Datasets‎ > ‎

Car-Hacking Dataset

Car-Hacking Dataset for the intrusion detection


As modern vehicles have lots of connectivity, protecting in-vehicle network from cyber-attacks becomes an important issue. Controller Area Network (CAN) is a de facto standard for the in-vehicle network. But, lack of security features of CAN protocol makes vehicles vulnerable to attacks. The message injection attack is a representative attack type which injects fabricated messages to deceive original ECUs or cause malfunctions. Thus we open our datasets to the public to foster further car security research.

1. Dataset

We provide car-hacking datasets which include DoS attack, fuzzy attack, spoofing the drive gear, and spoofing the RPM gauge. Datasets were constructed by logging CAN traffic via the OBD-II port from a real vehicle while message injection attacks were performing. Datasets contain each 300 intrusions of message injection. Each intrusion performed for 3 to 5 seconds, and each dataset has total 30 to 40 minutes of the CAN traffic.

    1.    DoS Attack : Injecting messages of ‘0000’ CAN ID every 0.3 milliseconds. ‘0000’ is the most dominant.
    2.    Fuzzy Attack : Injecting messages of totally random CAN ID and DATA values every 0.5 milliseconds.
    3.    Spoofing Attack (RPM/gear) : Injecting messages of certain CAN ID related to RPM/gear information every 1 millisecond.

1.1 Data attributes

Timestamp, CAN ID, DLC, DATA[0], DATA[1], DATA[2], DATA[3], DATA[4], DATA[5], DATA[6], DATA[7], Flag

    1.    Timestamp : recorded time (s)
    2.    CAN ID : identifier of CAN message in HEX (ex. 043f)
    3.    DLC : number of data bytes, from 0 to 8
    4.    DATA[0~7] : data value (byte)
    5.    Flag : T or R, T represents injected message while R represents normal message

1.2 Overview of datasets

 Attack Type# of messages  # of normal messages # of injected messages
 DoS Attack3,665,771 3,078,250 587,521 
Fuzzy Attack 3,838,860 3,347,013 491,847 
Spoofing the
drive gear
4,443,142 3,845,890 597,252 
Spoofing the
RPM gauze
4,621,7023,966,805 654,897 
 GIDS: Attack-free 
988,987 988,872 -


For academic purposes, we are happy to release our datasets. If you want to use our dataset for your experiment, please cite our paper.

    1.    DoS Attack 
    2.    Fuzzy Attack 
    3.    Spoofing the drive gear 
    4.    Spoofing the RPM gauge
    5.    Attack-free (normal)

If you want to download dataset, please fill out the questionnaire at the following URL.
We will send you the download URL by e-mail.

2. Publication
  • Seo, Eunbi, Hyun Min Song, and Huy Kang Kim. "GIDS: GAN based Intrusion Detection System for In-Vehicle Network." 2018 16th Annual Conference on Privacy, Security and Trust (PST). IEEE, 2018.'
  • We’ve found some errors in table 2 in the original paper (PST version). Please see the arXiv version of paper. In the arXiv version, we’ve fixed the numbers after doing additional experiment. Download full paper 
  • Download citation in BibTex

    3. Contact

    Huy Kang Kim (cenda at