admin/awesome_anti_virus_engine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update project documentation and enhance malware detection engine

Browse Source 
- Completely rewrite README.md with comprehensive project overview and technical details
- Add detailed explanation of antivirus engine architecture and detection strategies
- Implement multi-stage malware detection with machine learning, sandbox, and PE structure analysis
- Update project configuration and add new source files for enhanced detection capabilities
- Integrate XGBoost machine learning model with C++ export functionality
- Improve sandbox environment with advanced module and LDR data table handling
- Remove legacy Python prediction and training scripts in favor of C++ implementation
This commit is contained in:
Huoji's
2025-03-09 21:59:22 +08:00
parent 51f929abfa
commit 60c4ef5f58
23 changed files with 46102 additions and 1717 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ai_anti_malware/ml.h
View File

@@ -66,6 +66,9 @@ inline BYTE* RvaToPtr(DWORD rva, BYTE* peBuffer) {
return nullptr;
}
// 在头文件中声明score函数从外部导入
extern double score(double* input);
class MachineLearning {
public:
MachineLearning();
@@ -86,6 +89,10 @@ class MachineLearning {
// 读取文件到内存
std::vector<uint8_t> ReadFileToBuffer(const std::string& filePath);
// 新增方法使用XGBoost模型预测文件是否为恶意软件
double PredictMalware(const uint8_t* buffer, size_t bufferSize);
double PredictMalwareFromFile(const std::string& filePath);
private:
// 特征提取辅助函数
std::vector<double> EncodeProperties(