Overview of the CICIoT2023 Dataset for Internet of Things Intrusion Detection Systems

The rapid expansion of the use of the Internet of Things (IoT) has encouraged many attackers to exploit the vulnerabilities in these networks to violate data privacy or disrupt service; they are easy targets due to the diversity of devices within the network, which has led to the loss of unified security standards. intrusion detection system (IDS) play a pivotal role in securing IoT networks by monitoring inbound and outbound traffic to these networks and issuing a security alarm when there is an attack; moreover, they respond directly to these security threats to prevent them from harming the network and violating data privacy. To design an IDS capable of performing work with high efficiency, an appropriate dataset must be chosen to train and evaluate the designed model. This dataset works as a fundamental task in the success of these systems because it plays a major role in training the system, feature engineering, evaluating the performance of the model, and other tasks. This paper focused on one of the modern datasets used in training and evaluating IDS models, that is, the CICIOT2023 dataset. The CICIOT2023 dataset is distinguished from other datasets, such as CICIDS2017, UNSW-NB15, and KDD1999. It focuses on the IoT environment, unlike other datasets that focus on data traffic in traditional networks, and it uses a variety of devices and protocols; moreover, it contains modern and complex attacks and a balance between the data of those attacks and normal traffic. This paper discusses the structure of the dataset, the kinds of attacks it contains, the applications and fields in which it is used, the strengths that distinguish it from other datasets, its role in developing cybersecurity research, the most important studies that have been written and dealt with this dataset, and finally, the future visions for developing the dataset.