellikler:

• src_ip: Kaynak IP adresi
• dst_ip: Hedef IP adresi
• protocol: Ağ protokolü (TCP, UDP, ICMP)
• duration: Bağlantı süresi
• attack: Saldırı türü etiketi (örneğin normal, dos, probe vs.)

ABSTRACT In this project, we propose a new comprehensive realistic cyber security dataset of IoT and IIoT applications, called Edge-IIoTset, which can be used by machine learning-based intrusion detection systems in two different modes, namely, centralized and federated learning. Specifically, the proposed testbed is organized into seven layers, including, Cloud Computing Layer, Network Functions Virtualization Layer, Blockchain Network Layer, Fog Computing Layer, Software-Defined Networking Layer, Edge Computing Layer, and IoT and IIoT Perception Layer. In each layer, we propose new emerging technologies that satisfy the key requirements of IoT and IIoT applications, such as, ThingsBoard IoT platform, OPNFV platform, Hyperledger Sawtooth, Digital twin, ONOS SDN controller, Mosquitto MQTT brokers, Modbus TCP/IP, ...etc. The IoT data are generated from various IoT devices (more than 10 types) such as Low-cost digital sensors for sensing temperature and humidity, Ultrasonic sensor, Water level detection sensor, pH Sensor Meter, Soil Moisture sensor, Heart Rate Sensor, Flame Sensor, ...etc.). However, we identify and analyze fourteen attacks related to IoT and IIoT connectivity protocols, which are categorized into five threats, including, DoS/DDoS attacks, Information gathering, Man in the middle attacks, Injection attacks, and Malware attacks. In addition, we extract features obtained from different sources, including alerts, system resources, logs, network traffic, and propose new 61 features with high correlations from 1176 found features. After processing and analyzing the proposed realistic cyber security dataset, we provide a primary exploratory data analysis and evaluate the performance of machine learning approaches (i.e., traditional machine learning as well as deep learning) in both centralized and federated learning modes.

Instructions:

Great news! The Edge-IIoT dataset has been featured as a "Document in the top 1% of Web of Science." This indicates that it is ranked within the top 1% of all publications indexed by the Web of Science (WoS) in terms of citations and impact.

Please kindly visit kaggle link for the updates: https://www.kaggle.com/datasets/mohamedamineferrag/edgeiiotset-cyber-sec...

Free use of the Edge-IIoTset dataset for academic research purposes is hereby granted in perpetuity. Use for commercial purposes is allowable after asking the leader author, Dr Mohamed Amine Ferrag, who has asserted his right under the Copyright.

The details of the Edge-IIoT dataset were published in following the paper. For the academic/public use of these datasets, the authors have to cities the following paper:

Mohamed Amine Ferrag, Othmane Friha, Djallel Hamouda, Leandros Maglaras, Helge Janicke, "Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications for Centralized and Federated Learning", IEEE Access, April 2022 (IF: 3.37), DOI: 10.1109/ACCESS.2022.3165809

Link to paper : https://ieeexplore.ieee.org/document/9751703

The directories of the Edge-IIoTset dataset include the following:

•File 1 (Normal traffic)

-File 1.1 (Distance): This file includes two documents, namely, Distance.csv and Distance.pcap. The IoT sensor (Ultrasonic sensor) is used to capture the IoT data.

-File 1.2 (Flame_Sensor): This file includes two documents, namely, Flame_Sensor.csv and Flame_Sensor.pcap. The IoT sensor (Flame Sensor) is used to capture the IoT data.

-File 1.3 (Heart_Rate): This file includes two documents, namely, Flame_Sensor.csv and Flame_Sensor.pcap. The IoT sensor (Flame Sensor) is used to capture the IoT data.

-File 1.4 (IR_Receiver): This file includes two documents, namely, IR_Receiver.csv and IR_Receiver.pcap. The IoT sensor (IR (Infrared) Receiver Sensor) is used to capture the IoT data.

-File 1.5 (Modbus): This file includes two documents, namely, Modbus.csv and Modbus.pcap. The IoT sensor (Modbus Sensor) is used to capture the IoT data.

-File 1.6 (phValue): This file includes two documents, namely, phValue.csv and phValue.pcap. The IoT sensor (pH-sensor PH-4502C) is used to capture the IoT data.

