skip to main content
Visitante
Meu Espaço
Minha Conta
Sair
Identificação
This feature requires javascript
Tags
Revistas Eletrônicas (eJournals)
Livros Eletrônicos (eBooks)
Bases de Dados
Bibliotecas USP
Ajuda
Ajuda
Idioma:
Inglês
Espanhol
Português
This feature required javascript
This feature requires javascript
Primo Search
Busca Geral
Busca Geral
Acervo Físico
Acervo Físico
Produção Intelectual da USP
Produção USP
Search For:
Clear Search Box
Search in:
Busca Geral
Or hit Enter to replace search target
Or select another collection:
Search in:
Busca Geral
Busca Avançada
Busca por Índices
This feature requires javascript
This feature requires javascript
Ransomware Combined Structural Feature Dataset
Moreira, Caio
Mendeley Data 2024
Texto completo disponível
Citações
Citado por
Exibir Online
Detalhes
Resenhas & Tags
Mais Opções
Nº de Citações
This feature requires javascript
Enviar para
Adicionar ao Meu Espaço
Remover do Meu Espaço
E-mail (máximo 30 registros por vez)
Imprimir
Link permanente
Referência
EasyBib
EndNote
RefWorks
del.icio.us
Exportar RIS
Exportar BibTeX
This feature requires javascript
Título:
Ransomware Combined Structural Feature Dataset
Autor:
Moreira, Caio
Assuntos:
Cybersecurity
;
Data Analytics Cybersecurity
;
Malware Mitigation
Notas:
10.17632/yzhcvn7sj5
RelationTypeNote: IsVersionOf -- 10.17632/yzhcvn7sj5
Descrição:
This dataset contains several strutuctural features extracted of 2675 binary executable samples. The training and validation set consisted of 2157 samples (80%): 1023 ransomware belonging to 25 relevant families and 1134 goodware. Meanwhile, a testing set consisted of 518 samples (20%): 385 ransomware belonging to the 15 recent families and 133 goodware. The CSV file columns are sample ID, filename, target class (GR), family ID, and numerical columns (features), as follows: | ID | filename | GR | family | Features | Training Goodware | 10000 to 11133 | Their name.exe | 0 | 0 | Numerical features | Testing Goodware | 12000 to 12132 | Their name.exe | 0 | 0 | Numerical features | Training Ransomware | 20000 to 21022 | Their SHA-256 hash | 1 | 1-25 family IDs | Numerical features | Testing Ransomware | 22000 to 22384 | Their SHA-256 hash | 1 | 26-40 family IDs | Numerical features | Options: 1) The dataset is split into individual types of features without preprocessing, including headers, imported DLLs, function calls, entropy of sections, and 3, 4, and 5-grams opcode frequencies. 2) The combined datasets include headers, imported DLLs, function calls, and entropy of sections feature sets, with and without the 3-gram feature set, after the preprocessing step, according to our research paper entitled "A Comprehensive Analysis Combining Structural Features for Detection of New Ransomware Families," from the Journal of Information Security and Applications. Note: The preprocessing step primarily involved merging similar APIs, feature selection, and normalizing the features based on their maximum and minimum values, considering only the training data. Some features exclusively exist in the test data, with zero occurrences in the training samples. For accurate testing, it's advisable to exclude these features from the training set. Family IDs: Avaddon 1 Babuk 2 Blackmatter 3 Conti 4 Darkside 5 Dharma 6 Doppelpaymer 7 Exorcist 8 Gandcrab 9 Lockbit 10 Makop 11 Maze 12 Mountlocker 13 Nefilim 14 Netwalker 15 Phobos 16 Pysa 17 Ragnarok 18 RansomeXX 19 Revil 20 Ryuk 21 Stop 22 Thanos 23 Wastedlocker 24 Zeppelin 25 AvosLocker 26 BianLian 27 BlackBasta 28 BlackByte 29 BlackCat 30 BlueSky 31 Clop 32 Hive 33 HolyGhost 34 Karma 35 Lorenz 36 Maui 37 Night Sky 38 PlayCrypt 39 Quantum 40
Editor:
Mendeley Data
Data de criação/publicação:
2024
Idioma:
Inglês
Links
org
This feature requires javascript
This feature requires javascript
Voltar para lista de resultados
This feature requires javascript
This feature requires javascript
Buscando em bases de dados remotas. Favor aguardar.
Buscando por
em
scope:(USP_VIDEOS),scope:("PRIMO"),scope:(USP_FISICO),scope:(USP_EREVISTAS),scope:(USP),scope:(USP_EBOOKS),scope:(USP_PRODUCAO),primo_central_multiple_fe
Mostrar o que foi encontrado até o momento
This feature requires javascript
This feature requires javascript