Document Type

Article

Publication Date

2026

DOI

10.1016/j.dib.2026.112805

Publication Title

Data in Brief

Volume

66

Pages

112805

Abstract

This paper presents GEM-CAN, a labelled Controller Area Network (CAN) dataset captured from an autonomous GEM e6 platform under both normal operation and controlled cyber-attack conditions.

The dataset contains ∼143 K frames comprising (i) ∼ nominal autonomous operation (∼100k messages), (ii) DoS floods using arbitration ID 0 × 00000000 (∼41 K messages), and (iii) data-tampering injections that reuse legitimate IDs for brake and steering-lock (∼1.3 K messages). Each record includes timestamp, arbitration ID (11/29-bit), DLC, eight payload bytes, and a Normal/Attack label. A companion metadata file enumerates attack windows, PCAN bus-load traces, bitrate, and test conditions. Data were collected with PCAN-View via PCAN-USB on a closed campus rural track. Attacks were injected while the vehicle remained in autonomous mode and stationary for safety; bus utilization and actuation responsiveness were monitored. The dataset offers real-vehicle evidence of availability and integrity attacks (e.g., bus-load surges from 20% to 100% and ∼20 s steering-lock delays during DoS), enabling reproducible benchmarking of lightweight, on-device IDS—particularly relevant for rural deployments with intermittent connectivity.

Rights

© 2026 The Authors.

This is an open access article under the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) License.

Original Publication Citation

Tavasoli, M., Sarrafzadeh, A., Karimoddini, A., Phuapaiboon, T., Khaleghi, M., & Tobias, D. (2026). GEM-CAN: A real-world dataset of CAN-bus attack scenarios on an autonomous vehicle for intrusion-detection research. Data in Brief, 66, Article 112805. https://doi.org/10.1016/j.dib.2026.112805

Share

COinS