-File 1.7 (Soil_Moisture): This file includes two documents, namely, Soil_Moisture.csv and Soil_Moisture.pcap. The IoT sensor (Soil Moisture Sensor v1.2) is used to capture the IoT data.

-File 1.8 (Sound_Sensor): This file includes two documents, namely, Sound_Sensor.csv and Sound_Sensor.pcap. The IoT sensor (LM393 Sound Detection Sensor) is used to capture the IoT data.

-File 1.9 (Temperature_and_Humidity): This file includes two documents, namely, Temperature_and_Humidity.csv and Temperature_and_Humidity.pcap. The IoT sensor (DHT11 Sensor) is used to capture the IoT data.

-File 1.10 (Water_Level): This file includes two documents, namely, Water_Level.csv and Water_Level.pcap. The IoT sensor (Water sensor) is used to capture the IoT data.

•File 2 (Attack traffic):

-File 2.1 (Attack traffic (CSV files)): This file includes 13 documents, namely, Backdoor_attack.csv, DDoS_HTTP_Flood_attack.csv, DDoS_ICMP_Flood_attack.csv, DDoS_TCP_SYN_Flood_attack.csv, DDoS_UDP_Flood_attack.csv, MITM_attack.csv, OS_Fingerprinting_attack.csv, Password_attack.csv, Port_Scanning_attack.csv, Ransomware_attack.csv, SQL_injection_attack.csv, Uploading_attack.csv, Vulnerability_scanner_attack.csv, XSS_attack.csv. Each document is specific for each attack.

-File 2.2 (Attack traffic (PCAP files)): This file includes 13 documents, namely, Backdoor_attack.pcap, DDoS_HTTP_Flood_attack.pcap, DDoS_ICMP_Flood_attack.pcap, DDoS_TCP_SYN_Flood_attack.pcap, DDoS_UDP_Flood_attack.pcap, MITM_attack.pcap, OS_Fingerprinting_attack.pcap, Password_attack.pcap, Port_Scanning_attack.pcap, Ransomware_attack.pcap, SQL_injection_attack.pcap, Uploading_attack.pcap, Vulnerability_scanner_attack.pcap, XSS_attack.pcap. Each document is specific for each attack.

•File 3 (Selected dataset for ML and DL):

-File 3.1 (DNN-EdgeIIoT-dataset): This file contains a selected dataset for the use of evaluating deep learning-based intrusion detection systems.

-File 3.2 (ML-EdgeIIoT-dataset): This file contains a selected dataset for the use of evaluating traditional machine learning-based intrusion detection systems.

Step 1: Downloading The Edge-IIoTset dataset From the Kaggle platform from google.colab import files

!pip install -q kaggle

files.upload()

!mkdir ~/.kaggle

!cp kaggle.json ~/.kaggle/

!chmod 600 ~/.kaggle/kaggle.json

!kaggle datasets download -d mohamedamineferrag/edgeiiotset-cyber-security-dataset-of-iot-iiot -f "Edge-IIoTset dataset/Selected dataset for ML and DL/DNN-EdgeIIoT-dataset.csv"

!unzip DNN-EdgeIIoT-dataset.csv.zip

!rm DNN-EdgeIIoT-dataset.csv.zip

Step 2: Reading the Datasets' CSV file to a Pandas DataFrame: import pandas as pd

import numpy as np

df = pd.read_csv('DNN-EdgeIIoT-dataset.csv', low_memory=False)

Step 3 : Exploring some of the DataFrame's contents: df.head(5)

print(df['Attack_type'].value_counts())

Step 4: Dropping data (Columns, duplicated rows, NAN, Null..): from sklearn.utils import shuffle

drop_columns = ["frame.time", "ip.src_host", "ip.dst_host", "arp.src.proto_ipv4","arp.dst.proto_ipv4",

 "http.file_data","http.request.full_uri","icmp.transmit_timestamp",

 "http.request.uri.query", "tcp.options","tcp.payload","tcp.srcport",

 "tcp.dstport", "udp.port", "mqtt.msg"]

df.drop(drop_columns, axis=1, inplace=True)

df.dropna(axis=0, how='any', inplace=True)

df.drop_duplicates(subset=None, keep="first", inplace=True)

df = shuffle(df)

df.isna().sum()

print(df['Attack_type'].value_counts())

