MQTT Internet of Things Intrusion Detection Dataset

  • Hanan Hindy (Creator)
  • Christos Tachtatzis (Creator)
  • Robert Atkinson (Creator)
  • Ethan Bayne (Creator)
  • Xavier Bellekens (University of Strathclyde) (Creator)



Message Queuing Telemetry Transport (MQTT) protocol is one of the most recent standards used in Internet of Things (IoT) machine to machine communication. The increase in the number of available IoT devices and used protocols reinforce the need for new and robust Intrusion Detection Systems (IDS). However, building IoT IDS requires the availability of datasets to process, train and evaluate these models. The dataset presented in this paper is the first to simulate and MQTT-based network. The dataset is generated using a simulated MQTT network architecture. The network comprises twelve sensors, a broker, a simulated camera, and an attacker. Five scenarios are recorded: (1) normal operation, (2) aggressive scan, (3) UDP scan, (4) Sparta SSH brute-force, and (5) MQTT brute-force attack. The raw pcap files are saved, then features are extracted. Three abstraction levels of features are extracted from the raw pcap files: (a) packet features, (b) Unidirectional flow features and (c) Bidirectional flow features. The csv feature files in the dataset are suited for Machine Learning (ML) usage. Also, the raw pcap files are suitable for the deeper analysis of MQTT IoT networks communication and the associated attacks.
Date made available2020
PublisherIEEE DataPort


  • IoT
  • Machine learning security
  • MQTT
  • Intrusion detection
  • MQTT attack
  • intrusion detection
  • MQTT Attack
  • Security
  • Machine Learning
  • Machine learning based IoT Intrusion Detection System: an MQTT case study (MQTT-IoT-IDS2020 Dataset)

    Hindy, H., Bayne, E., Bures, M., Atkinson, R., Tachtatzis, C. & Bellekens, X., 5 Jan 2021, Selected Papers from the 12th International Networking Conference, INC 2020. Ghita, B. & Shiaeles, S. (eds.). Cham: Springer, p. 73-84 12 p. (Lecture Notes in Networks and Systems, LNNS; vol. 180).

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Open Access
    21 Citations (Scopus)
    194 Downloads (Pure)

Cite this