Suggestions in Courses

See all course results

Suggestions in News

  • No suggestions found.

Suggestions in Events

See all events results
London Met Website

MalVol-25: a diverse, labelled and detailed volatile memory dataset for malware detection and response testing and validation [paper]

Lists
Tools

Dunsin, Dipo, Ghanem, Mohamed Chahine, Almeida Palmieri, Eduardo, Kheddar, Hamza and Habchi, Yassine (2025) MalVol-25: a diverse, labelled and detailed volatile memory dataset for malware detection and response testing and validation [paper]. In: 8th IEEE Conference on Cloud and Internet of Things CIoT-2025, 29-31 October 2025, London, UK. (In Press)

Abstract

This paper addresses the critical need for high-quality malware datasets that support advanced analysis techniques, particularly machine learning and agentic AI frameworks. Existing datasets often lack diversity, comprehensive labelling, and the complexity necessary for effective machine learning and agent-based AI training. To fill this gap, we developed a systematic approach for generating a dataset that combines automated malware execution in controlled virtual environments with dynamic monitoring tools. The resulting dataset comprises clean and infected memory snapshots across multiple malware families and operating systems, capturing detailed behavioural and environmental features. Key design decisions include applying ethical and legal compliance, thorough validation using both automated and manual methods, and comprehensive documentation to ensure replicability and integrity. The dataset’s distinctive features enable modelling system states and transitions, facilitating RL-based malware detection and response strategies. This resource is significant for advancing adaptive cybersecurity defences and digital forensic research. Its scope supports diverse malware scenarios and offers potential for broader applications in incident response and automated threat mitigation.

Documents
10786:54348
[thumbnail of MalVol_25__A_Diverse__Labeled_and_Detailed_Malware_Volatile_Memory_Dataset_for_Detection_and_Response_Testing_and_Validation-1.pdf]
Preview
MalVol_25__A_Diverse__Labeled_and_Detailed_Malware_Volatile_Memory_Dataset_for_Detection_and_Response_Testing_and_Validation-1.pdf - Accepted Version
Available under License Creative Commons Attribution 4.0.

Download (930kB) | Preview
Details
Title:
MalVol-25: a diverse, labelled and detailed volatile memory dataset for malware detection and response testing and validation [paper]
Creators:
Dunsin, Dipo, Ghanem, Mohamed Chahine, Almeida Palmieri, Eduardo, Kheddar, Hamza and Habchi, Yassine
Official URL:
https://doi.org/10.21227/kg5b-nf37
Date:
5 September 2025
Subjects:
000 Computer science, information & general works
600 Technology
Department:
School of Computing and Digital Media
Publisher:
IEEE
Uncontrolled Keywords:
Malware; Volatile Memory; Incident Response; Artificial intelligence (AI); Digital Forensics Cyber Attacks
Record
URI:
https://repository.londonmet.ac.uk/id/eprint/10786
Item Type:
Conference or Workshop Item
Presentation Type:
Paper
Depositing User:
Mohamed Ghanem
Date Deposited:
22 Sep 2025 10:39
Revision:
15
Last Modified:
22 Sep 2025 10:39

Available Versions of this Item

View Item View Item
CORE (COnnecting REpositories)