MQTTEEB-D: Real-World IoT Cybersecurity Dataset for MQTT Networks

Dataset Overview

MQTTEEB-D is a practical dataset from a real IoT environment at the International University of Rabat, Morocco. Unlike simulated datasets, it contains genuine data from MySignals IoT health sensors and Raspberry Pi 4 with an MQTT broker server, making it highly valuable for realistic cybersecurity research.

Key Features

• Data from real deployment (not simulated)
• Multiple cyberattacks executed in real-time
• Multiple processed versions: Raw, Cleaned, Normalized, Standardized, SMOTE-balanced
• Detailed metadata for ease of use
• Healthcare IoT-specific attack scenarios

Data Structure/Columns

Data collected using PyShark (Python wrapper for tshark) and organized in CSV files. The dataset includes:

• MQTT protocol traffic features
• Network packet characteristics
• Attack type labels (DoS, SlowITe, Malformed Data, Brute Force, MQTT flooding)
• Temporal information for time-based analysis
• Health sensor readings from MySignals devices
• Connection state information
• Packet size and frequency metrics

Data Collection Method

MySignals IoT health sensors were connected to Raspberry Pi 4 as edge devices, with an MQTT broker server for communication. Real attacks were executed in a monitored environment, and data was captured using PyShark for comprehensive packet-level analysis.

Research Applications

• Development of Intrusion Detection Systems for MQTT networks
• Healthcare IoT cybersecurity research
• Study of attack patterns in real environments
• Development of AI-driven security solutions
• MQTT protocol vulnerability analysis

Machine Learning Use Cases

• Multi-class classification for different attack types
• Anomaly detection in MQTT traffic
• Deep learning models with preprocessed data
• Real-time threat detection systems
• Imbalanced data handling with SMOTE versions