CAN-Intrusion-Dataset (OTIDS) – Car Hacking Dataset for Intrusion Detection
Abstract
"Real in-vehicle CAN bus traffic from a Kia Soul logged via OBD-II port, including normal operation and three types of message injection attacks (DoS, fuzzy, impersonation) for intrusion detection research.[web:224][web:225][web:221]"
Description
Overview
The CAN-Intrusion-Dataset (OTIDS) from the Hacking and Countermeasure Research Lab (HCRL) contains CAN bus traffic captured from a real Kia Soul vehicle while performing controlled message injection attacks.[web:224][web:225][web:221]
Data Collection
- CAN traffic was logged via the vehicle's OBD-II port during normal driving and under attack scenarios.[web:224][web:225]
- The dataset comprises 4,613,435 CAN messages in total, divided into 2,369,397 normal messages, 591,989 fuzzy attack messages, 656,578 DoS attack messages, and 995,471 impersonation attack messages.[web:221]
- Attacks were synthetically injected into the real CAN bus to simulate realistic intrusion scenarios without causing actual vehicle malfunctions.[web:224][web:225]
Attack Types
- DoS Attack: Injecting high-priority CAN ID messages (e.g., 0x000) in short cycles to flood the bus and cause latencies.[web:224][web:221]
- Fuzzy Attack: Injecting messages with random spoofed CAN IDs and data values to provoke unexpected vehicle behavior.[web:224][web:221]
- Impersonation Attack: Injecting messages that impersonate a legitimate node (e.g., arbitration ID 0x164) to send false information.[web:224][web:221]
- Attack-Free State: Normal CAN messages recorded during typical vehicle operation.[web:224]
Data Format
- Each record includes: Timestamp, CAN ID (hex), DLC (data length code, 0–8 bytes), DATA[0]–DATA[7] (byte values), and Flag (R for normal, injected attacks labeled accordingly).[web:225][web:224]
Use Cases
- Developing and evaluating intrusion detection systems (IDS) for in-vehicle CAN networks.[web:224][web:222]
- Training machine learning classifiers to distinguish between normal traffic and attack types.[web:221][web:222]
- Researching automotive cybersecurity and testing countermeasures against CAN bus attacks.[web:224][web:226]
Access and License
The dataset is hosted on the HCRL website; users should consult the site for any usage terms and cite the original HCRL publications when using the data.[web:224][web:225]
View Data Structure
To explore column names, data types, and sample rows, visit the official dataset page on Kaggle.
Preview on KaggleCite This Dataset
Kaur, Amritpal, Bhatt, Devershi Pallavi, & Raja, Linesh (2023). CAN-Intrusion-Dataset (OTIDS) – Car Hacking Dataset for Intrusion Detection. 2018 16th Annual Conference on Privacy, Security and Trust (PST). [Dataset]. Mendeley Data. https://doi.org/10.17632/fpdwmm7nrb.1
Source: Mendeley Data (2023) · DOI: 10.17632/fpdwmm7nrb.1
Indexed by IoTDataset.com on Jan 29, 2026
Ready to Start Your Research?
Download this dataset directly from the official repository and start building your next breakthrough project.