CAN-Intrusion-Dataset (OTIDS) – Car Hacking Dataset for Intrusion Detection
Abstract
"Real in-vehicle CAN bus traffic from a Kia Soul logged via OBD-II port, including normal operation and three types of message injection attacks (DoS, fuzzy, impersonation) for intrusion detection research.[web:224][web:225][web:221]"
Description
Overview
The CAN-Intrusion-Dataset (OTIDS) from the Hacking and Countermeasure Research Lab (HCRL) contains CAN bus traffic captured from a real Kia Soul vehicle while performing controlled message injection attacks.[web:224][web:225][web:221]
Data Collection
- CAN traffic was logged via the vehicle's OBD-II port during normal driving and under attack scenarios.[web:224][web:225]
- The dataset comprises 4,613,435 CAN messages in total, divided into 2,369,397 normal messages, 591,989 fuzzy attack messages, 656,578 DoS attack messages, and 995,471 impersonation attack messages.[web:221]
- Attacks were synthetically injected into the real CAN bus to simulate realistic intrusion scenarios without causing actual vehicle malfunctions.[web:224][web:225]
Attack Types
- DoS Attack: Injecting high-priority CAN ID messages (e.g., 0x000) in short cycles to flood the bus and cause latencies.[web:224][web:221]
- Fuzzy Attack: Injecting messages with random spoofed CAN IDs and data values to provoke unexpected vehicle behavior.[web:224][web:221]
- Impersonation Attack: Injecting messages that impersonate a legitimate node (e.g., arbitration ID 0x164) to send false information.[web:224][web:221]
- Attack-Free State: Normal CAN messages recorded during typical vehicle operation.[web:224]
Data Format
- Each record includes: Timestamp, CAN ID (hex), DLC (data length code, 0–8 bytes), DATA[0]–DATA[7] (byte values), and Flag (R for normal, injected attacks labeled accordingly).[web:225][web:224]
Use Cases
- Developing and evaluating intrusion detection systems (IDS) for in-vehicle CAN networks.[web:224][web:222]
- Training machine learning classifiers to distinguish between normal traffic and attack types.[web:221][web:222]
- Researching automotive cybersecurity and testing countermeasures against CAN bus attacks.[web:224][web:226]
Access and License
The dataset is hosted on the HCRL website; users should consult the site for any usage terms and cite the original HCRL publications when using the data.[web:224][web:225]
📊 View Data Structure
To explore column names, data types, and sample rows, visit the official dataset page on Kaggle.
Preview on Kaggle
Cite This Dataset
Kaur, Amritpal, Bhatt, Devershi Pallavi, & Raja, Linesh (2023). CAN-Intrusion-Dataset (OTIDS) – Car Hacking Dataset for Intrusion Detection. 2018 16th Annual Conference on Privacy, Security and Trust (PST). [Dataset]. Mendeley Data. https://doi.org/10.17632/fpdwmm7nrb.1
Select your preferred citation style above. The citation will automatically update and you can copy it to your clipboard.
Original source: Mendeley Data (2023). Visit official page for more details.
Indexed by IoTDataset.com on Jan 29, 2026
Ready to Start Your Research?
Download this dataset directly from the official repository and start building your next breakthrough project.