However, for our tool, we need to only record malware traffic, therefore we need to discriminate the malware traffic from the other softwares/OS traffic (especially true with Windows 10). Getting the traffic for a given malware could be seen as an easy task: just record it with wireshark. You can find more relevent readme in both previously mentioned directories. The second one is the set of scripts used to analyze the dataset.
The first one is the set of scripts needed to record the malware activity on our virtual machine in order to build our dataset. Each experiment is a step we took to develop the project.Ĭurently, only exp15_frida_apis and exp16_visualisation are used. The repository contains all the code in the Experiments directory. You can just install by typing: python3 setup.py install. The library is in Experiments/exp16_visualisation/pylcs or at. The consequence is that you need to install it manually. We also wrote a C++ library (modified an already existed one to be precise) to speed up some custom function computations. The first step is to install the requirements with pip: A malware traffic analysis platform to detect and explain network traffic anomaly Setup
0 kommentar(er)
