Karol Trociński issues

Results 13 issues of


                                            Karol Trociński

Calculate minhash of each function in sample

This can yield better results than minhashing whole disassembly by comparing if some of the functions are similar to the others in database.

enhancement

priority:medium

aurora

Standardise malware similarity profile.

Malware similarity profile should be standardized into a clean and understandable summary of a malware sample. Something like this. ```json { "profile": { "filename": "filename", "md5": "md5", "sha1": "sha1", "sha256":...

enhancement

aurora

Test graph databases for storing relationship information.

References: * https://neo4j.com/developer/graph-database/

priority:low

aurora

MWDB Plugin

* https://mwdb.readthedocs.io/en/latest/integration-guide.html

enhancement

priority:low

Maldoc similarity

Add maldoc similarity karton based on the embedded images and (or) other characteristics of a document. References: https://github.com/jstrosch/graph-maldoc-similar-images

enhancement

priority:low

kartons

Add aurora-karton reporter

Add single karton for communicating with aurora. Allows for unit tests for other kartons.

enhancement

priority:medium

kartons

String similarity

Add karton for adding relationship with similar strings. Optimization ideas: * Store string length in db and choose only strings with length different by only a small factor. References: https://github.com/seatgeek/fuzzywuzzy

enhancement

priority:medium

kartons

Survey other code similarity methods

* Minhashing functions instead of whole code.

enhancement

priority:medium

kartons

aurora

Use luqum for advance searching

Luqum will allow for using lucerne like query syntax instead of this cursed abomination I'm currently using. References: * https://github.com/jurismarches/luqum

enhancement

priority:low

aurora

New frontend using one of Javascript frameworks.

Leave this dirty Jinja templating alone

enhancement

priority:low

aurora