The UAV-GCS Intrusion Detection Dataset (GCS-NIDD) is a real-world cybersecurity dataset designed to support research on securing Ground Control Station (GCS) to Unmanned Aerial Vehicle (UAV) communications.
The dataset was generated using a physical UAV testbed, incorporating real devices such as UAVs, access points, and ground control stations. It includes both benign traffic and multiple cyber-attack scenarios, enabling the development and evaluation of Intrusion Detection Systems (IDS) and machine learning models.
- ✅ Real-world data collected from a physical UAV testbed
- ✅ Focus on GCS-to-UAV (G2U) communication
The dataset includes the following cyber-attacks:
| Attack Type | Records |
|---|---|
| Brute Force | 5,103 |
| DDoS | 14,292 |
| DoS | 14,121 |
| Evil Twin / MITM | 48 |
| Fake Landing | 200 |
| MITM | 1,164 |
| Reconnaissance | 50,135 |
| Replay | 792 |
| Scanning | 50,135 |
| Normal + Attacks | 149,434 |
Each record contains 45 extracted network features suitable for machine learning applications.
The dataset was generated using a realistic G2U communication environment, including:
- UAV platform (PX4 Vision Dev Kit)
- Ground Control Station (laptops, tablets, and mobile devices)
- Wi-Fi communication links
- Network sniffer for traffic capture
- Attacker nodes performing various cyber-attacks
These features support both binary and multi-class intrusion detection.
If you want raw network traffic, download the PCAP files: 🔗 https://doi.org/10.6084/m9.figshare.29608541
If you use GCS-NIDD in your research, experiments, or publications, please cite the following paper:
@article{Hadi2025UAVNIDD,
author = {Hassan Jalil Hadi, Muhammad Khurram Khan and Naveed Ahmad},
title = {A Real-Time Multi-Tier Machine Learning Intrusion Detection Framework for Securing Ground Control Station–UAV Communications},
journal = {IEEE Open Journal of the Communications Society},
volume = {12},
number = {4},
pages = {},
year = {2026},
doi = {10.1109/OJCOMS.2026.3683883}
}
CyberSar Lab 🔗 https://cybersar.kaust.edu.sa/