Available Dataset

TOP > Available Dataset

Dataset-1 (IoT honeypot: Malware binaries ) ##UPDATED!!##

This dataset includes malware binaries captured by IoTPOT and its updated versions.
  • Dataset A
    • 4,000 executable files captured by IoTPOT between 2016/10/02 and 2017/10/02
  • Dataset B
    • 1,276 executable files captured by X-Pot between 2020/3/15 and 2020/5/20
    • 284 executable files captured by X-Pot between 2020/6/22 and 2020/7/21
  • Dataset C
    • 86,496 executable files captured by IoTPOT between 2018/09/14 and 2020/05/20
  • (NEW!!)Dataset D
    • 124,799 executable files captured by IoTPOT between 2020/05/21 and 2022/12/31
    • 17,290 executable files captured by X-Pot between 2020/11/21 and 2022/12/31
Filetype of Dataset D-1(IoTPOT)
Filetype Quantity
ELF(ARM) 48287
ELF(MIPS) 24768
ELF(PowerPC) 11829
ELF(Intel 80386) 11591
ELF(Renesas SH) 11147
ELF(m68k) 11037
shell script 5150
ELF(x86) 867
ELF(SPARC) 97
Python 14
ELF(others) 10
PE32 1
Perl 1
Filetype of Dataset D-2(X-Pot)
Filetype Quantity
ELF(ARM) 5073
ELF(MIPS) 3507
shell script 2853
ELF(Intel 80386) 2005
ELF(PowerPC) 855
ELF(x86) 843
ELF(Renesas SH) 750
ELF(m68k) 711
ELF(SPARC) 450
ELF(others) 138
PE32 72
Perl 19
Python 14

The details of our honeypots are described in the following papers.

  • Seiya Kato, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto, "Adaptive Observation of Emerging Cyber Attacks targeting Various IoT Devices," IFIP/IEEE International Symposium on Integrated Network Management (IM), 2021.
  • Rui Tanabe, Tatsuya Tamai, Akira Fujita, Ryoichi Isawa, Katsunari Yoshioka, Tsutomu Matsumoto, Carlos Ganan and Michel Van Eeten, "Disposable Botnets: Examining the Anatomy of IoT Botnet Infrastructure," Proc. International Conference on Availability, Reliability, and Security (ARES2020), 2020.
  • Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, and Tsutomu Matsumoto, Takahiro Kasama, Christian Rossow, "IoTPOT: Analysing the Rise of IoT Compromises," 9th USENIX Workshop on Offensive Technologies (USENIX WOOT 2015), 2015.
Request this dataset

Dataset-2 (IoT honeypot: Malware download URLs)

This dataset includes URLs used for malware distribution observed by IoTPOT and its updated versions.

2,979,218 malware download URLs observed by IoTPOT between 2018-09-14 and 2019-12-31

Request this dataset
These results have been obtained through a series of research projects: the commissioned researches (19001(WarpDrive) and 05201) by the National Institute of Information and Communications Technology (NICT), Japan and PRACTICE and MITIGATE supported by the Ministry of Internal Affairs and Communications, Japan.
Copyright (c) Yoshioka Lab, Yokohama National University, All rights reserved.