Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mucoze/Umay
IoT Malware Similarity Analysis Platform
https://github.com/mucoze/Umay
django infosec iot malware malware-analysis reverse-engineering static-analysis
Last synced: 21 days ago
JSON representation
IoT Malware Similarity Analysis Platform
- Host: GitHub
- URL: https://github.com/mucoze/Umay
- Owner: mucoze
- License: apache-2.0
- Created: 2021-09-22T21:55:55.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2022-01-30T14:29:33.000Z (almost 3 years ago)
- Last Synced: 2024-08-05T17:37:58.557Z (4 months ago)
- Topics: django, infosec, iot, malware, malware-analysis, reverse-engineering, static-analysis
- Language: JavaScript
- Homepage:
- Size: 12.6 MB
- Stars: 44
- Watchers: 4
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - mucoze/Umay - IoT Malware Similarity Analysis Platform (JavaScript)
README
[![Contributors][contributors-shield]][contributors-url]
[![Forks][forks-shield]][forks-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
IoT Malware Similarity Analysis Platform
**Table of contents**
- [About The Project](#about-the-project)
- [Current features](#current-features)
- [Getting Started](#getting-started)
- [Prerequisites](#prerequisites)
- [Installation](#installation)
- [Create your own dataset](#create-your-own-dataset)
- [Contributing](#contributing)
- [License](#license)
## About The Project
This project provides IoT malware similarity analysis based on shared codes. It helps to identify other malwares that have shared code with the analyzed file. In this way, you can have a chance to get an idea about the family of the malware. There are various devices with different architectures in the IoT ecosystem. Static-based methods are more effective when addressing the multi-architecture issue.
1000 malware binaries provided by [IoTPOT](https://sec.ynu.codes/iot/) were used in the project. The basic blocks and functions of each of binaries were extracted by radare2 and the hash values of these data were stored in the SQL database. The basic blocks and functions of the sample to be analyzed are query from this database and all malwares that have shared code are listed.
## Current features
- Shared code based static analysis.
- Supporting ARM, MIPS, x86-64, i386, PowerPC, m68k, Renesas SH.
- ?
## Getting Started
### Prerequisites
- Python3+
- [Radare2](https://github.com/radareorg/radare2)
- r2pipe
### Installation
```
git clone https://github.com/mucoze/Umay
cd Umay
```
```bash
virtualenv venv
```
```bash
source venv/bin/activate
```
```bash
pip install -r requirements.txt
```
```bash
python manage.py makemigrations
```
```bash
python manage.py migrate
```
```bash
python manage.py createsuperuser
```
```bash
python manage.py runserver
```
and now project app is accesible from your browser.
Default: `127.0.0.1:8000`
### Create your own dataset file
`python create_dataset.py samples/`
Give the directory where all the samples are located as an argument and it will generate the `dataset.db` file for you.
## 🤝 Contributing
Contributions, issues, and feature requests are welcome!
Feel free to contact me.
## License
Umay is licensed under [Apache License 2.0](LICENSE)
[contributors-shield]: https://img.shields.io/github/contributors/mucoze/Umay.svg?style=for-the-badge
[contributors-url]: https://github.com/mucoze/Umay/graphs/contributors
[forks-shield]: https://img.shields.io/github/forks/mucoze/Umay.svg?style=for-the-badge
[forks-url]: https://github.com/mucoze/Umay/network/members
[stars-shield]: https://img.shields.io/github/stars/mucoze/Umay.svg?style=for-the-badge
[stars-url]: https://github.com/mucoze/Umay/stargazers
[issues-shield]: https://img.shields.io/github/issues/mucoze/Umay.svg?style=for-the-badge
[issues-url]: https://github.com/mucoze/Umay/issues