Step 5: Categorical data encoding (Dummy Encoding): import numpy as np

from sklearn.model_selection import train_test_split

from sklearn.preprocessing import StandardScaler

from sklearn import preprocessing

def encode_text_dummy(df, name):

dummies = pd.get_dummies(df[name])

for x in dummies.columns:

dummy_name = f"{name}-{x}"

df[dummy_name] = dummies[x]

df.drop(name, axis=1, inplace=True)

encode_text_dummy(df,'http.request.method')

encode_text_dummy(df,'http.referer')

encode_text_dummy(df,"http.request.version")

encode_text_dummy(df,"dns.qry.name.len")

encode_text_dummy(df,"mqtt.conack.flags")

encode_text_dummy(df,"mqtt.protoname")

encode_text_dummy(df,"mqtt.topic")

Step 6: Creation of the preprocessed dataset df.to_csv('preprocessed_DNN.csv', encoding='utf-8')

For more information about the dataset, please contact the lead author of this project, Dr Mohamed Amine Ferrag, on his email: mohamed.amine.ferrag@gmail.com

More information about Dr. Mohamed Amine Ferrag is available at:

https://www.linkedin.com/in/Mohamed-Amine-Ferrag

https://dblp.uni-trier.de/pid/142/9937.html

https://www.researchgate.net/profile/Mohamed_Amine_Ferrag

https://scholar.google.fr/citations?user=IkPeqxMAAAAJ&hl=fr&oi=ao

https://www.scopus.com/authid/detail.uri?authorId=56115001200

https://publons.com/researcher/1322865/mohamed-amine-ferrag/

https://orcid.org/0000-0002-0632-3172

Last Updated: 27 Mar. 2023

Insights On Cyberbiosecurity Field

According to Cyberbiosecurity: A New Perspective on Protecting U.S. Food and Agricultural System: "The US's national data and infrastructure security issues affecting the “bioeconomy” are evolving rapidly. Simultaneously, the conversation about cyber security of the U.S. food and agricultural system (cyber biosecurity) is incomplete and disjointed. The food and agricultural production sectors influence over 20% of the nation's economy ($6.7T) and 15% of U.S. employment (43.3M jobs). The food and agricultural sectors are immensely diverse and they require advanced technologies and efficiencies that rely on computer technologies, big data, cloud-based data storage, and internet accessibility. There is a critical need to safeguard the cyber biosecurity of our bio economy, but currently protections are minimal and do not broadly exist across the food and agricultural system."

Cyberbiosecurity is an emerging discipline for protecting life sciences data, functions, operation, and the bio-economy. https://www.frontiersin.org/files/Articles/447748/fbioe-07-00063-HTML-r1/image_m/fbioe-07-00063-g001.jpg" alt="">

Insights On The Dataset

The BATtle of the Attack Detection ALgorithms (BATADAL) will objectively compare the performance of algorithms for the detection of cyber attacks in water distribution systems.

C-Town Public Utility (CPU) is the main water distribution system operator of C-Town (Figure 1). For many years, CPU has operated a static distribution topology. In the last year, CPU has introduced novel smart technology to enable remote data collection from sensors in the field, and remote control of actuators. Shortly after that new technology has been introduced, anomalous low levels in Tank T5 and high levels in Tank T1 were observed. A month later, a water overflow in Tank T1 occurred. While CPU personnel at the control center were able to see the anomalous readings for the first two episodes, Tank T1 overflow took place unexpectedly while the water level readings were always below the alarm thresholds and pumping operations appeared to be normal. Searching for the causes, CPU engineers suspect potential cyber-attacks for all these episodes. In particular, they are considering adversaries that are able to activate and deactivate the actuators in C-Town, as well as altering the readings of the sensors deployed in the network and the reported status of actuators, and interfering with the connections established between networked components. The participants' task is thus to develop an online alert system for cyber-physical attacks.

