We constructed a rich AttackDB that consists of CTI from the MITRE ATT\&CK Enterprise knowledge base, the AlienVault Open Threat Exchange, the IBM X-Force Exchange and VirusTotal.

Categories:
251 Views

Cloud forensics is different than digital forensics because of the architectural implementation of the cloud. In an Infrastructure as a Service (IaaS) cloud model. Virtual Machines (VM) deployed over the cloud can be used by adversaries to carry out a cyber-attack using the cloud as an environment.

Instructions: 

 

 

 

 

 

 

 

 

 

 

 

 

About the dataset
The dataset generated is a KVM monitoring dataset however we proposed a novel feature-set. The methodology used to generate these novel features is explained in https://www.degruyter.com/document/doi/10.1515/comp-2022-0241/html. where the features can be used to train ML models for evidence detection.  

The second portion of the dataset is published under the standard dataset of IEEE Dataport under the name of Memory Dumps of Virtual Machines for Cloud Forensics.  

How to use
These two datasets can be used together as they are the outcome of the same experiment. Memory dumps have timestamp and VMID, UUID features. 
or 
This Dataset can be used to study the impact of an attack (origin) on the Rate of Resource utilization of a VM monitored at the hypervisor.

 

Sr No

Category

Feature

Description

1

Meta-data

LAST_POLL

epoch timestamp

2

VMID

The ID of the VM

3

UUID

unique identifier of the domain

4

dom

domain name

5

Network

rxbytes_slope

Rate of received bytes from the network

6

rxpackets_slope

Rate of received packets from the network

7

rxerrors_slope

Rate of the number of receive errors from the network

8

rxdrops_slope

Rate of the number of received packets dropped from the network

9

txbytes_slope

Rate of transmitted bytes from the network

10

txpackets_slope

Rate of transmitted packets from the network

11

txerrors_slope

Rate of the number of transmission errors from the network

12

txdrops_slope

Rate of the number of transmitted packets dropped from the network

13

Memory

timecpu_slope

Rate of time spent by vCPU threads executing guest code

14

timesys_slope

Rate of time spent in kernel space

15

timeusr_slope

Rate of time spent in userspace

16

state_slope

Rate of running state

17

memmax_slope

Rate of maximum memory in kilobytes

18

mem_slope

Rate of memory used in kilobytes

19

cpus_slope

Rate of the number of virtual CPUs chaged

20

cputime_slope

Rate of CPU time used in nanoseconds

21

memactual_slope

Rate of Current balloon value (in KiB)

22

memswap_in_slope

Rate of The amount of data read from swap space (in KiB)

23

memswap_out_slope

Rate of The amount of memory written out to swap space (in KiB)

24

memmajor_fault_slope

Rate of The number of page faults where disk IO was required

25

memminor_fault_slope

Rate of The number of other page faults

26

memunused_slope

Rate of The amount of memory left unused by the system (in KiB)

27

memavailable_slope

Rate of The amount of usable memory as seen by the domain (in KiB)

28

memusable_slope

Rate of The amount of memory that can be reclaimed by balloon without causing host swapping (in KiB)

29

memlast_update_slope

Rate of The timestamp of the last update of statistics (in seconds)

30

memdisk_cache_slope

Rate of The amount of memory that can be reclaimed without additional I/O, typically disk caches (in KiB)

31

memhugetlb_pgalloc_slope

Rate of The number of successful huge page allocations initiated from within the domain

32

memhugetlb_pgfail_slope

Rate of The number of failed huge page allocations initiated from within the domain

33

memrss_slope

Rate of Resident Set Size of the running domain's process (in KiB)

34

Disk

vdard_req_slope

Rate of the number of reading requests on the vda block device

35

vdard_bytes_slope

Rate of the number of reading bytes on the vda block device

36

vdawr_reqs_slope

Rate of the number of write requests on the vda block device

37

vdawr_bytes_slope

Rate of the number of write requests on vda  the block device

38

vdaerror_slope

Rate of the number of errors in the vda block device

39

hdard_req_slope

Rate of the number of read requests on the hda block device

40

hdard_bytes_slope

Rate of the number of read bytes on the had block device

41

hdawr_reqs_slope

Rate of the number of write requests on the hda block device

42

hdawr_bytes_slope

Rate of the number of write bytes on the hda  block device

43

hdaerror_slope

Rate of the number of errors in the hda block device

44

TARGET

Status

Attack/Normal

 

 

Categories:
854 Views

 Abstract

Instructions: 

This dataset contains about 140,000 Tweets related to exoskeletons. that were mined for a period of 5-years from May 21, 2017, to May 21, 2022. The tweets contain diverse forms of communications and conversations which communicate user interests, user perspectives, public opinion, reviews, feedback, suggestions, etc., related to exoskeletons.

