Data in Brief (Dec 2024)
Process control block information dataset: Towards android malware detection
Abstract
This article proposes a Process Control Block (PCB) dataset [1] mined over the process execution time of tested Android applications. The PCB data from 2620 malware-infested applications and 1610 benign applications were collected. The PCB data sequence was collected for 25 seconds, with an average of 18,500 PCB records stored for each application.The mining method was implemented at the kernel level and synced with the process (job) context switching. The data for each program comprises the PCB information for all threads running the application. The application automation testing and PCB gathering for benign and malicious applications were conducted in a closed dynamic malware analysis framework. The dataset can be used to compare and contrast the low-level (kernel) behavior of benign and malicious Android programs. For the vast majority of tested applications, the mining approach effectively captured 99% of the context switches.
