Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ https://doi.org/10.5...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
https://doi.org/10.5281/zenodo...
Dataset . 2020
Data sources: Sygma
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
ZENODO
Dataset . 2020
Data sources: Datacite
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
ZENODO
Dataset . 2020
Data sources: Datacite
ZENODO
Dataset . 2020
Data sources: ZENODO
 View all 3 versions
Claim

This Research product is the result of merged Research products in OpenAIRE.

You have already added 0 works in your ORCID record related to the merged Research product.

IoT-deNAT: Outbound flow-based network traffic data of IoT and non-IoT devices behind a home NAT

Research datakeyboard_double_arrow_right Dataset 01 Jul 2020 English Publisher:ZenodoFunded by:EC | CONCORDIA
Authors: Meidan, Yair; Sachidananda, Vinay; Peng, Hongyi; Sagron, Racheli; Elovici, Yuval; Shabtai, Asaf;

doi: 10.5281/zenodo.3924769 , 10.5281/zenodo.3924770

IoT-deNAT: Outbound flow-based network traffic data of IoT and non-IoT devices behind a home NAT

Abstract

This dataset is comprised of NetFlow records, which capture the outbound network traffic of 8 commercial IoT devices and 5 non-IoT devices, collected during a period of 37 days in a lab at Ben-Gurion University of The Negev. The dataset was collected in order to develop a method for telecommunication providers to detect vulnerable IoT models behind home NATs. Each NetFlow record is labeled with the device model which produced it; for research reproducibilty, each NetFlow is also allocated to either the "training" or "test" set, in accordance with the partitioning described in: Y. Meidan, V. Sachidananda, H. Peng, R. Sagron, Y. Elovici, and A. Shabtai, A novel approach for detecting vulnerable IoT devices connected behind a home NAT, Computers & Security, Volume 97, 2020, 101968, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2020.101968. (http://www.sciencedirect.com/science/article/pii/S0167404820302418) Please note: The dataset itself is free to use, however users are requested to cite the above-mentioned paper, which describes in detail the research objectives as well as the data collection, preparation and analysis. Following is a brief description of the features used in this dataset. # NetFlow features, used in the related paper for analysis 'FIRST_SWITCHED': System uptime at which the first packet of this flow was switched 'IN_BYTES': Incoming counter for the number of bytes associated with an IP Flow 'IN_PKTS': Incoming counter for the number of packets associated with an IP Flow 'IPV4_DST_ADDR': IPv4 destination address 'L4_DST_PORT': TCP/UDP destination port number 'L4_SRC_PORT': TCP/UDP source port number 'LAST_SWITCHED': System uptime at which the last packet of this flow was switched 'PROTOCOL': IP protocol byte (6: TCP, 17: UDP) 'SRC_TOS': Type of Service byte setting when there is an incoming interface 'TCP_FLAGS': Cumulative of all the TCP flags seen for this flow # Features added by the authors 'IP': Prefix of the destination IP address, representing the network (without the host) 'DURATION': Time (seconds) between first/last packet switching # Label 'device_model': <type>.<manufacturer>.<model number> # Partition 'partition': Training or test # Additional NetFlow features (mostly zero-variance) 'SRC_AS': Source BGP autonomous system number 'DST_AS': Destination BGP autonomous system number 'INPUT_SNMP': Input interface index 'OUTPUT_SNMP': Output interface index 'IPV4_SRC_ADDR': IPv4 source address 'MAC': MAC address of the source # Additional data 'category': IoT or non-IoT 'type': IoT, access_point, smartphone, laptop 'date': Datepart of FIRST_SWITCHED 'inter_arrival_time': Time (seconds) between successive flows of the same device (identified by its MAC address)

{"references": ["Meidan et al. (2020). A Novel Approach for Detecting Vulnerable IoT Devices Connected Behind a Home NAT. Computers & Security"]}

Related Organizations
Keywords

Internet of Things (IoT), network traffic data, NetFlow, device identification, Network Address Translation (NAT), deNAT

  • BIP!
    Impact byBIP!
    citations
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 1
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
    OpenAIRE UsageCounts
    Usage byUsageCounts
    visibility views 504
    download downloads 33
  • 504
    views
    33
    downloads
    Powered byOpenAIRE UsageCounts
Powered by OpenAIRE graph
Found an issue? Give us feedback
visibility
download
citations
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
views
OpenAIRE UsageCountsViews provided by UsageCounts
downloads
OpenAIRE UsageCountsDownloads provided by UsageCounts
1
Average
Average
Average
504
33
Funded by