This is a proof-of-concept for detecting malware inside PE headers and Yara rules as features for the executable file. There are 7 Machine learning models for detection, each one is independent from the others. The final decision from the 7 models is calculated with majority voting while each model has its own weight. there is a simple GUI for showing the result and simulating the client environment.
ℹ️ NOTE: The repository size is 665MB .. if you uploaded the Python notebook to google collab, then,no need to download all the files for development as the notebook will fetch and process the files inside the collab machine
- Upload the sketch
Python Development Script/Flothers_AI4CS_task_clean.ipynbto google collab (it will fetch everything)
- Python v3.8
- Install requirments:
$ pip3 install pandas numpy scikit-learn PySimpleGUI xgboost==0.90 yara-python
- Run the uploaded sketch (First cells are used to fetch the files from this Github Repo)
- Make sure both
gui.pyandmalware_models.pklare in the same directory - Execute the following command inside this directory
$ python3 gui.py