 

The dataset contains only tweet identifiers (Tweet IDs) due to the terms and conditions of Twitter to re-distribute Twitter data ONLY for research purposes. They need to be hydrated to be used. The process of retrieving a tweet's complete information (such as the text of the tweet, username, user ID, date and time, etc.) using its ID is known as the hydration of a tweet ID. For hydrating this dataset the Hydrator application (link to download and a step-by-step tutorial on how to use Hydrator) may be used.

 

Data Description

This dataset consists of 7 .txt files. The following shows the number of Tweet IDs and the date range (of the associated tweets) in each of these files. 

Filename: Exoskeleton_TweetIDs_Set1.txt

Number of Tweet IDs – 22945, Date Range of Tweets - July 20, 2021 – May 21, 2022

Filename: Exoskeleton_TweetIDs_Set2.txt

Number of Tweet IDs – 19416, Date Range of Tweets - Dec 1, 2020 – July 19, 2021

Filename: Exoskeleton_TweetIDs_Set3.txt

Number of Tweet IDs – 16673, Date Range of Tweets - April 29, 2020 - Nov 30, 2020

Filename: Exoskeleton_TweetIDs_Set4.txt

Number of Tweet IDs – 16208, Date Range of Tweets - Oct 5, 2019 - Apr 28, 2020

Filename: Exoskeleton_TweetIDs_Set5.txt

Number of Tweet IDs – 17983, Date Range of Tweets - Feb 13, 2019 - Oct 4, 2019

Filename: Exoskeleton_TweetIDs_Set6.txt

Number of Tweet IDs – 34009, Date Range of Tweets - Nov 9, 2017 - Feb 12, 2019

Filename: Exoskeleton_TweetIDs_Set7.txt

Number of Tweet IDs – 11351, Date Range of Tweets - May 21, 2017 - Nov 8, 2017

 

For any questions related to the dataset, please contact Nirmalya Thakur at thakurna@mail.uc.edu

Categories:
904 Views

Penetration testing plays an important role in securing websites. However, you need the right tools to run efficient tests. Penetration testing tools have different functions, pentest methodologies, features, and price ranges. It might be difficult to choose the ones most suitable for your organization. This post will briefly describe some of the finest penetration testing tools.

 

 

 

 

Categories:
180 Views

We elaborate on the dataset collected from our testbed developed at Washington University in St. Louis, to perform real-world IIoT operations, carrying out attacks that are more prelevant against IIoT systems. This dataset is to be utilized in the research of AI/ML based security solutions to tackle the intrusion problem.

Categories:
717 Views

This dataset is extracted from GitHub and contains 172,919 java source codes written by 3,128 authors. It can be used for authorship attribution.

Categories:
388 Views

This dataset was produced as a part of my PhD research on Android malware detection using Multimodal Deep Learning. It contains raw data (DEX grayscale images), static analysis data (Android Intents & Permissions), and dynamic analysis data (system call sequences). For the conference research paper, please refer to https://sbic.org.br/eventos/cbic_2021/cbic2021-32/

Citations:

Instructions: 

* FEATURES *

Field Name Field Type Input Domain
SHA256 String 32 bytes
DEX_PIXEL_0, ..., DEX_PIXEL_16383 Integer {0, 1, ..., 255}
INTENT_0, ..., INTENT_99 Integer {0, 1}
PERMISSION_0, ..., PERMISSION_99 Integer {0, 1}
SYSCALL_0, ..., SYSCALL_399 Integer {0, 1, ..., 123}
CLASS Integer {0 = Goodware, 1 = Malware}

