Car-Hacking Dataset

Car-Hacking Dataset for the intrusion detection


As modern vehicles have lots of connectivity, protecting in-vehicle network from cyber-attacks becomes an important issue. Controller Area Network (CAN) is a de facto standard for the in-vehicle network. But, lack of security features of CAN protocol makes vehicles vulnerable to attacks. The message injection attack is a representative attack type which injects fabricated messages to deceive original ECUs or cause malfunctions. Thus we open our datasets to the public to foster further car security research.

1. Dataset

We provide car-hacking datasets which include DoS attack, fuzzy attack, spoofing the drive gear, and spoofing the RPM gauge. Datasets were constructed by logging CAN traffic via the OBD-II port from a real vehicle while message injection attacks were performing. Datasets contain each 300 intrusions of message injection. Each intrusion performed for 3 to 5 seconds, and each dataset has total 30 to 40 minutes of the CAN traffic.

    1.    DoS Attack : Injecting messages of ‘0000’ CAN ID every 0.3 milliseconds. ‘0000’ is the most dominant.

    2.    Fuzzy Attack : Injecting messages of totally random CAN ID and DATA values every 0.5 milliseconds.

    3.    Spoofing Attack (RPM/gear) : Injecting messages of certain CAN ID related to RPM/gear information every 1 millisecond.

1.1 Data attributes

Timestamp, CAN ID, DLC, DATA[0], DATA[1], DATA[2], DATA[3], DATA[4], DATA[5], DATA[6], DATA[7], Flag

    1.    Timestamp : recorded time (s)

    2.    CAN ID : identifier of CAN message in HEX (ex. 043f)

    3.    DLC : number of data bytes, from 0 to 8

    4.    DATA[0~7] : data value (byte)

    5.    Flag : T or R, T represents injected message while R represents normal message

1.2 Overview of datasets


For academic purposes, we are happy to release our datasets. If you want to use our dataset for your experiment, please cite our paper.

    1.    DoS Attack 

    2.    Fuzzy Attack 

    3.    Spoofing the drive gear 

    4.    Spoofing the RPM gauge

    5.    Attack-free (normal)

Please connect to the link below to download this dataset.

2. Publication

3. Contact

Huy Kang Kim (cenda at

4. see also

Please see the page [HCRL/Datasets] to find out more in-vehicle IDS datasets or other datasets that we have.