This dataset is a hand noted dataset that consists of two categories, evasion and normal methods. By evasion methods we mean the methods that are used by Android malware to hide their malicious payload, and hinder the dynamic analysis. Normal methods are any other methods that cannot be used as evasion techniques. Also, the evasion methods are categorized into six categories: File access, Integrity check, Location, SMS, Time, Anti-emulation. This dataset can be used by any ML or DL approaches to predict new evasion techniques that can be used by malware to hinder the dynamic analysis.
This dataset is part of our research on malware detection and classification using Deep Learning. It contains 42,797 malware API call sequences and 1,079 goodware API call sequences. Each API call sequence is composed of the first 100 non-repeated consecutive API calls associated with the parent process, extracted from the 'calls' elements of Cuckoo Sandbox reports.