Additional Information About The Dataset From Other Papers: - SCADA data are real-time, field-based network measurements (tank water level, pump flow, etc.) transmitted to the central system by programmable logic controllers (PLCs) - C-Town consists of 388 nodes linked with 429 pipes and is divided into 5 district metered areas (DMAs). - More specifically, the SCADA data include the water level at all 7 tanks of the network (T1–T7), status and flow of all 11 pumps (PU1–PU11) and the one actuated valve (V2) of the network, and pressure at 24 pipes of the network that correspond to the inlet and outlet pressure of the pumps and the actuated valve.

https://ascelibrary.org/cms/asset/1375ee5f-cc1e-498f-8a03-1180c61ee9fe/figure1.jpg" alt="">

Graph Annotation: - L_T #: water level of a tank # [meter].​ - S_PU # or S_V # : status of a pump # or a valve # [dmnl]. Binary signal.​ - F_PU # or F_V # : flowrate of a pump # or a valve # [L/s].​ - P_J # : inlet and outlet pressure for a junction # [meter].

Dataset Details (TL:DR): - There are 43 columns and a 1/0 label column, with 1 meaning that the system is under attack and 0 meaning that the system is in normal operation. - Training Dataset 1: This dataset was released on November 20 2016, and it was generated from a one-year long simulation. The dataset does not contain any attacks, i.e. all the data pertains to C-Town normal operations. - Training Dataset 2: This dataset with partially labeled data was released on November 28 2016. The dataset is around 6 months long and contains several attacks, some of which are approximately labeled. - Test Dataset: This 3-months long dataset contains several attacks but no labels. The dataset was released on February 20 2017, and it is used to compare the performance of the algorithms (see rules document for details).

Notes

• More information about the BATADAL dataset and the 2017-2018 competition can be found in here. Paper of the competition is publicly available [here](https://par.nsf.gov/servlets/purl/1010...

Kitsune Network Attack Dataset This is a collection of nine network attack datasets captured from a either an IP-based commercial surveillance system or a network full of IoT devices. Each dataset contains millions of network packets and diffrent cyber attack within it.

For each attack, you are supplied with:

A preprocessed dataset in csv format (ready for machine learning) The corresponding label vector in csv format The original network capture in pcap format (in case you want to engineer your own features)

We will now describe in detail what's in these datasets and how they were collected.

The Network Attacks We have collected a wide variety of attacks which you would find in a real network intrusion. The following is a list of the cyber attack datasets avalaible:

https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F827271%2F79e305668553e521b0709a2413323c45%2Fkaggle_dataset_table.png?generation=1598461684070844&alt=media" alt="image" width="100">

For more details on the attacks themselves, please refer to our NDSS paper (citation below).

The Data Collection The following figure presents the network topologies which we used to collect the data, and the corrisponding attack vectors at which the attacks were performed. The network capture took place at point 1 and point X at the router (where a network intrusion detection system could feasibly be placed). For each dataset, clean network traffic was captured for the first 1 million packets, then the cyber attack was performed.

The Dataset Format Each preprocessed dataset csv has m rows (packets) and 115 columns (features) with no header. The 115 features were extracted using our AfterImage feature extractor, described in our NDSS paper (see below) and available in Python here. In summary, the 115 features provide a statistical snapshot of the network (hosts and behaviors) in the context of the current packet traversing the network. The AfterImage feature extractor is unique in that it can efficiently process millions of streams (network channels) in real-time, incrementally, making it suitable for handling network traffic.

Citation If you use these datasets, please cite:

@inproceedings{mirsky2018kitsune, title={Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection}, author={Mirsky, Yisroel and Doitshman, Tomer and Elovici, Yuval and Shabtai, Asaf}, booktitle={The Network and Distributed System Security Symposium (NDSS) 2018}, year={2018} }

The CICIoT2023 dataset is a comprehensive and modern dataset designed for research in Internet of Things (IoT) security, particularly for intrusion detection and anomaly detection systems. Released by the Canadian Institute for Cybersecurity (CIC), this dataset reflects real-world IoT network traffic and attack scenarios, providing a valuable resource for machine learning and cybersecurity research.

The dataset was generated using a realistic testbed that simulates various IoT devices communicating over a network, including smart TVs, webcams, smart thermostats, and wearable devices. It captures both benign traffic and a wide variety of attack types such as Denial of Service (DoS), Distributed Denial of Service (DDoS), brute-force attacks, botnets, reconnaissance, and more advanced threats.

