Showing posts from 2020

SignatureMiner : Anti-Virus Signature Intelligence Tool

SignatureMiner, a semisupervised security framework for Anti-Virus signatures featuring normalization, customization, clustering and knowledge discovery. SignatureMiner is based on MinHash and regular expressions and can be used both for malware label classification and signature-based analytics. (SignatureMiner: A Fast Anti-Virus Signature Intelligence Tool - IEEE Conference Publication, 2020) SignatureMiner is a python tool to mine information from cryptic Antivirus software signatures. It was designed to extract consensus about malware types from the outputs of Multi-scanner tools, but can be leveraged to extract (or mine) useful insights from the signatures themselves. SignatureMiner leverages the well-known minhashing approach to cluster together tokens extracted from clean AV signatures. Those clusters have to be supervised by the user to write some regular expression rules (in python) that SignatureMiner can convert into classification directives. To do this, SignatureM

Virtualbox - Install guest additions on RHEL 8 or CentOS 8

1. First install the following packages required for compilation of guest addition modules # dnf install tar bzip2 kernel-devel-$(uname -r) kernel-headers  perl gcc make elfutils-libelf-devel       2. Install Guest Addition  by running the installation script after mounting guest addition iso # ./ 3. Check if the guest addition modules has been installed # lsmod | grep vbox       Reference :