Dataset: Classification Of Malwares (CLaMP)

About this Dataset

Classification Of Malwares (CLaMP)

Context

A Malware classifier dataset built with header fields’ values of Portable Executable files

Content

What's inside is more than just rows and columns. Make it easy for others to get started by describing how you acquired the data and what time period it represents, too.

ClaMP_Integrated-5184.csv
Total samples : 5184 (Malware () + Benign())
Features (69) : Raw Features (54) + Derived Features(15)

ClaMP_Raw-5184.csv
Total samples : 5184 (Malware ()+ Benign())
Features (55) : Raw Features(55)

IMAGE_DOS_HEADER (19)

"e_magic", "e_cblp", "e_cp","e_crlc","e_cparhdr",
"e_minalloc","e_maxalloc","e_ss","e_sp",
"e_csum","e_ip","e_cs","e_lfarlc","e_ovno","e_res",
"e_oemid","e_oeminfo","e_res2","e_lfanew"

FILE_HEADER (7)

"Machine","NumberOfSections","CreationYear","PointerToSymbolTable",
"NumberOfSymbols","SizeOfOptionalHeader","Characteristics"

OPTIONAL_HEADER (29)

"Magic", "MajorLinkerVersion", "MinorLinkerVersion", "SizeOfCode", "SizeOfInitializedData",
"SizeOfUninitializedData", "AddressOfEntryPoint",
"BaseOfCode", "BaseOfData", "ImageBase", "SectionAlignment", "FileAlignment",
"MajorOperatingSystemVersion", "MinorOperatingSystemVersion",
"MajorImageVersion", "MinorImageVersion", "MajorSubsystemVersion",
"MinorSubsystemVersion", "SizeOfImage", "SizeOfHeaders", "CheckSum",
"Subsystem", "DllCharacteristics", "SizeOfStackReserve", "SizeOfStackCommit",
"SizeOfHeapReserve", "SizeOfHeapCommit", "LoaderFlags", "NumberOfRvaAndSizes"

TARGET_VARIABLE: class - 0 (benign), 1 (malware)

Acknowledgements

The data is sourced from Mendeley data.

Kumar, Ajit (2020), “ClaMP (Classification of Malware with PE headers)”, Mendeley Data, V1, doi: 10.17632/xvyv59vwvz.1

Read Paper: "A learning model to detect maliciousness of portable executable using integrated feature set", authored by Ajit Kumar, K.S.Kuppusamy, and G.Aghila.

