NapierOne Mixed File Dataset

computer forensics computer security cyber security digital forensics malware mixed file dataset ransomware

Description

NapierOne is a modern cybersecurity mixed file data set, primarily aimed at, but not limited to, ransomware detection and forensic analysis. The dataset contains over 450,000 distinct files, representing 44 distinct popular file types. It was designed to address the known deficiency in research reproducibility and improve consistency by facilitating research replication and repeatability. The data set was inspired by the Govdocs1 data set and it is intended that ‘NapierOne’ be used as a complement to this original data set. An investigation was performed with the goal of determining the common files types currently in use. No specific research was found that explicitly provided this information, so an alternative consensus approach was employed. This involved combining the findings from multiple sources of file type usage into an overall ranked list. After which 5,000 real-world example files were gathered, and a specific data subset was created, for each of the common file types identified. In some circumstances, multiple data subsets were created for a specific file type, each subset representing a specific characteristic for that file type. For example, there are multiple data subsets for the ZIP file type with each subset containing examples of a specific compression method. Ransomware execution tends to produce files that have high entropy, so examples of file types that naturally have this attribute are also present. The resulting entire data set comprises of more than 90 separate data subsets divided between 44 distinct file types, resulting in over 450,000 unique files in total. Currently, the data set contains examples of the following file types APK, BIN, BMP, CSS, CSV, DOC, DOCX, DWG, ELF, EPS,EPUB, EXE, GIF, GZIP, HTML, ICS, JS, JPG, JSON, MKV, MP3, MP4, ODS, OXPS, PDF, PNG, PPT, PPTX, PS1, RAR, SVG, TAR, TIF, TXT, WEBP, XLS, XLSX, XML, ZIP, ZLIB, 7Zip

Update Frequency

Data will be added as methodology improves or new common or required file types are encountered.

License

NapierOne is released under the Edinburgh Napier University License Agreement and allows free, full and open access to all. For more details please refer to the License and Attribution section of the documentation. The license agreement means that you are free to Copy, publish, distribute and transmit the Information; Adapt the Information; Exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. You must (where you do any of the above) Acknowledge the source of the information in your product.

Documentation

https://github.com/simonrdavies/NapierOne

Managed By

See all datasets managed by School of Computing at Edinburgh Napier University.

Contact

Simon Davies s.davies@napier.ac.uk Richard Macfarlane R.Macfarlane@napier.ac.uk William J. Buchanan b.buchanan@napier.ac.uk

How to Cite

NapierOne Mixed File Dataset was accessed on DATE from https://registry.opendata.aws/napierone.

Usage Examples

Tutorials

Resources on AWS

  • Description
    NapierOne Mixed File Dataset
    Resource type
    S3 Bucket
    Amazon Resource Name (ARN)
    arn:aws:s3:::napierone.com
    AWS Region
    eu-north-1
    AWS CLI Access (No AWS account required)
    aws s3 ls s3://napierone.com/ --no-sign-request
    Explore
    Browse Bucket

Edit this dataset entry on GitHub

Home