今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

TraceTree: Mapping malware behavior to catch supply chain attacks

Tejas 2026年07月05日 20:47 3 次阅读 来源:Dev.to

We just released an important update: retraining our Random Forest model on real malware behavior from the CIC-MalMem-2022 dataset. The challenge was mapping 58,000 complex memory dump traces into a clean 10-feature vector space that our syscall graph extractor produces. How it works: Sandbox target in Docker (network dropped) Trace every syscall with strace -t -f Parse into a NetworkX directed graph Extract 10 features (process count, network connections, file operations, severity scores, etc.) Feed into RandomForest for classification We also resolved module-level import cycles and pinned skops for safer model deserialization in production. Looking for collaborators who understand malware behavior, syscall parsing, or want to contribute detection rules. Open to issues and PRs. https://github.com/tejasprasad2008-afk/TraceTree

本文内容来源于互联网,版权归原作者所有
查看原文