-
Notifications
You must be signed in to change notification settings - Fork 0
A consolidated project cosisting of "readelf" program and a python script of ripperK algorithm wrapped in a shell script that reads a ELF file as input and detects whether it is a malicious file or not.
viracall/linuxavlol
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Project - "Malware Detection On Linux Systems Using Structural Analysis of ELF (executable-linkable-file) and Classification Algorithm" WARNING !!! - The directory MDS contains actual MALWARE file that can cause system FAILURE. DO NOT EXECUTE the file names starting with "VirusShare_...". These files are only to be used as parameters in the program "LimDS.sh" Contents:- 1. DATM (directory) 2. MDS (directory) 3. README Description:- 1. DATM (directory) - Datasets and Trained Model Contents:- a. attribs.txt: This file contains the attributes/parameters of an ELF file used for the learning process. b. trset.text: This file contains the training dataset that has been extracted from ELF files (malware and benign) in order of attributes specified in attribs.txt. c. testset.txt: This file contains the test dataset that has been extracted from ELF files (malware and benign) in order of attributes specified in attribs.txt. d. result1.txt: This file contains the classification results and accuracy tested on the training dataset(b). e. result2.txt: This file contains the classification results and accuracy tested on the testing dataset(c). f. ripperk.py: The implementation of Ripperk rule-based algorithm as apython program taken from the source- https://github.com/azampagl/ai-ml-ripperk g. model.dat: A machine readable .dat file that has been generated by the algorithm(f) on the training set(b). h. reader.c: A program based on "readelf" system program of Linux bin-utils, which extracts the data from the ELF header. 2. MDS (directory) - Malware Detection System Contents:- a. LimDS.sh: (Linux malware Detection System) This is Linux bash script that takes an ELF file as input and checks whether the file is a malware or a non-malware based on the rules in model.dat 1(g). b. Malware files for testing: VirusShare_ff0425f68b35aae3e0dbcd7693d09940 VirusShare_ff061e942731bc4dbca5bbff8da7f5d1 VirusShare_ffb00447d40b0ae015752dd484d09de8 VirusShare_ffb437621f3249c647c88350e068fd07 VirusShare_ffc7be26912b5aca63e55dc7c830f28a c. non-malware file: date (any general linux system binary could be used
About
A consolidated project cosisting of "readelf" program and a python script of ripperK algorithm wrapped in a shell script that reads a ELF file as input and detects whether it is a malicious file or not.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published