Key Features of CICIoT2023:

Contains a mix of normal and malicious IoT network traffic.

Includes 34 distinct attack types, covering modern and advanced cyber threat scenarios.

Provides labeled data suitable for supervised machine learning models.

Offers extracted network flow features (e.g., packet size, duration, flags, statistical summaries) which can be used for traffic classification and anomaly detection.

Supports research in intrusion detection, anomaly detection, and IoT security strategy development.

This dataset helps bridge the gap between traditional network security datasets and the unique, evolving patterns of IoT device communication, making it an excellent benchmark for evaluating the performance of AI-based security solutions.

I have further broken downed the data into these 3 parts Train: (5491971, 47) Validation: (1176851, 47) Test: (1176851, 47)

UNSW-NB15 is a network intrusion dataset. It contains nine different attacks, includes DoS, worms, Backdoors, and Fuzzers. The dataset contains raw network packets. The number of records in the training set is 175,341 records and the testing set is 82,332 records from the different types, attack and normal.

Paper: UNSW-NB15: a comprehensive data set for network intrusion detection systems

and contextual features

Title: System Call Traces from Real and Synthetic Sources

Description: This dataset comprises a collection of system call procedure traces collected across various devices and environments. It includes both real-world system call sequences (captured from actual android operating systems) and synthetically generated sequences designed to simulate realistic system behavior.

The data is structured to support a range of use cases, including:

Intrusion detection systems Anomaly detection Behavioral profiling of applications

The dataset is ideal for training and evaluating machine learning models that require low-level OS interaction data. By including both real and synthetic traces, it allows for balanced experimentation in controlled and uncontrolled conditions.

Features:

Real system call traces from multiple devices Synthetic traces designed to mimic real patterns Labelled for supervised learning tasks (if applicable) Suitable for time-series, classification, or sequence modeling

Intended Use: This dataset can be used in academic research, cybersecurity benchmarking, and development of intelligent systems call analysis tools.

To cite the dataset please reference it as Y. Kim, S. Hakak, and A. Ghorbani. "DDoS Attack Dataset (CICEV2023) against EV Authentication in Charging Infrastructure," in 2023 20th Annual International Conference on Privacy, Security and Trust (PST), IEEE Computer Society, pp. 1-9, August 2023.

Explore a comprehensive dataset capturing DDoS attack scenarios within electric vehicle (EV) charging infrastructure. This dataset features diverse machine learning attributes, including packet access counts, system status details, and authentication profiles across multiple charging stations and grid services. Simulated attack scenarios, authentication protocols, and extensive profiling results offer invaluable insights for training and testing detection models in safeguarding EV charging systems against cyber threats.

https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F5737185%2F2dec3a047fec426e0b6d2f7672d25016%2Fadjusted-5221113.jpg?generation=1743055158796994&alt=media" alt=""> Figure 1: Proposed simulator structure, source: Y. Kim, S. Hakak, and A. Ghorbani.

Acknowledgment :

The authors sincerely appreciate the support provided by the Canadian Institute for Cybersecurity (CIC), as well as the funding received from the Canada Research Chair and the Atlantic Canada Opportunities Agency (ACOA).

Reference :

Y. Kim, S. Hakak, and A. Ghorbani. "DDoS Attack Dataset (CICEV2023) against EV Authentication in Charging Infrastructure," in 2023 20th Annual International Conference on Privacy, Security and Trust (PST), IEEE Computer Society, pp. 1-9, August 2023.

The TII-SSRC-23 dataset offers a comprehensive collection of network traffic patterns, meticulously compiled to support the development and research of Intrusion Detection Systems (IDS). It presents a dual structure: one part provides a tabular representation of extracted features in CSV format, while the other offers raw network traffic data for each type of traffic in PCAP files. This rich dataset captures both benign and malicious network scenarios, serving as an invaluable resource for researchers in the machine learning field.

URL: https://www.kaggle.com/datasets/daniaherzalla/tii-ssrc-23

With the modern day technological advancements and the evolution of Industry 4.0

Description:

👉 Download the dataset here

This dataset has been meticulously curated to facilitate. The development and training of machine learning models specifically designed for detecting Suspicious Activity Detection Dataset. With a primary focus on shoplifting. The dataset is organized into two distinct categories: 'Suspicious' and 'Normal' activities. These classifications are intended to help models differentiate between typical behaviors and actions that may warrant further investigation in a retail setting.

