MQTTEEB-D: Real-World IoT Cybersecurity Dataset for MQTT Networks
Abstract
"Real-world dataset from International University of Rabat for threat detection in MQTT-IoT networks, containing actual cyberattacks executed on MySignals health sensors."
Description
Dataset Overview
MQTTEEB-D is a practical dataset from a real IoT environment at the International University of Rabat, Morocco. Unlike simulated datasets, it contains genuine data from MySignals IoT health sensors and Raspberry Pi 4 with an MQTT broker server, making it highly valuable for realistic cybersecurity research.
Key Features
- Data from real deployment (not simulated)
- Multiple cyberattacks executed in real-time
- Multiple processed versions: Raw, Cleaned, Normalized, Standardized, SMOTE-balanced
- Detailed metadata for ease of use
- Healthcare IoT-specific attack scenarios
Data Structure/Columns
Data collected using PyShark (Python wrapper for tshark) and organized in CSV files. The dataset includes:
- MQTT protocol traffic features
- Network packet characteristics
- Attack type labels (DoS, SlowITe, Malformed Data, Brute Force, MQTT flooding)
- Temporal information for time-based analysis
- Health sensor readings from MySignals devices
- Connection state information
- Packet size and frequency metrics
Data Collection Method
MySignals IoT health sensors were connected to Raspberry Pi 4 as edge devices, with an MQTT broker server for communication. Real attacks were executed in a monitored environment, and data was captured using PyShark for comprehensive packet-level analysis.
Research Applications
- Development of Intrusion Detection Systems for MQTT networks
- Healthcare IoT cybersecurity research
- Study of attack patterns in real environments
- Development of AI-driven security solutions
- MQTT protocol vulnerability analysis
Machine Learning Use Cases
- Multi-class classification for different attack types
- Anomaly detection in MQTT traffic
- Deep learning models with preprocessed data
- Real-time threat detection systems
- Imbalanced data handling with SMOTE versions
Data Preview
| Timestamp | Protocol | Packet Length | Source Port | Dest Port | MQTT Topic | Attack Type | Label |
|---|---|---|---|---|---|---|---|
| 2024-10-15 10:23:45 | MQTT | 512 | 1883 | 8883 | health/sensor1 | Normal | Benign |
| 2024-10-15 10:24:12 | MQTT | 8192 | 1883 | 8883 | health/flood | MQTT Flooding | Attack |
| 2024-10-15 10:25:33 | MQTT | 256 | 1883 | 8883 | health/sensor2 | DoS | Attack |
Showing first few rows for preview
Cite This Dataset
Mendeley (2026). MQTTEEB-D: Real-World IoT Cybersecurity Dataset for MQTT Networks. [Dataset]. Mendeley. https://data.mendeley.com/datasets/jfttfjn6tr/1
Select your preferred citation style above. The citation will automatically update and you can copy it to your clipboard.
Original source: Mendeley (2026). Visit official page for more details.
Indexed by IoTDataset.com on Jan 16, 2026
Ready to Start Your Research?
Download this dataset directly from the official repository and start building your next breakthrough project.