X-IIoTID: A Connectivity-Agnostic and Device-Agnostic Intrusion Data Set for Industrial Internet of Things

Muna Al-Hawawreh, Elena Sitnikova, Neda Aboutorab

Research output: Contribution to journalArticlepeer-review

80 Citations (Scopus)


Industrial Internet of Things (IIoT) is a high-value cyber target due to the nature of the devices and connectivity protocols they deploy. They are easy to compromise and, as they are connected on a large scale with high-value data content, the compromise of any single device can extend to the whole system and disrupt critical functions. There are various security solutions that detect and mitigate intrusions. However, as they lack the capability to deal with an IIoT's co-existing heterogeneity and interoperability, developing new universal security solutions to fit its requirements is critical. This is challenging due to the scarcity of accurate data about IIoT systems' activities, connectivities, and attack behaviors. In addition, owing to their multiplatform connectivity protocols and multivendor devices, collecting and creating such data are also challenging. To tackle these issues, we propose a holistic approach for generating an appropriate intrusion data set for an IIoT called X-IIoTID, a connectivity-agnostic and device-agnostic intrusion data set for fitting the heterogeneity and interoperability of IIoT systems. It includes the behaviors of new IIoT connectivity protocols, activities of recent devices, diverse attack types and scenarios, and various attack protocols. It defines an attack taxonomy and consists of multiview features, such as network traffic, host resources, logs and alerts. X-IIoTID is evaluated using popular machine and deep learning algorithms and compared with 18 intrusion data sets to verify its novelty.

Original languageEnglish
Pages (from-to)3962-3977
Number of pages16
JournalIEEE Internet of Things Journal
Issue number5
Publication statusPublished - 1 Mar 2022
Externally publishedYes


  • Cybersecurity
  • data set
  • Industrial Internet of Things (IIoT)
  • intrusion detection


Dive into the research topics of 'X-IIoTID: A Connectivity-Agnostic and Device-Agnostic Intrusion Data Set for Industrial Internet of Things'. Together they form a unique fingerprint.

Cite this