To request access this dataset you will need to login with an IMPACT account. Accounts are free. If you don't have one please register.
This dataset is no longer available and has a current status of 'Withdrawn'.
Please see the catalog for a listing of currently available datasets.

Summary

DS-0836
GT Malware HTTP Daily Feed 2018
Dataset
Georgia Tech
Georgia Tech
01/01/2018
Data collection is ongoing
11 (lowest rank is 57)

Category & Restrictions

Cybercrime Infrastructure
malware, threat intelligence
Quasi-Restricted
true

Description


GT Malware HTTP Daily Feed 2018

This dataset contains a daily feed of HTTP data produced by the Georgia Tech Information Security Center's malware analysis system in 2018. Supplemental metadata included with the feed associates each URL and HTTP object with a specific suspect Windows executable, which is run in a sterile, isolated environment, with controlled access to the Internet, for a short period of time. Network activity comprising each sample's use of HTTP is recorded, processed, and made available as URL CSV files, extracted HTTP object sets, and raw PCAPs.

The feed is structured as a set of archives that each correspond to a single day of sample processing-based HTTP activity collection. Each archive decompresses to a top-level folder containing a URL CSV file, a PCAP subdirectory, and an HTTP objects subdirectory for that day. The PCAP and objects subdirectories each contain files that are named according to the MD5 of the sample that performed the corresponding activities over HTTP.
This dataset is the subject of ongoing measurement and data collection. As such the data is continuously growing. Researchers who are granted access will be able to download updates for a period of one year after their request.

Additional Details

N/A
Size is growing as more data is collected
true
2018, georgia, tech, http, feed, malware, daily, gt, gt malware http daily feed 2018, 836, georgia tech, url, sample, activity, pcap, object, subdirectory, files, csv, day, objects, time, suspect, center, sets, associates, activities, cybercrime infrastructure, included, structured, supplemental, md5, environment, dataset, performed, infrastructure, executable, controlled, single, processed, windows, short, specific, top, analysis, archive, raw, comprising, level, period, based, subdirectories, correspond, extracted, pcaps, produced, system, folder, file, security, network, decompresses, isolated, metadata, access, archives, cybercrime, processing, sterile, named