MALVADA: A framework for generating datasets of malware execution traces
Malware attacks have been growing steadily in recent years, making more sophisticated detection methods necessary. These approaches typically rely on analyzing the behavior of malicious applications, for example by examining execution traces that capture their runtime behavior. However, many existin...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2025-05-01
|
| Series: | SoftwareX |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S2352711025000494 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1823864445119496192 |
|---|---|
| author | Razvan Raducu Alain Villagrasa-Labrador Ricardo J. Rodríguez Pedro Álvarez |
| author_facet | Razvan Raducu Alain Villagrasa-Labrador Ricardo J. Rodríguez Pedro Álvarez |
| author_sort | Razvan Raducu |
| collection | DOAJ |
| description | Malware attacks have been growing steadily in recent years, making more sophisticated detection methods necessary. These approaches typically rely on analyzing the behavior of malicious applications, for example by examining execution traces that capture their runtime behavior. However, many existing execution trace datasets are simplified, often resulting in the omission of relevant contextual information, which is essential to capture the full scope of a malware sample’s behavior. This paper introduces MALVADA, a flexible framework designed to generate extensive datasets of execution traces from Windows malware. These traces provide detailed insights into program behaviors and help malware analysts to classify a malware sample. MALVADA facilitates the creation of large datasets with minimal user effort, as demonstrated by the WinMET dataset, which includes execution traces from approximately 10,000 Windows malware samples. |
| format | Article |
| id | doaj-art-ec7cf7d4cd1243bda4ab2ea08e00cb93 |
| institution | Kabale University |
| issn | 2352-7110 |
| language | English |
| publishDate | 2025-05-01 |
| publisher | Elsevier |
| record_format | Article |
| series | SoftwareX |
| spelling | doaj-art-ec7cf7d4cd1243bda4ab2ea08e00cb932025-02-09T05:00:36ZengElsevierSoftwareX2352-71102025-05-0130102082MALVADA: A framework for generating datasets of malware execution tracesRazvan Raducu0Alain Villagrasa-Labrador1Ricardo J. Rodríguez2Pedro Álvarez3Engineering Research Institute of Aragon (I3A), Universidad de Zaragoza, 50018 Zaragoza, SpainEngineering Research Institute of Aragon (I3A), Universidad de Zaragoza, 50018 Zaragoza, SpainCorresponding author.; Engineering Research Institute of Aragon (I3A), Universidad de Zaragoza, 50018 Zaragoza, SpainEngineering Research Institute of Aragon (I3A), Universidad de Zaragoza, 50018 Zaragoza, SpainMalware attacks have been growing steadily in recent years, making more sophisticated detection methods necessary. These approaches typically rely on analyzing the behavior of malicious applications, for example by examining execution traces that capture their runtime behavior. However, many existing execution trace datasets are simplified, often resulting in the omission of relevant contextual information, which is essential to capture the full scope of a malware sample’s behavior. This paper introduces MALVADA, a flexible framework designed to generate extensive datasets of execution traces from Windows malware. These traces provide detailed insights into program behaviors and help malware analysts to classify a malware sample. MALVADA facilitates the creation of large datasets with minimal user effort, as demonstrated by the WinMET dataset, which includes execution traces from approximately 10,000 Windows malware samples.http://www.sciencedirect.com/science/article/pii/S2352711025000494Dataset generationMalware behaviorExecution tracesMalware classification |
| spellingShingle | Razvan Raducu Alain Villagrasa-Labrador Ricardo J. Rodríguez Pedro Álvarez MALVADA: A framework for generating datasets of malware execution traces SoftwareX Dataset generation Malware behavior Execution traces Malware classification |
| title | MALVADA: A framework for generating datasets of malware execution traces |
| title_full | MALVADA: A framework for generating datasets of malware execution traces |
| title_fullStr | MALVADA: A framework for generating datasets of malware execution traces |
| title_full_unstemmed | MALVADA: A framework for generating datasets of malware execution traces |
| title_short | MALVADA: A framework for generating datasets of malware execution traces |
| title_sort | malvada a framework for generating datasets of malware execution traces |
| topic | Dataset generation Malware behavior Execution traces Malware classification |
| url | http://www.sciencedirect.com/science/article/pii/S2352711025000494 |
| work_keys_str_mv | AT razvanraducu malvadaaframeworkforgeneratingdatasetsofmalwareexecutiontraces AT alainvillagrasalabrador malvadaaframeworkforgeneratingdatasetsofmalwareexecutiontraces AT ricardojrodriguez malvadaaframeworkforgeneratingdatasetsofmalwareexecutiontraces AT pedroalvarez malvadaaframeworkforgeneratingdatasetsofmalwareexecutiontraces |