Problem Statement Malware is an abbreviated term meaning “malicious software.” This is software that is specifically designed to gain access or damage a computer without the knowledge of the owner. There are various types of malware including spyware, keyloggers, true viruses, worms, or any type of malicious code that infiltrates a computer. We havebuilt a malware detection system using MISP (Malware Information Sharing Platform), VirusTotal and Machine Learning. Since we are using MISP, our machine will dynamically learnabout new types of Malwares and continuously evolve it to keep detecting new variety of malwareseven after being coded just once. To make things work faster, we’ll also be using the signature based malware detection based on md5 hashes stored for each PE (Portable Executable) file in our system. We will be using Python for our project. We are also checking our file’s MD5 hash on VirusTotal via an API just like we did in case of MISP. Another feature from our project includes GUI to make it user friendly.
Software / Technologies and Databases used for implementation and connectivity
• Python • Python Libraries – numpy, pandas, argparse, hashlib, pefile, pickle,csv • Machine Learning- sklearn.feature_selection,sklearn.cross_validation,sklearn.tree,sklearn.linearmodel,xgboost,sklearn.external.joblib, • PyCharm • MISP (API)-pymisp • VirusTotal (API)-virus_total_apis • GUI – tkinter
steps to open file:
- Runn startbutton.py
- Linux is the most suitable OS to run the program.