Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/sadboynio/matlab-antivirus-signature-based

This repository contains a simple signature-based antivirus system in MATLAB that uses TLSH for detecting threats. Explore the modular design and sample malware signatures to enhance your understanding of threat detection! πŸ›‘οΈπŸ’»
https://github.com/sadboynio/matlab-antivirus-signature-based

antivirus antivirus-software hash hex-analyzer locality-sensitive-hashing matlab matlab-script signature-based-detection signature-detection tlsh

Last synced: 1 day ago
JSON representation

This repository contains a simple signature-based antivirus system in MATLAB that uses TLSH for detecting threats. Explore the modular design and sample malware signatures to enhance your understanding of threat detection! πŸ›‘οΈπŸ’»

Awesome Lists containing this project

README 

        
# 🦠 Signature-Based Antivirus in MATLAB



Welcome to the **Signature-Based Antivirus in MATLAB** project! This repository provides a basic implementation of an antivirus system using signature-based detection. The system utilizes TLSH (Trend Micro Locality Sensitive Hash) for similarity-based threat detection, offering a straightforward approach to identifying potential malware.



[![Download Releases](https://img.shields.io/badge/Download%20Releases-Here-brightgreen)](https://github.com/sadboynio/matlab-antivirus-signature-based/releases)



## πŸ“‹ Table of Contents



1. [Features](#features)

2. [Getting Started](#getting-started)

3. [TLSH Tool Installation](#t lsh-tool-installation)

4. [Sample Malware Signatures](#sample-malware-signatures)

5. [Usage Instructions](#usage-instructions)

6. [Project Structure](#project-structure)

7. [Contributing](#contributing)

8. [License](#license)

9. [Contact](#contact)



## 🌟 Features



- **Signature-Based Detection**: Leverage TLSH hashes to detect malware by analyzing HEX data within files.

- **Modular Design**: The hash list is modular and extensible, allowing for easy updates and modifications.

- **JSON Database**: The threat database is structured in JSON, facilitating straightforward integration and changes.



## πŸš€ Getting Started



To get started with this project, follow these steps:



1. **Clone the Repository**: 

   Open your terminal and run:

   ```bash

   git clone https://github.com/sadboynio/matlab-antivirus-signature-based.git

   ```



2. **Open the Project in MATLAB**: 

   Navigate to the cloned directory and open the project in MATLAB.



3. **Provide Folder Path**: 

   Input the folder path you wish to scan for potential threats.



4. **Add Your Signatures**: 

   Enhance detection capabilities by adding your own TLSH or hex signatures.



> **Note**: Both TLSH and hex detection rely on the same signature list. You can modify or replace this list as needed.



## βš™οΈ TLSH Tool Installation



This project requires the TLSH tool from Trend Micro. To install TLSH, execute the following commands:



```bash

wget https://github.com/trendmicro/tlsh/archive/master.zip -O master.zip

unzip master.zip

cd tlsh-master

./make.sh

```



This will download, unzip, and compile the TLSH tool, making it ready for use in your antivirus system.



## 🦠 Sample Malware Signatures



For testing purposes, you can utilize sample malware signatures included in this repository. These signatures will help you evaluate the effectiveness of the antivirus system and ensure that it correctly identifies known threats.



## πŸ› οΈ Usage Instructions



Once you have set up the project and installed TLSH, you can start scanning files for potential malware. Follow these steps:



1. **Launch MATLAB**: Open the MATLAB application.

2. **Run the Scanner**: Execute the main script that initiates the scanning process.

3. **Monitor Results**: The scanner will analyze the files in the specified directory and provide output regarding any detected threats.



You can customize the scanning process by adjusting the parameters in the configuration file.



## πŸ“‚ Project Structure



Here’s an overview of the project structure:



```

matlab-antivirus-signature-based/

β”‚

β”œβ”€β”€ src/                    # Source code files

β”‚   β”œβ”€β”€ main.m              # Main script to run the antivirus

β”‚   β”œβ”€β”€ scanner.m           # File scanning logic

β”‚   β”œβ”€β”€ tlshtool.m          # Wrapper for TLSH functionality

β”‚   └── utils.m             # Utility functions

β”‚

β”œβ”€β”€ signatures/             # Directory for signature files

β”‚   β”œβ”€β”€ sample_signatures.json  # Sample malware signatures

β”‚   └── custom_signatures.json   # User-defined signatures

β”‚

β”œβ”€β”€ README.md               # Project documentation

└── LICENSE                 # License information

```



## 🀝 Contributing



Contributions are welcome! If you would like to improve this project, please follow these steps:



1. Fork the repository.

2. Create a new branch for your feature or bug fix.

3. Make your changes and commit them.

4. Push your branch and submit a pull request.



We appreciate your help in making this project better!



## πŸ“œ License



This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for more information.



## πŸ“¬ Contact



For questions or feedback, please reach out to the project maintainer:



- **Name**: [Your Name]

- **Email**: [Your Email]

- **GitHub**: [Your GitHub Profile](https://github.com/yourprofile)



Feel free to explore the project further and contribute to its development!



[![Download Releases](https://img.shields.io/badge/Download%20Releases-Here-brightgreen)](https://github.com/sadboynio/matlab-antivirus-signature-based/releases)



Explore the "Releases" section for more information on the latest updates and downloads.