Download Dataset

Structure and Organization

The dataset is structured into three main directories-train, test, and validation-each containing a balanced distribution of images from both categories. This structured approach ensures that the model is trained effectively, evaluated comprehensively, and validated on a diverse set of scenarios.

Train Folder: Contains a substantial number of images representing both suspicious and normal activities. This folder serves as the primary dataset for training the model, allowing it to learn and generalize patterns from a wide variety of scenarios.

Test Folder: Designed for evaluating the model's performance post-training, this folder contains a separate set of labeled images. The test data allows for unbiased performance evaluation, ensuring that the model can generalize well to unseen situations.

Validation Folder: This additional split is used during the model training process to tune hyperparameters and prevent overfitting by testing the model's accuracy on a smaller, separate dataset before final testing.

Labels and Annotations

Each image is accompanied by a corresponding label that indicates whether the activity is 'Suspicious' or 'Normal.' The dataset is fully labeled, making it ideal for supervised learning tasks. Additionally, the labels provide contextual information such as the type of activity or the environment in which it occurred, further enriching the dataset for nuanced model training.

Use Cases and Applications

This dataset is particularly valuable for Al applications in the retail industry, where detecting potential shoplifting or suspicious behaviors is crucial for loss prevention. The dataset can be used to train models for:

Real-Time Surveillance Systems: Integrate Al-driven models into surveillance cameras to detect and alert security personnel to potential threats.

Retail Analytics: Use the dataset to identify patterns in customer behavior, helping retailers optimize their store layouts or refine security measures.

Anomaly Detection: Extend the dataset's application beyond shoplifting to other suspicious activities, such as unauthorized access or vandalism in different environments.

Key Features

High-Quality Image Data: Each image is captured in various retail environments, providing a broad spectrum of lighting conditions, angles, and occlusions to challenge model performance.

Detailed Annotations: Beyond simple categorization, each image includes metadata that offers deeper insights, such as activity type, timestamp, and environmental conditions.

Scalable and Versatile: The dataset's comprehensive structure and annotations make it versatile for use in not only retail but also other security-critical environments like airports or stadiums.

Conclusion

This dataset offers a robust foundation for developing advanced machine learning. Models tailored for real-time activity detection. Providing critical tools for retail security, surveillance systems, and anomaly detection applications. With its rich variety of label data and organize structure. The Suspicious Activity Detection Dataset serves. As a valuable resource for any Al project focusing on enhancing safety and security through visual recognition.

This dataset is sourced from Kaggle.

This dataset provides a detailed look into transactional behavior and financial activity patterns, ideal for exploring fraud detection and anomaly identification. It contains 2,512 samples of transaction data, covering various transaction attributes, customer demographics, and usage patterns. Each entry offers comprehensive insights into transaction behavior, enabling analysis for financial security and fraud detection applications.

Key Features:

• TransactionID: Unique alphanumeric identifier for each transaction.
• AccountID: Unique identifier for each account, with multiple transactions per account.
• TransactionAmount: Monetary value of each transaction, ranging from small everyday expenses to larger purchases.
• TransactionDate: Timestamp of each transaction, capturing date and time.
• TransactionType: Categorical field indicating 'Credit' or 'Debit' transactions.
• Location: Geographic location of the transaction, represented by U.S. city names.
• DeviceID: Alphanumeric identifier for devices used to perform the transaction.
• IP Address: IPv4 address associated with the transaction, with occasional changes for some accounts.
• MerchantID: Unique identifier for merchants, showing preferred and outlier merchants for each account.
• AccountBalance: Balance in the account post-transaction, with logical correlations based on transaction type and amount.
• PreviousTransactionDate: Timestamp of the last transaction for the account, aiding in calculating transaction frequency.
• Channel: Channel through which the transaction was performed (e.g., Online, ATM, Branch).
• CustomerAge: Age of the account holder, with logical groupings based on occupation.
• CustomerOccupation: Occupation of the account holder (e.g., Doctor, Engineer, Student, Retired), reflecting income patterns.
• TransactionDuration: Duration of the transaction in seconds, varying by transaction type.
• LoginAttempts: Number of login attempts before the transaction, with higher values indicating potential anomalies.

