Sampath Rajapaksha, Harsha Kalutarage (Robert Gordon University, UK), Garikayi Madzudzo (Horiba Mira Ltd, UK), Andrei Petrovski (Robert Gordon University, UK), M.Omar Al-Kadri (University of Doha for Science and Technology)
The Controller Area Network (CAN Bus) has emerged as the de facto standard for in-vehicle communication. However, the CAN bus lacks security features, such as encryption and authentication, making it vulnerable to cyberattacks. In response, the current literature has prioritized the development of Intrusion Detection Systems (IDSs). Nevertheless, the progress of IDS research encounters significant obstacles due to the absence of high-quality, publicly available real CAN data, especially data featuring realistic, verified attacks. This scarcity primarily arises from the substantial cost and associated risks involved in generating real attack data on moving vehicles. Addressing this challenge, this paper introduces a novel CAN bus attack dataset collected from a modern automobile equipped with autonomous driving capabilities, operating under real-world driving conditions. The dataset includes 17 hours of benign data, covering a wide range of scenarios, crucial for training IDSs. Additionally, it comprises 26 physically verified real injection attacks, including Denial-of-Service (DoS), fuzzing, replay, and spoofing, targeting 13 CAN IDs. Furthermore, the dataset encompasses 10 simulated masquerade and suspension attacks, offering 2 hours and 54 minutes of attack data. This comprehensive dataset facilitates rigorous testing and evaluation of various IDSs against a diverse array of realistic attacks, contributing to the enhancement of in-vehicle security.