intents = ['android.intent.action.main', 'android.intent.action.boot_completed', 'android.intent.action.view', 'android.intent.action.user_present', 'android.intent.action.package_added', 'android.intent.action.package_removed', 'android.intent.action.phone_state', 'android.intent.action.search', 'android.intent.action.package_replaced', 'android.intent.action.create_shortcut', 'android.intent.action.new_outgoing_call', 'android.intent.action.action_power_connected', 'android.intent.action.action_power_disconnected', 'android.intent.action.quickboot_poweron', 'android.intent.action.send', 'android.intent.action.data_sms_received', 'android.intent.action.media_mounted', 'android.intent.action.download_complete', 'android.intent.action.screen_on', 'android.intent.action.media_button', 'android.intent.action.action_shutdown', 'android.intent.action.media_eject', 'android.intent.action.media_unmounted', 'android.intent.action.sim_state_changed', 'android.intent.action.any_data_state', 'android.intent.action.battery_changed', 'android.intent.action.download_notification_clicked', 'android.intent.action.package_install', 'android.intent.action.media_removed', 'android.intent.action.delete', 'android.intent.action.time_set', 'android.intent.action.service_state', 'android.intent.action.media_checking', 'android.intent.action.sendto', 'android.intent.action.timezone_changed', 'android.intent.action.screen_off', 'android.intent.action.date_changed', 'android.intent.action.pick', 'android.intent.action.package_restarted', 'android.intent.action.send_multiple', 'android.intent.action.my_package_replaced', 'android.intent.action.get_content', 'android.intent.action.notification_add', 'android.intent.action.notification_remove', 'android.intent.action.notification_update', 'android.intent.action.battery_low', 'android.intent.action.respond_via_message', 'android.intent.action.set_wallpaper', 'android.intent.action.edit', 'android.intent.action.battery_okay', 'android.intent.action.airplane_mode', 'android.intent.action.locale_changed', 'android.intent.action.package_changed', 'android.intent.action.headset_plug', 'android.intent.action.sig_str', 'android.intent.action.action_external_applications_available', 'android.intent.action.action_date_changed', 'android.intent.action.action_time_changed', 'android.intent.action.action_media_eject', 'android.intent.action.action_package_added', 'android.intent.action.action_timezone_changed', 'android.intent.action.time_tick', 'android.intent.action.action_view_downloads', 'android.intent.action.close_system_dialogs', 'android.intent.action.web_search', 'android.intent.action.chinamobile_oms_game', 'android.intent.action.reboot', 'android.intent.action.dial', 'android.intent.action.media_scanner_finished', 'android.intent.action.action_package_changed', 'android.intent.action.package_data_cleared', 'android.intent.action.media_search', 'android.intent.action.assist', 'android.intent.action.call', 'android.intent.action.call_button', 'android.intent.action.wallpaper_changed', 'android.intent.action.quickboot_poweroff', 'android.intent.action.close_system_alarm', 'android.intent.action.insert', 'android.intent.action.media_bad_removal', 'android.intent.action.search_long_press', 'android.intent.action.default', 'android.intent.action.music_player', 'android.intent.action.ums_connected', 'android.intent.action.external_applications_available', 'android.intent.action.media_shared', 'android.intent.action.call_privileged', 'android.intent.action.run', 'android.intent.action.camsnap', 'android.intent.action.device_storage_low', 'android.intent.action.manage_network_usage', 'android.intent.action.videocap', 'android.intent.action.camera_button', 'android.intent.action.package_fully_removed', 'android.intent.action.proxy_change', 'android.intent.action.plug_in_airing', 'android.intent.action.set_alarm', 'android.intent.action.device_storage_ok', 'android.intent.action.media_scanner_started', 'android.intent.action.ringtone_picker']

permissions = ['android.permission.internet', 'android.permission.access_network_state', 'android.permission.write_external_storage', 'android.permission.read_phone_state', 'android.permission.access_wifi_state', 'android.permission.wake_lock', 'android.permission.access_coarse_location', 'android.permission.vibrate', 'android.permission.access_fine_location', 'android.permission.receive_boot_completed', 'android.permission.get_tasks', 'android.permission.get_accounts', 'android.permission.system_alert_window', 'android.permission.read_external_storage', 'android.permission.change_wifi_state', 'android.permission.send_sms', 'android.permission.camera', 'android.permission.write_settings', 'android.permission.mount_unmount_filesystems', 'android.permission.receive_sms', 'android.permission.call_phone', 'android.permission.read_sms', 'android.permission.read_contacts', 'android.permission.record_audio', 'android.permission.read_logs', 'android.permission.change_network_state', 'android.permission.restart_packages', 'android.permission.disable_keyguard', 'android.permission.modify_audio_settings', 'android.permission.write_sms', 'android.permission.access_location_extra_commands', 'android.permission.bluetooth', 'android.permission.use_credentials', 'android.permission.set_wallpaper', 'android.permission.flashlight', 'android.permission.broadcast_sticky', 'android.permission.write_contacts', 'android.permission.process_outgoing_calls', 'android.permission.kill_background_processes', 'android.permission.bluetooth_admin', 'android.permission.manage_accounts', 'android.permission.receive_user_present', 'android.permission.change_configuration', 'android.permission.install_packages', 'android.permission.access_mock_location', 'android.permission.download_without_notification', 'android.permission.write_apn_settings', 'android.permission.read_call_log', 'android.permission.receive_mms', 'android.permission.access_gps', 'android.permission.read_calendar', 'android.permission.access_download_manager', 'android.permission.authenticate_accounts', 'android.permission.baidu_location_service', 'android.permission.write_calendar', 'android.permission.system_overlay_window', 'android.permission.battery_stats', 'android.permission.delete_packages', 'android.permission.modify_phone_state', 'android.permission.get_package_size', 'android.permission.clear_app_cache', 'android.permission.receive_wap_push', 'android.permission.write_call_log', 'android.permission.write_secure_settings', 'android.permission.access_coarse_updates', 'android.permission.record_video', 'android.permission.interact_across_users_full', 'android.permission.read_settings', 'android.permission.read_profile', 'android.permission.set_wallpaper_hints', 'android.permission.expand_status_bar', 'android.permission.call_privileged', 'android.permission.change_component_enabled_state', 'android.permission.device_power', 'android.permission.write_sync_settings', 'android.permission.reorder_tasks', 'android.permission.read_sync_settings', 'android.permission.nfc', 'android.permission.change_wifi_multicast_state', 'android.permission.write_owner_data', 'android.permission.set_debug_app', 'android.permission.broadcast_sms', 'android.permission.package_usage_stats', 'android.permission.write_internal_storage', 'android.permission.broadcast_package_added', 'android.permission.broadcast_package_replaced', 'android.permission.broadcast_package_install', 'android.permission.access_location', 'android.permission.broadcast_package_changed', 'android.permission.access_mtk_mmhw', 'android.permission.read_owner_data', 'android.permission.manage_documents', 'android.permission.access_superuser', 'android.permission.write_media_storage', 'android.permission.update_device_stats', 'android.permission.access_assisted_gps', 'android.permission.read_sync_stats', 'android.permission.raised_thread_priority', 'android.permission.persistent_activity', 'android.permission.mout_unmount_filesystems']

