Espionage Droidy Sandbox -Our Datasets



Android Adware and General Malware Dataset (AAGM):

A labeled dataset of mobile malware traffic from real smartphones, built with nine new flow-based network traffic features. This dataset includes 1900 benign and malicious apps in 12 different families. The 400 malware apps are from two categories: adware (250), and general malware (150).
The operations of creating the AAGM dataset are divided into three phases, which you can see in below figure.

To further analyze our dataset, we employed Droidkin, a lightweight detector of the similarity of Android apps. Droidkin is used to investigate the relationships between each apps category: adware, general malware, and benign. The following figure visualizes the result of the detection analysis. The red circles represent categories, and the small black circles represent the apps that belong to those categories. Overall, there is a weak-relationship between these three categories.
For more information about this dataset, please find the related published paper here:
Arash Habibi Lashkari, Andi Fitriah A.Kadir, Hugo Gonzalez, Kenneth Fon Mbah and Ali A. Ghorbani, “Towards a Network-Based Framework for Android Malware Detection and Characterization”, In the proceedings of the 15th International Conference on Privacy, Security and Trust, PST, Calgary, Canada, 2017.




To requesting the datasets, please visit following links:
Dataset Link Description
CICAndMal2017 CICAndMal2017 To be announced...
AAGM AAGMAndroid Adware and General Malware Dataset
In the case that you've used our datasets in your research, please cite their publsihed paper as well.