Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to use Pesidious and artificial intelligence technology to generate malware variants". The explanation in this article is simple and clear and easy to learn and understand. Please follow Xiaobian's train of thought to study and learn "how to use Pesidious and artificial intelligence technology to generate malware variants".

Pesidious

Pesidious can use deep reinforcement learning and generated confrontation network (GAN) to mutate malware. In short, it can use artificial intelligence technology to generate malware variant samples (PE32) and bypass artificial intelligence-based malware classifiers without affecting the original functionality of malware. Before that, many researchers have done some meaningful work in this field, researchers either choose to use reinforcement learning, or choose to use generation against networks as their weapon to modify the executable state of malware in an attempt to deceive antivirus agents.

PS: this article is for technical research and discussion only. It is strictly forbidden to be used for any illegal use. Violators will bear the consequences.

However, the solution we are now designing combines deep reinforcement learning with GANs to overcome some of the limitations faced when using these methods independently.

Dependent component

PyTorch

Lief

PE Bliss

Gym-Malware

MalwareGAN

Pesidious installation

Note that because the tool deals with malware and malicious files, we strongly recommend using a virtual machine for testing. After the tool installation is complete, make sure the device is disconnected from the network.

Next, you can follow these steps to install the tool dependency components and configure the relevant environment.

First, we need to install and configure the Python 3.6environment on the local host.

Next, clone the project source code locally in the following ways:

Git clone https://github.com/CyberForce/Pesidious

After cloning the project source code locally, you need to switch to the Pesidious home directory in the command line tool:

Cd Pesidious

Then, install, configure, and activate the virtual environment with Python 3.6 installed. Make sure that we have installed and configured pip 8.1.1:

Pip install pip==8.1.1

Next, install all the dependent components of Pesidious, which can be installed directly from the requirements.txt file:

How pip install-r pip_requirements/requirements.txt generates malware variants

The output data generated against the network (GAN) will be stored in the form of RL_Features/adverarial_imports_set.pk and RL_Features/adverarial_sections_set.pk, which will then be used to mutate malware.

1. We can test the sample classifier to evaluate malware files:

Python classifier.py-d / path/to/directory/with/malware/files

2. Run the mutate.py script to mutate the malware sample:

Python mutate.py-d / path/to/directory/with/malware/files

3. Malware sample variant files will be stored in a directory called Mutated_malware in the following format:

Mutated_malware/mutated_

4. When the malware file mutation is complete, you can run the malware classifier again to evaluate the mutated malware sample:

Python classifier.py-d Mutated_malware/ thank you for your reading, the above is the content of "how to use Pesidious and artificial intelligence technology to generate malware variants". After the study of this article, I believe you have a deeper understanding of how to use Pesidious and artificial intelligence technology to generate malware variants, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.