This is a non-IMPACT record, meaning that access to the data is not controlled by IMPACT. For access, see the directions below.

Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.

Summary

DS-0946
Malware Capture Facility Project
External Dataset
External Data Source
Stratosphere Lab
Unknown
Data collection is ongoing
50 (lowest rank is 50)

Category & Restrictions

Other
malicious traffic, network data, malware
Unrestricted
Unknown

Description


The Stratosphere IPS feeds itself with models created from real malware traffic captures. The Malware Capture Facility Project is in charge of continuously monitoring for new emerging threats, retrieving malicious samples and running them in our facilities to capture the traffic.

Machine learning algorithms need to be verified to find out their precise performance in real data. Specially in network computer security it is really important to have good datasets, because the data in the networks is infinite, changing, varied and with a high concept drift. These issues force us to obtain good datasets to train, verify and test the algorithms.

To make a good verification we need three types of traffic: Malware, Normal and Background. The Malware traffic will include all the things we want to detect, specially C&C (Command and Control) connections. The Normal traffic is very important to find out the real performance of our algorithms by computing the False Positives and True Negatives. The Background traffic is necessary to saturate the algorithms, verify its memory/speed performance and to test if the algorithm gets confused with the data. ; STRATOSPHEREIPS@AGENTS.FEL.CVUT.CZ
This dataset is the subject of ongoing measurement and data collection. As such the data is continuously growing. Researchers who are granted access will be able to download updates for a period of one year after their request.

Additional Details

N/A
Size is growing as more data is collected
false
true
czech technical university in prague, network computer, cybercrime, malware, virtualization software, data mining, vmware, statistical classification, inferlink corporation, classes of computers, false positives and false negatives, machine learning, background traffic, universities in the czech republic, engineering universities and colleges in the czech republic, external data source, quality management, concept drift, technical universities and colleges, 946, vmware thinapp, verification and validation, exploit, malware capture facility project