This repository contains accompanying materials to our work entitled IoT-Scan. The data in this repository stems from real-world device activity, but has been anonymized to allow for unproblematic experimentation with real device traffic pattern data without the need to undertake further privacy protection measures.
Trace files contain anonymized activity time series of one or more device per file. Each trace file is a JSON-formatted text file containing the following data structure:
{
"src": <a hash of the source PCAP file path>,
"entries": <number of entries>,
"duration": <duration in seconds>,
"devices": [
<list of device hashes>
],
"device_stats": {
"samples": {
<map of device IDs to their number of samples>
...
},
"mean": {
<map of device IDs to their mean arrival times in seconds>
...
},
"lambda": {
<map of device IDs to their arrival rates (assuming memorylessness)>
...
},
"stdev": {
<map of device IDs to their standard deviation of arrival times>
...
}
},
"time_series": [
<list of [timestamp, device ID] tuples of device activity>
...
]
}
The data collected in these traces stems from real devices under the control of the authors, recorded as discussed in the publication referenced below. In order to remove any risk of disclosing private information contained in payloads transmitted by these devices, and to reduce the complexity of evaluating these traces in experiments dealing mainly with discovery time and traffic patterns, these traces have been reduced to time series containing timestamps and anonymized device IDs, but no payloads. Anonymized device IDs are generated by SHA256-hashing the original device ID contained in the source files.
As such, we view the data in this repository to be free of any conceivable real-world privacy concerns for those using it as source material for any kind of experiment.
These materials may be freely used and distributed, provided that attribution to this original source is acknowledged. If you use the data in this repository, we kindly ask that you refer to the following work:
Stefan Gvozdenovic, Johannes K Becker, John Mikulskis, and David Starobinski, "Multi-Protocol IoT Network Reconnaissance," 10th annual IEEE Conference on Communications and Network Security (IEEE CNS) 2022, Austin, TX, October 2022.
To our knowledge, these traces have been used by the following works:
Johannes K Becker and David Starobinski, "Optimizing Freshness in IoT Scans," 8th IEEE World Forum on Internet of Things (IEEE WF-IoT) 2022, Yokohama, Japan, November 2022.
If you are using these traces in your work and would like to be featured in this list, kindly create an issue in this repository and provide us with the reference if you would like it to be featured here.