Tables

Clamp Integrated 5184

@kaggle.saurabhshahane_classification_of_malwares.clamp_integrated_5184

318.02 KB
5210 rows
70 columns


CREATE TABLE clamp_integrated_5184 (
  "e_cblp" BIGINT,
  "e_cp" BIGINT,
  "e_cparhdr" BIGINT,
  "e_maxalloc" BIGINT,
  "e_sp" BIGINT,
  "e_lfanew" BIGINT,
  "numberofsections" BIGINT,
  "creationyear" BIGINT,
  "fh_char0" BIGINT,
  "fh_char1" BIGINT,
  "fh_char2" BIGINT,
  "fh_char3" BIGINT,
  "fh_char4" BIGINT,
  "fh_char5" BIGINT,
  "fh_char6" BIGINT,
  "fh_char7" BIGINT,
  "fh_char8" BIGINT,
  "fh_char9" BIGINT,
  "fh_char10" BIGINT,
  "fh_char11" BIGINT,
  "fh_char12" BIGINT,
  "fh_char13" BIGINT,
  "fh_char14" BIGINT,
  "majorlinkerversion" BIGINT,
  "minorlinkerversion" BIGINT,
  "sizeofcode" BIGINT,
  "sizeofinitializeddata" BIGINT,
  "sizeofuninitializeddata" BIGINT,
  "addressofentrypoint" BIGINT,
  "baseofcode" BIGINT,
  "baseofdata" BIGINT,
  "imagebase" BIGINT,
  "sectionalignment" BIGINT,
  "filealignment" BIGINT,
  "majoroperatingsystemversion" BIGINT,
  "minoroperatingsystemversion" BIGINT,
  "majorimageversion" BIGINT,
  "minorimageversion" BIGINT,
  "majorsubsystemversion" BIGINT,
  "minorsubsystemversion" BIGINT,
  "sizeofimage" BIGINT,
  "sizeofheaders" BIGINT,
  "checksum" BIGINT,
  "subsystem" BIGINT,
  "oh_dllchar0" BIGINT,
  "oh_dllchar1" BIGINT,
  "oh_dllchar2" BIGINT,
  "oh_dllchar3" BIGINT,
  "oh_dllchar4" BIGINT,
  "oh_dllchar5" BIGINT,
  "oh_dllchar6" BIGINT,
  "oh_dllchar7" BIGINT,
  "oh_dllchar8" BIGINT,
  "oh_dllchar9" BIGINT,
  "oh_dllchar10" BIGINT,
  "sizeofstackreserve" BIGINT,
  "sizeofstackcommit" BIGINT,
  "sizeofheapreserve" BIGINT,
  "sizeofheapcommit" BIGINT,
  "loaderflags" BIGINT,
  "sus_sections" BIGINT,
  "non_sus_sections" BIGINT,
  "packer" BIGINT,
  "packer_type" VARCHAR,
  "e_text" DOUBLE,
  "e_data" DOUBLE,
  "filesize" BIGINT,
  "e_file" DOUBLE,
  "fileinfo" BIGINT,
  "class" BIGINT
);

Clamp Raw 5184

@kaggle.saurabhshahane_classification_of_malwares.clamp_raw_5184

186.12 KB
5184 rows
56 columns


CREATE TABLE clamp_raw_5184 (
  "e_magic" BIGINT,
  "e_cblp" BIGINT,
  "e_cp" BIGINT,
  "e_crlc" BIGINT,
  "e_cparhdr" BIGINT,
  "e_minalloc" BIGINT,
  "e_maxalloc" BIGINT,
  "e_ss" BIGINT,
  "e_sp" BIGINT,
  "e_csum" BIGINT,
  "e_ip" BIGINT,
  "e_cs" BIGINT,
  "e_lfarlc" BIGINT,
  "e_ovno" BIGINT,
  "e_res" VARCHAR,
  "e_oemid" BIGINT,
  "e_oeminfo" BIGINT,
  "e_res2" VARCHAR,
  "e_lfanew" BIGINT,
  "machine" BIGINT,
  "numberofsections" BIGINT,
  "creationyear" BIGINT,
  "pointertosymboltable" BIGINT,
  "numberofsymbols" BIGINT,
  "sizeofoptionalheader" BIGINT,
  "characteristics" BIGINT,
  "magic" BIGINT,
  "majorlinkerversion" BIGINT,
  "minorlinkerversion" BIGINT,
  "sizeofcode" BIGINT,
  "sizeofinitializeddata" BIGINT,
  "sizeofuninitializeddata" BIGINT,
  "addressofentrypoint" BIGINT,
  "baseofcode" BIGINT,
  "baseofdata" BIGINT,
  "imagebase" BIGINT,
  "sectionalignment" BIGINT,
  "filealignment" BIGINT,
  "majoroperatingsystemversion" BIGINT,
  "minoroperatingsystemversion" BIGINT,
  "majorimageversion" BIGINT,
  "minorimageversion" BIGINT,
  "majorsubsystemversion" BIGINT,
  "minorsubsystemversion" BIGINT,
  "sizeofimage" BIGINT,
  "sizeofheaders" BIGINT,
  "checksum" BIGINT,
  "subsystem" BIGINT,
  "dllcharacteristics" BIGINT,
  "sizeofstackreserve" BIGINT,
  "sizeofstackcommit" BIGINT,
  "sizeofheapreserve" BIGINT,
  "sizeofheapcommit" BIGINT,
  "loaderflags" BIGINT,
  "numberofrvaandsizes" BIGINT,
  "class" BIGINT
);