Adobe Releases Open Source Malware Analyzer Tool

Tuesday, April 03, 2012



Security researcher Karthik of Adobe's PSIRT team has released an open source malware analyzer tool that will "perform quick, easy classification of binaries for malware analysis".

The Python-based tool, dubbed the “Adobe Malware Classifier", is being made available for download and is intended for "first responders" including "malware analysts, IT admins and security researchers of any stripe," according to the Adobe blog.

"Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for 'clean,' 1 for 'malicious,' or 'UNKNOWN.' The tool extracts seven key features from a binary, feeds them to one or all of the four classifiers, and presents its classification results," Karthik writes.

"The tool was developed using models resultant from running the J48, J48 Graft, PART, and Ridor machine-learning algorithms on a data set of approximately 100,000 malicious programs and 16,000 clean programs," Karthik continued.

The researcher discussed the development of the tool at the Infosec Southwest 2012 conference in Austin, TX, on April 1.

The Malware Classifier tool is available for download free of charge at Open @ Adobe.


Possibly Related Articles:
Viruses & Malware
malware Open Source Tools Headlines Network Security Analysis scanner Adobe Malware Classifier Karthik PSIRT
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.