SherLock vs moriarty: A smartphone dataset for cybersecurity research

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In this paper we describe and share with the research community, a significant smartphone dataset obtained from an ongoing long-term data collection experiment. The dataset currently contains 10 billion data records from 30 users collected over a period of 1.6 years and an additional 20 users for 6 months (totaling 50 active users currently participating in the experiment). The experiment involves two smartphone agents: SherLock and Moriarty. SherLock collects a wide variety of software and sensor data at a high sample rate. Moriarty perpetrates various attacks on the user and logs its activities, thus providing labels for the SherLock dataset. The primary purpose of the dataset is to help security professionals and academic researchers in developing innovative methods of implicitly detecting malicious behavior in smartphones. Specifically, from data obtainable without superuser (root) privileges. To demonstrate possible uses of the dataset, we perform a basic malware analysis and evaluate a method of continuous user authentication.

Original languageAmerican English
Title of host publicationAISec 2016 - Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2016
Pages1-12
Number of pages12
ISBN (Electronic)9781450345736
DOIs
StatePublished - 28 Oct 2016
Event9th ACM Workshop on Artificial Intelligence and Security, AISec 2016 - Vienna, Austria
Duration: 28 Oct 2016 → …

Publication series

NameAISec 2016 - Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2016

Conference

Conference9th ACM Workshop on Artificial Intelligence and Security, AISec 2016
Country/TerritoryAustria
CityVienna
Period28/10/16 → …

Keywords

  • Anomaly detection
  • Continuous authentication
  • Forensics
  • Machine learning
  • Malware
  • Smartphone dataset

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence

Fingerprint

Dive into the research topics of 'SherLock vs moriarty: A smartphone dataset for cybersecurity research'. Together they form a unique fingerprint.

Cite this