System calls

This dataset aims to provide researchers with the essential information to aid in the development and improvement surrounding system call pattern detection for crypto ransomware on Android.

Our dataset provides two sets of extracted and formatted system call logs. The first set consists of system call logs collected from 213 crypto ransomware and the second set consist of 502 benign Android applications.


This dataset accurately models the internal behavior of an IoT spectrum sensor (belonging to the ElectroSense platform and consisting of a Raspberry Pi 3 with a software-defined radio kit) when it is functioning normally and under attack. To accomplish it, the system calls of the IoT sensor are monitored under normal behavior, gathered, cleaned, and stored in a centralized directory. Then, the device is infected with current malware affecting IoT devices, such as the Bashlite botnet, Thetick backdoor, Bdvl rootkit, and a Ransomware proof of concept.