Classification Of Malwares (CLaMP)

Context

A Malware classifier dataset built with header fields’ values of Portable Executable files

Content

What's inside is more than just rows and columns. Make it easy for others to get started by describing how you acquired the data and what time period it represents, too.

ClaMP_Integrated-5184.csv
Total samples : 5184 (Malware () + Benign())
Features (69) : Raw Features (54) + Derived Features(15)

ClaMP_Raw-5184.csv
Total samples : 5184 (Malware ()+ Benign())
Features (55) : Raw Features(55)

IMAGE_DOS_HEADER (19)

"e_magic", "e_cblp", "e_cp","e_crlc","e_cparhdr",
"e_minalloc","e_maxalloc","e_ss","e_sp",
"e_csum","e_ip","e_cs","e_lfarlc","e_ovno","e_res",
"e_oemid","e_oeminfo","e_res2","e_lfanew"

FILE_HEADER (7)

"Machine","NumberOfSections","CreationYear","PointerToSymbolTable",
"NumberOfSymbols","SizeOfOptionalHeader","Characteristics"

OPTIONAL_HEADER (29)

"Magic", "MajorLinkerVersion", "MinorLinkerVersion", "SizeOfCode", "SizeOfInitializedData",
"SizeOfUninitializedData", "AddressOfEntryPoint",
"BaseOfCode", "BaseOfData", "ImageBase", "SectionAlignment", "FileAlignment",
"MajorOperatingSystemVersion", "MinorOperatingSystemVersion",
"MajorImageVersion", "MinorImageVersion", "MajorSubsystemVersion",
"MinorSubsystemVersion", "SizeOfImage", "SizeOfHeaders", "CheckSum",
"Subsystem", "DllCharacteristics", "SizeOfStackReserve", "SizeOfStackCommit",
"SizeOfHeapReserve", "SizeOfHeapCommit", "LoaderFlags", "NumberOfRvaAndSizes"

TARGET_VARIABLE: class - 0 (benign), 1 (malware)

Acknowledgements

The data is sourced from Mendeley data.

Kumar, Ajit (2020), “ClaMP (Classification of Malware with PE headers)”, Mendeley Data, V1, doi: 10.17632/xvyv59vwvz.1

Read Paper: "A learning model to detect maliciousness of portable executable using integrated feature set", authored by Ajit Kumar, K.S.Kuppusamy, and G.Aghila.