k3ylabs/cosoco-image-dataset

COSOCO（受损软件容器）是一个包含3364张图像的合成数据集，这些图像代表良性软件容器和受损的恶意软件容器。数据集中的每张图像都是一个被转换为图像的docker化软件容器，使用在恶意软件分析中广泛使用的常见字节到像素工具。软件容器记录被标记为（1）良性或（2）受损。良性软件容器装有常用的无害软件包和工具，而受损软件容器则在无害的良性工具和软件包中，其底层文件系统被激活的恶意软件实例影响。每个受损实例都附带有一个掩码，即一个黑白图像，标记了底层系统文件中已被恶意软件更改的像素。COSOCO旨在支持通过图像分类任务识别受损软件容器，以及通过图像分割任务识别容器内的受损文件和文件系统区域。

COSOCO (Compromised Software Containers) is a synthetic dataset of 3364 images representing benign and malware-compromised software containers. Each image in the dataset represents a dockerized software container that has been converted to an image using common byte-to-pixel tools widely used in malware analysis. Software container records are labeled as (1) **benign** or (2) **compromised**: A benign software container has installed commonly used harmless packages and tools, whereas a compromised software container has, among harmless benign tools and packages, its underlying file system affected by some activated malware instance. Each compromised instance is accompanied by a mask, i.e., a black and white image that marks the pixels corresponding to the files of the underlying system that have been altered by malware. COSOCO aims to support the identification of compromised software containers through the image classification task and the identification of compromised files and file system regions inside a container through the image segmentation task.