Development Community
Please note: these datasets should only be used as a data point of the current state of the art!
Other relevant research should be considered – for example, patching of firmware on CAN buses to implement DTrace [Brock et al. 2023] which informs patch selection via timing analysis [Hsu et al. 2023].
The LastAct seedling instrumented six PCIe components which only added 6% additional component computational overhead, and a storage increase of 0.3%. The readme file contains details of how other datasets were generated, please note only datasets from NYU were taken from components.
To demonstrate the datasets collected information which could be used for Red-C, clustering and other machine learning methods were applied. Please note that there is just a small number of traces, the datasets were labeled, and the testing dataset was a reserve of the full dataset. Using supervised machine learning, LastAct achieved 99% detection of ransomware and 92% detection of botnet denial of service attacks.
[Hsu et al. 2023] Hsu, Min-Yih, Felicitas Hetzelt, David Gens, Michael Maitland, and Michael Franz. “A Highly Scalable, Hybrid, Cross-Platform Timing Analysis Framework Providing Accurate Differential Throughput Estimation via Instruction-Level Tracing.” In Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 821-831. 2023.
[Brock et al. 2023] Brock, James, Lauren Provost, Rylee Stone, Stephen Padnos, Stephen Taylor, and Jason Dahlstrom. “Dynamic, Real-Time Analysis, Patching and Protection of Vehicle System Binaries.” In MILCOM 2023-2023 IEEE Military Communications Conference (MILCOM), pp. 679-684. IEEE, 2023.