Goal: Dynamically classify ransomware based on execution traces. Use the frequency of instructions from execution traces to classify traces as either malicious or benign.
Pre-Req:
- Intel SDE any version with attach-pid arg working for current windows applications
- Install Python 3.X version with pip
- Install Jupyter notebook using pip (pip install jupypterlab; pip install notebook)
- pip install pandas for Excel manipulation
- pip install pynput for Keypress events
- pip install psutil for process utils
- Have mouse autoclicker app in the same location as the python file (https://github.com/ApexWeed/AutoClicker)
- Install PuTTY application for scp file transfers