C-DAC Attack Dataset and Analysis Repository (C-ADAR)

The C-DAC Attack Dataset and Analysis Repository is a comprehensive  solution for detection, classification and sharing of malware, suspicious URLs and the generation of labelled attack datasets. The developed system has a large knowledge base of labelled and categorised datasets such as malware families & its strains, malicious bytecodes, opcodes sequences, strings, malware image datasets, API calls sequences, behavior reports, imports, DLLs, suspicious URLs, network traffic, feature vectors, etc. The system has intelligent detection algorithms including static, dynamic and visual based methods.

Use Cases

• Collection and creation of domain (IoT, Web, SCADA) specific attack dataset.
• Malware repository sharing platform.
• Sharing of attack dataset repository to researchers, academicians, and LEAs.
• Intelligent malware detection Sandbox

Salient Features

• A complete threat analysis under one solution including analysis of Windows, Linux, IoT binaries, Portable executables, ELFs, etc.
• URL analyser and suspicious URL detection through client honeypots for monitoring the weblinks for collection of possible drive-by download malwares.
• Cyber-attacks (Malware, URLs, and associated IoCs) detection and recognition in real-time with minimal human interaction using artificial intelligence.
• Labelled datasets for security analysis and researchers.
• Actionable Threat Intel Correlation with Contextual Data for Attack Attribution.
• Static (code analysis, image analysis) and dynamic analysis.
• Threat intel mapping with TTP as per MITRE AT&T techniques.
• Easy to use, dedicated dashboard that shows complete workflow/playbooks for each analysis engine.
• Similarity analysis based on standard scientific methods.
• Downloadable features to enable the users to download the raw dataset as well as labelled datasets.
• Threat hunting through IoCs extraction.
• Reputation analysis with open-source tools 
• Rest API for easy integration.