Datasets‎ > ‎

Car-Hacking Dataset

Car-Hacking Dataset for the intrusion detection


As modern vehicles have lots of connectivity, protecting in-vehicle network from cyber-attacks becomes an important issue. Controller Area Network (CAN) is a de facto standard for the in-vehicle network. But, lack of security features of CAN protocol makes vehicles vulnerable to attacks. The message injection attack is a representative attack type which injects fabricated messages to deceive original ECUs or cause malfunctions. Thus we open our datasets to the public to foster further car security research.

1. Dataset

We provide car-hacking datasets which include DoS attack, fuzzy attack, spoofing the drive gear, and spoofing the RPM gauge. Datasets were constructed by logging CAN traffic via the OBD-II port from a real vehicle while message injection attacks were performing. Datasets contain each 300 intrusions of message injection. Each intrusion performed for 3 to 5 seconds, and each dataset has total 30 to 40 minutes of the CAN traffic.

    1.    DoS Attack : Injecting messages of ‘0000’ CAN ID every 0.3 milliseconds. ‘0000’ is the most dominant.
    2.    Fuzzy Attack : Injecting messages of totally random CAN ID and DATA values every 0.5 milliseconds.
    3.    Spoofing Attack (RPM/gear) : Injecting messages of certain CAN ID related to RPM/gear information every 1 millisecond.

1.1 Data attributes

Timestamp, CAN ID, DLC, DATA[0], DATA[1], DATA[2], DATA[3], DATA[4], DATA[5], DATA[6], DATA[7], Flag

    1.    Timestamp : recorded time (s)
    2.    CAN ID : identifier of CAN message in HEX (ex. 043f)
    3.    DLC : number of data bytes, from 0 to 8
    4.    DATA[0~7] : data value (byte)
    5.    Flag : T or R, T represents injected message while R represents normal message

1.2 Overview of datasets

 Attack Type# of messages  # of normal messages # of injected messages
 DoS Attack3,665,771 3,078,250 587,521 
Fuzzy Attack 3,838,860 2,759,492 1,079,368 
Spoofing the
drive gear
4,443,142 2,766,522 1,676,620 
Spoofing the
RPM gauze
4,621,7022,290,185 2,331,517 


For academic purposes, we are happy to release our datasets. If you have any question, please send an email.
    1.    DoS Attack [csv]
    2.    Fuzzy Attack [csv]
    3.    Spoofing the drive gear [csv]
    4.    Spoofing the RPM gauge [csv]

2. Publication
To be appeared 

3. Contact
Huy Kang Kim (cenda at