syscalls = ['UNK', 'accept', 'access', 'bind', 'brk', 'cacheflush', 'capset', 'chdir', 'chmod', 'clock_gettime', 'clone', 'close', 'connect', 'dup', 'dup2', 'epoll_create', 'epoll_ctl', 'epoll_wait', 'execve', 'exit', 'exit_group', 'fchmod', 'fchown32', 'fcntl', 'fcntl64', 'fdatasync', 'fgetxattr', 'flock', 'fork', 'fsetxattr', 'fstat64', 'fsync', 'ftruncate', 'ftruncate64', 'futex', 'getcwd', 'getdents64', 'getegid32', 'geteuid32', 'getgid32', 'getgroups32', 'getpgid', 'getpid', 'getppid', 'getpriority', 'getresgid32', 'getresuid32', 'getrlimit', 'getsockname', 'getsockopt', 'gettid', 'gettimeofday', 'getuid32', 'inotify_add_watch', 'inotify_init', 'inotify_rm_watch', 'ioctl', 'kill', 'listen', 'lseek', 'lstat64', 'madvise', 'mkdir', 'mmap2', 'mprotect', 'mremap', 'msync', 'munmap', 'nanosleep', 'open', 'pciconfig_iobase', 'personality', 'pipe', 'poll', 'prctl', 'pread', 'ptrace', 'pwrite', 'read', 'readlink', 'recvfrom', 'recvmsg', 'rename', 'restart_syscall', 'rmdir', 'rt_sigreturn', 'rt_sigtimedwait', 'sched_getparam', 'sched_getscheduler', 'sched_yield', 'select', 'sendmsg', 'sendto', 'set_tls', 'setgid32', 'setgroups32', 'setitimer', 'setpgid', 'setpriority', 'setresuid32', 'setrlimit', 'setsid', 'setsockopt', 'setuid32', 'shutdown', 'sigaction', 'sigprocmask', 'sigreturn', 'socket', 'socketpair', 'stat64', 'statfs', 'statfs64', 'tgkill', 'timerfd', 'timerfd_settime', 'umask', 'uname', 'unlink', 'utimes', 'vfork', 'wait4', 'write', 'writev']

* ACKNOWLEDGMENTS *

We would like to thank Universidade Nove de Julho and the Coordination for the Improvement of Higher Education Personnel (CAPES) for supporting this research.

Categories:
756 Views

The dataset consists of samples of DDoS attacks. The samples were generated either by dedicated tools such as Loic, Hulk, Thorshammer, or combined from publicly available source such as from DDoS Evaluation Dataset (CIC-DDoS2019).

Categories:
429 Views

The "eternal war in cache" has reached browsers, with multiple cache-based side-channel attacks and countermeasures being suggested. A common approach for countermeasures is to disable or restrict JavaScript features deemed essential for carrying out attacks.

Instructions: 

TBD

Categories:
118 Views

The security testing focuses on evaluating the security of the web, mobile, networks, API, SaaS, blockchain & cloud applications by methodically validating & verifying the effectiveness of security controls. The process involves an active analysis of any application for any available weaknesses, technical flaws, or vulnerabilities.

 

The security audit scope of work will include:

Categories:
143 Views

Pages