This dataset is ideal for data scientists, financial analysts, and researchers looking to analyze transactional patterns, detect fraud, and build predictive models for financial security applications. The dataset was designed for machine learning and pattern analysis tasks and is not intended as a primary data source for academic publications.

This binary dataset is based on “WUSTL-IIoT-2021: A New Dataset for Industrial IoT Intrusion Detection Systems” (Zolanvari et al., 2021), originally published on IEEE DataPort (https://doi.org/10.21227/h5c2-dq55) under a CC BY 4.0 license and also at "https://www.cse.wustl.edu/~jain/iiot2/index.html".

This version is fr binary classification of the IIoT traffic flows as attacks or not.

It includes

1. The original Dataset.

2. The corrected dataset In the original release, the IdleTime column recorded the exact end time of the last occurrence of the same flow, rather than indicating the time gap between the current flow's start time and the previous occurrence's end time. The correction ensures that IdleTime now accurately reflects this intended temporal relationship, thereby improving the consistency and reliability of the time-based features for subsequent machine learning analysis.

3. The unbalanced train data and the test dataset are derived from the corrected dataset.

4. The balanced train dataset using SMOTE, ENN, & LOF.

Description:

👉 Download the dataset here

The 5Char CAPTCHA Dataset is specifically curated to facilitate the training and testing of machine learning models for CAPTCHA recognition. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) images are a widely used method to prevent bots from interacting with web services by presenting characters or digits that humans can easily recognize but are difficult for automated systems to decode. This dataset includes a collection of CAPTCHA images that consist of five alphanumeric characters, making it ideal for developing models aimed at breaking or solving CAPTCHA challenges.

Dataset Overview:

Total Images: 1000 CAPTCHA images.

Image Format: PNG.

Image Resolution: Each image has a resolution of 180×50 pixels.

Character Count: Every CAPTCHA image contains exactly 5 characters, which could be any combination of uppercase letters (A-Z) and digits (0-9).

Download Dataset

Data Structure:

The dataset is structured into a folder named “captcha_dataset,” which contains 1000 CAPTCHA images. Each image is uniquely named according to the characters it contains. For example, an image with the filename “AB123.png” corresponds to a CAPTCHA where the string “AB123” is displayed. This naming convention makes it easy to extract labels directly from the filenames without needing a separate annotation file.

Potential Applications:

Security Testing: Develop CAPTCHA-solving AI to assess the robustness of CAPTCHA-based security systems.

OCR Enhancement: Use the dataset to improve the accuracy of OCR technologies in recognizing distorted or noisy text in real-world applications.

Web Automation: Implement automated CAPTCHA-solving bots for various web-based tasks like form submissions, web scraping, or accessing restricted content.

CAPTCHA Generation: Train AI to generate new CAPTCHA variations to further enhance security or develop new CAPTCHA systems for websites.

Conclusion:

The 5Char CAPTCHA Dataset is an excellent resource for those working on CAPTCHA recognition, security solutions, and OCR technologies. It presents a range of challenges that can help push the boundaries of existing models, providing an opportunity to improve machine learning techniques in image processing, particularly for security-based applications.

This dataset is sourced from Kaggle.

Description:

👉 Download the dataset here

The dataset comprises over 1000+ original Television/TV images, captured and crowdsourced from over 400+ urban and rural areas. Each image has been manually reviewed and verified by computer vision professionals at DataCluster Labs, ensuring high quality and accuracy. This dataset presents a significant challenge for machine learning models due to its diverse conditions and settings.

Download Dataset

Dataset Features

Size: 1000+ images

Contributors: Over 1000+ crowdsource contributors

Resolution: 98% of the images are HD and above (1920×1080 and higher)

Geographical Diversity: Captured across 400+ cities throughout India

Lighting Conditions: Includes various lighting scenarios such as day and night, and different distances and viewpoints

Device Used: Captured using mobile phones during 2022-2023

Usage: Ideal for enhancing real-world applications such as smart home systems, retail analytics, and security monitoring

Available Annotation Formats

COCO

YOLO

PASCAL-VOC

Tf-Record

Ownership and Licensing

DataCluster Labs exclusively owns the images in this dataset, which were not sourced from the internet. A license can be purchased to access a larger portion of the training dataset for research and commercial purposes.

