Cargando…
Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques
This article presents a dataset for studying the detection of obfuscated malware in volatile computer memory. Several obfuscated reverse remote shells were generated using Metasploit-Framework, Hyperion, and PEScrambler tools. After compromising the host, Memory snapshots of a Windows 10 virtual mac...
| Autores principales: | , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Elsevier
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6743008/ https://www.ncbi.nlm.nih.gov/pubmed/31528674 http://dx.doi.org/10.1016/j.dib.2019.104437 |
| _version_ | 1783451201922138112 |
|---|---|
| author | Sadek, Ibrahim Chong, Penny Rehman, Shafiq Ul Elovici, Yuval Binder, Alexander |
| author_facet | Sadek, Ibrahim Chong, Penny Rehman, Shafiq Ul Elovici, Yuval Binder, Alexander |
| author_sort | Sadek, Ibrahim |
| collection | PubMed |
| description | This article presents a dataset for studying the detection of obfuscated malware in volatile computer memory. Several obfuscated reverse remote shells were generated using Metasploit-Framework, Hyperion, and PEScrambler tools. After compromising the host, Memory snapshots of a Windows 10 virtual machine were acquired using the open-source Rekall's WinPmem acquisition tool. The dataset is complemented by memory snapshots of uncompromised virtual machines. The data includes a reference for all running processes as well as a mapping for the designated malware running inside the memory. The datasets are available in the article, for advancing research towards the detection of obfuscated malware from volatile computer memory during a forensic analysis. |
| format | Online Article Text |
| id | pubmed-6743008 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | Elsevier |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-67430082019-09-16 Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques Sadek, Ibrahim Chong, Penny Rehman, Shafiq Ul Elovici, Yuval Binder, Alexander Data Brief Computer Science This article presents a dataset for studying the detection of obfuscated malware in volatile computer memory. Several obfuscated reverse remote shells were generated using Metasploit-Framework, Hyperion, and PEScrambler tools. After compromising the host, Memory snapshots of a Windows 10 virtual machine were acquired using the open-source Rekall's WinPmem acquisition tool. The dataset is complemented by memory snapshots of uncompromised virtual machines. The data includes a reference for all running processes as well as a mapping for the designated malware running inside the memory. The datasets are available in the article, for advancing research towards the detection of obfuscated malware from volatile computer memory during a forensic analysis. Elsevier 2019-08-28 /pmc/articles/PMC6743008/ /pubmed/31528674 http://dx.doi.org/10.1016/j.dib.2019.104437 Text en © 2019 The Author(s) http://creativecommons.org/licenses/by/4.0/ This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Computer Science Sadek, Ibrahim Chong, Penny Rehman, Shafiq Ul Elovici, Yuval Binder, Alexander Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title | Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title_full | Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title_fullStr | Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title_full_unstemmed | Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title_short | Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| title_sort | memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques |
| topic | Computer Science |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6743008/ https://www.ncbi.nlm.nih.gov/pubmed/31528674 http://dx.doi.org/10.1016/j.dib.2019.104437 |
| work_keys_str_mv | AT sadekibrahim memorysnapshotdatasetofacompromisedhostwithmalwareusingobfuscationevasiontechniques AT chongpenny memorysnapshotdatasetofacompromisedhostwithmalwareusingobfuscationevasiontechniques AT rehmanshafiqul memorysnapshotdatasetofacompromisedhostwithmalwareusingobfuscationevasiontechniques AT eloviciyuval memorysnapshotdatasetofacompromisedhostwithmalwareusingobfuscationevasiontechniques AT binderalexander memorysnapshotdatasetofacompromisedhostwithmalwareusingobfuscationevasiontechniques |