Malware Analysis Datasets: Top-1000 PE Imports

Citation Author(s):: Angelo Oliveira
Submitted by:: Angelo Oliveira
Last updated:: Fri, 11/08/2019 - 10:43
DOI:: 10.21227/004e-v304
Data Format:: .csv

7726 views

Categories:

Keywords:

CITE

Abstract

This dataset is part of my PhD research on malware detection and classification using Deep Learning. It contains static analysis data: Top-1000 imported functions extracted from the 'pe_imports' elements of Cuckoo Sandbox reports. PE malware examples were downloaded from virusshare.com. PE goodware examples were downloaded from portableapps.com and from Windows 7 x86 directories.

Instructions:

* FEATURES * Column name: hash Description: MD5 hash of the example Type: 32 bytes string Column name: GetProcAddress Description: Most imported function (1st) Type: 0 (Not imported) or 1 (Imported) ... Column name: LookupAccountSidW Description: Least imported function (1000th) Type: 0 (Not imported) or 1 (Imported) Column name: malware Description: Class Type: 0 (Goodware) or 1 (Malware) * ACKNOWLEDGMENTS * We would like to thank: Cuckoo Sandbox for developing such an amazing dynamic analysis environment! VirusShare! Because sharing is caring! Universidade Nove de Julho for supporting this research. Coordination for the Improvement of Higher Education Personnel (CAPES) for supporting this research. * CITATIONS * Please refer to the dataset DOI. Please feel free to contact me for any further information.

Greetings, I would like to get more information about the citations of this dataset.

Noran Abu Shaib Mon, 01/27/2020 - 16:47 Permalink

Very interesting dataset. Do you have a descriptive file of the dataset. precisely what the features mean?

zakaria sadelaoud Sun, 03/08/2020 - 20:44 Permalink

Appreciated, Please share the Feature Explanantion File or Description. Dataset is useless untill features are explained explecitly

Muhammad Hanif Mon, 04/20/2020 - 17:19 Permalink