Applications and Use Cases

Smart Home Systems: Improve the accuracy of TV detection and interaction in smart home environments.

Retail Analytics: Utilize the dataset to analyze consumer behavior and optimize in-store experiences.

Security Monitoring: Enhance security systems by improving the detection and recognition of TVs in various settings.

Computer Vision Research: Provide a challenging and diverse dataset for developing advanced computer vision algorithms.

This dataset is sourced from Kaggle.

The provided dataset includes 11430 URLs with 87 extracted features. The dataset are designed to be used as a a benchmark for machine learning based phishing detection systems. Features are from three different classes: 56 extracted from the structure and syntax of URLs, 24 extracted from the content of their correspondent pages and 7 are extracetd by querying external services. The datatset is balanced, it containes exactly 50% phishing and 50% legitimate URLs. Associated to the dataset, we provide Python scripts used for the extraction of the features for potential replication or extension. Datasets are constructed on May 2020.

dataset_A: contains a list a URLs together with their DOM tree objects that can be used for replication and experimenting new URL and content-based features overtaking short-time living of phishing web pages.

dataset_B: containes the extracted feature values that can be used directly as inupt to classifiers for examination. Note that the data in this dataset are indexed with URLs so that one need to remove the index before experimentation.

The Face Key Point Detection market is experiencing robust growth, driven by the increasing adoption of facial recognition technologies across diverse sectors. This surge is fueled by advancements in deep learning algorithms, leading to improved accuracy and efficiency in detecting key facial features. Applications span a wide range, from security and surveillance systems leveraging face recognition for authentication and identification, to the burgeoning field of emotion AI, using expression recognition for personalized user experiences. Head pose recognition further enhances the capabilities, enabling more natural and intuitive human-computer interactions. The market is segmented by application (Face Recognition, Expression Recognition, Head Pose Recognition, Others) and by the methods used (Holistic Approach, Constrained Local Model (CLM) Method, Regression-Based Methods). The holistic approach, offering a comprehensive analysis of the entire face, is currently dominant, although CLM and regression-based methods are gaining traction due to their computational efficiency. Major players like ULUCU, Roboflow, Oosto, and MathWorks are driving innovation and market penetration, while platforms like GitHub and Kaggle facilitate community development and resource sharing. Geographical growth is widespread, with North America and Europe currently leading the market due to higher technological adoption and infrastructure. However, the Asia-Pacific region is poised for significant expansion fueled by rapid technological advancements and growing demand in sectors like security and consumer electronics. The market's continued growth trajectory is projected to be influenced by several factors. The increasing availability of large, high-quality facial datasets for training advanced algorithms will enhance accuracy and reliability. Furthermore, the integration of face key point detection with other technologies like augmented reality (AR) and virtual reality (VR) will unlock new applications in entertainment, healthcare, and retail. However, challenges remain, including concerns surrounding data privacy and ethical considerations related to facial recognition technology. Addressing these concerns through robust regulatory frameworks and responsible development practices will be crucial for the market's sustainable and ethical growth. Considering a conservative CAGR of 15% (a reasonable estimate given the rapid technological advancements in this space), the market size, currently estimated around $1.5 billion in 2025, is likely to exceed $4 billion by 2033.

The CICIoT2023 dataset is a large-scale, realistic intrusion detection dataset designed to support security analytics and machine learning research in the Internet of Things (IoT) domain. Created by the Canadian Institute for Cybersecurity (CIC), the dataset captures 33 different types of attacks (including DDoS, DoS, Recon, Web-based, Brute Force, Spoofing, and Mirai) executed by malicious IoT devices against other IoT targets.

The testbed consists of 105 real IoT devices of different types and manufacturers, including smart home devices and industrial equipment, configured in a complex network topology to emulate real-world conditions. The dataset includes benign and malicious traffic in various formats and supports feature extraction for both traditional ML and deep learning models.

This dataset aims to address the lack of diversity and scale in previous IoT security datasets, offering a robust benchmark for evaluating intrusion detection systems (IDS) and enabling research in IoT cybersecurity, anomaly detection, and network forensics.

Source https://www.mdpi.com/1424-8220/23/13/5941