{"title":"Process control block information dataset: Towards android malware detection","authors":"Heba Alawneh, Hamza Alkofahi","doi":"10.1016/j.dib.2024.110975","DOIUrl":null,"url":null,"abstract":"<div><div>This article proposes a Process Control Block (PCB) dataset <span><span>[1]</span></span> mined over the process execution time of tested Android applications. The PCB data from 2620 malware-infested applications and 1610 benign applications were collected. The PCB data sequence was collected for 25 seconds, with an average of 18,500 PCB records stored for each application.The mining method was implemented at the kernel level and synced with the process (job) context switching. The data for each program comprises the PCB information for all threads running the application. The application automation testing and PCB gathering for benign and malicious applications were conducted in a closed dynamic malware analysis framework. The dataset can be used to compare and contrast the low-level (kernel) behavior of benign and malicious Android programs. For the vast majority of tested applications, the mining approach effectively captured 99% of the context switches.</div></div>","PeriodicalId":10973,"journal":{"name":"Data in Brief","volume":null,"pages":null},"PeriodicalIF":1.0000,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Data in Brief","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2352340924009375","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"MULTIDISCIPLINARY SCIENCES","Score":null,"Total":0}
引用次数: 0
Abstract
This article proposes a Process Control Block (PCB) dataset [1] mined over the process execution time of tested Android applications. The PCB data from 2620 malware-infested applications and 1610 benign applications were collected. The PCB data sequence was collected for 25 seconds, with an average of 18,500 PCB records stored for each application.The mining method was implemented at the kernel level and synced with the process (job) context switching. The data for each program comprises the PCB information for all threads running the application. The application automation testing and PCB gathering for benign and malicious applications were conducted in a closed dynamic malware analysis framework. The dataset can be used to compare and contrast the low-level (kernel) behavior of benign and malicious Android programs. For the vast majority of tested applications, the mining approach effectively captured 99% of the context switches.
期刊介绍:
Data in Brief provides a way for researchers to easily share and reuse each other''s datasets by publishing data articles that: -Thoroughly describe your data, facilitating reproducibility. -Make your data, which is often buried in supplementary material, easier to find. -Increase traffic towards associated research articles and data, leading to more citations. -Open up doors for new collaborations. Because you never know what data will be useful to someone else, Data in Brief welcomes submissions that describe data from all research areas.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
