English

A Benchmark API Call Dataset for Windows PE Malware Classification

Cryptography and Security 2021-02-23 v2

Abstract

The use of operating system API calls is a promising task in the detection of PE-type malware in the Windows operating system. This task is officially defined as running malware in an isolated sandbox environment, recording the API calls made with the Windows operating system and sequentially analyzing these calls. Here, we have analyzed 7107 different malicious software belonging to various families such as virus, backdoor, trojan in an isolated sandbox environment and transformed these analysis results into a format where different classification algorithms and methods can be used. First, we'll explain how we got the malware, and then we'll explain how we've got these software bundled into families. Finally, we will describe how to perform malware classification tasks using different computational methods for the researchers who will use the data set we have created.

Keywords

Cite

@article{arxiv.1905.01999,
  title  = {A Benchmark API Call Dataset for Windows PE Malware Classification},
  author = {Ferhat Ozgur Catak and Ahmet Faruk Yazı},
  journal= {arXiv preprint arXiv:1905.01999},
  year   = {2021}
}

Comments

Updated version

R2 v1 2026-06-23T08:58:03.868Z