{"id":28105078,"url":"https://github.com/spk-22/mal-aware","last_synced_at":"2026-04-13T21:04:18.801Z","repository":{"id":293109097,"uuid":"982977086","full_name":"spk-22/Mal-Aware","owner":"spk-22","description":"This project focuses on the classification of malware based on system process behavior. It utilizes machine learning techniques to analyze features extracted from running processes to distinguish between benign and malicious software. The goal is to develop an effective and interpretable model for real-time malware detection.  Tags (for GitHub):","archived":false,"fork":false,"pushed_at":"2025-05-13T17:35:03.000Z","size":25,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-13T18:40:15.535Z","etag":null,"topics":["casual-sampling","graphsage","malware-analysis","malware-detection","python","pytorch"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spk-22.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-13T17:29:33.000Z","updated_at":"2025-05-13T17:35:07.000Z","dependencies_parsed_at":"2025-05-13T18:51:30.834Z","dependency_job_id":null,"html_url":"https://github.com/spk-22/Mal-Aware","commit_stats":null,"previous_names":["spk-22/mal-aware"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FMal-Aware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FMal-Aware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FMal-Aware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spk-22%2FMal-Aware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spk-22","download_url":"https://codeload.github.com/spk-22/Mal-Aware/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254029130,"owners_count":22002301,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["casual-sampling","graphsage","malware-analysis","malware-detection","python","pytorch"],"created_at":"2025-05-13T21:23:55.731Z","updated_at":"2026-04-13T21:04:18.796Z","avatar_url":"https://github.com/spk-22.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Mal-Aware\n\n## Overview\n\nThis project implements a machine learning model for classifying software as either benign or malicious based on its system process behavior. By analyzing various features derived from running processes, the model aims to provide an effective method for identifying malware.\n\n## Project Goals\n\n* Develop a machine learning model capable of accurately classifying malware.\n* Explore and analyze key system process features relevant to malware detection.\n* Provide a clear and reproducible workflow for training and evaluating the model.\n* (Optional: Investigate the interpretability of the model's predictions.)\n\n## Dataset\n\nThe CICIDS-2017 dataset used in this project contains information about system processes, with features such as process counts, memory usage, loaded libraries (DLLs), handles, and more. The dataset is labeled to indicate whether a process or system state is benign or associated with malware.\n\n\n## Methodology\n\nThe project typically involves the following steps:\n\n1.  **Data Loading and Exploration:** Loading the system process dataset and understanding its structure and features.\n2.  **Feature Preprocessing:** Cleaning, scaling, and potentially transforming the features to prepare them for the machine learning model.\n3.  **Model Selection:** Choosing an appropriate machine learning model for classification (e.g., Neural Network, Random Forest, Gradient Boosting).\n4.  **Model Training:** Training the selected model on the preprocessed data.\n5.  **Model Evaluation:** Assessing the performance of the trained model using appropriate metrics (e.g., accuracy, precision, recall, F1-score, confusion matrix, AUC-ROC).\n\n\n## Code Structure\n\n*(Provide a brief overview of the files in your repository, e.g.,)*\n\n* `malware.py` : Contains the main code for data loading, preprocessing, model training, and evaluation.\n* `malware_model.pth` : The trained model with model weights in .pth format.\n* `sampling_comparison_simluation.html`: To visulaize the difference between casual sampling and random sampling.\n* `README.md`: This file.\n* `models.py`,`utils.py`,`web-app.py`: Visual Interface to load files and check model predictions, evaluation, accuracy metrics and reasoning.\n\n## Requirements - Python libraries:\n\n* Python 3.x\n* pandas\n* numpy\n* scikit-learn\n* (Potentially other libraries e.g., TensorFlow, PyTorch, XGBoost)\n\n**(If you have a `requirements.txt` file, mention it here and how to install dependencies.)**\n\n```bash\npip install -r requirements.txt\nUsage\nClone the repository:\nBash\n\ngit clone \u003crepository_url\u003e\nNavigate to the project directory:\nBash\n\ncd your_repository_name\n(If applicable) Install dependencies:\nBash\n\npip install -r requirements.txt\nRun the main script or notebook:\nBash\n\njupyter notebook malware_classification.ipynb\n# or\npython malware_classification.py\nResults\n(Once you have results, you can add a section here to summarize the performance of your model on the malware classification task. Include key metrics like accuracy, F1-score, etc.)\n\nFuture Work\nExperiment with different machine learning models and hyperparameter tuning.\nExplore advanced feature engineering techniques.\nInvestigate the interpretability of the model.\nEvaluate the model on more diverse and real-world malware samples.\n(Potentially integrate with a system monitoring tool.)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspk-22%2Fmal-aware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspk-22%2Fmal-aware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspk-22%2Fmal-aware/lists"}