In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/03 Report--
This article mainly explains "how to use Pesidious and artificial intelligence technology to generate malware variants". The explanation in this article is simple and clear and easy to learn and understand. Please follow Xiaobian's train of thought to study and learn "how to use Pesidious and artificial intelligence technology to generate malware variants".
Pesidious
Pesidious can use deep reinforcement learning and generated confrontation network (GAN) to mutate malware. In short, it can use artificial intelligence technology to generate malware variant samples (PE32) and bypass artificial intelligence-based malware classifiers without affecting the original functionality of malware. Before that, many researchers have done some meaningful work in this field, researchers either choose to use reinforcement learning, or choose to use generation against networks as their weapon to modify the executable state of malware in an attempt to deceive antivirus agents.
PS: this article is for technical research and discussion only. It is strictly forbidden to be used for any illegal use. Violators will bear the consequences.
However, the solution we are now designing combines deep reinforcement learning with GANs to overcome some of the limitations faced when using these methods independently.
Dependent component
PyTorch
Lief
PE Bliss
Gym-Malware
MalwareGAN
Pesidious installation
Note that because the tool deals with malware and malicious files, we strongly recommend using a virtual machine for testing. After the tool installation is complete, make sure the device is disconnected from the network.
Next, you can follow these steps to install the tool dependency components and configure the relevant environment.
First, we need to install and configure the Python 3.6environment on the local host.
Next, clone the project source code locally in the following ways:
Git clone https://github.com/CyberForce/Pesidious
After cloning the project source code locally, you need to switch to the Pesidious home directory in the command line tool:
Cd Pesidious
Then, install, configure, and activate the virtual environment with Python 3.6 installed. Make sure that we have installed and configured pip 8.1.1:
Pip install pip==8.1.1
Next, install all the dependent components of Pesidious, which can be installed directly from the requirements.txt file:
How pip install-r pip_requirements/requirements.txt generates malware variants
The output data generated against the network (GAN) will be stored in the form of RL_Features/adverarial_imports_set.pk and RL_Features/adverarial_sections_set.pk, which will then be used to mutate malware.
1. We can test the sample classifier to evaluate malware files:
Python classifier.py-d / path/to/directory/with/malware/files
2. Run the mutate.py script to mutate the malware sample:
Python mutate.py-d / path/to/directory/with/malware/files
3. Malware sample variant files will be stored in a directory called Mutated_malware in the following format:
Mutated_malware/mutated_
4. When the malware file mutation is complete, you can run the malware classifier again to evaluate the mutated malware sample:
Python classifier.py-d Mutated_malware/ thank you for your reading, the above is the content of "how to use Pesidious and artificial intelligence technology to generate malware variants". After the study of this article, I believe you have a deeper understanding of how to use Pesidious and artificial intelligence technology to generate malware variants, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.