MazenWahed/Malware-Detection-Using-EMBER-and-LightGBM

# Malware-Detection-Using-EMBER-and-LightGBM This repository provides a machine learning pipeline for static malware detection using the EMBER feature set and LightGBM classifier. It allows you to extract features from Windows PE files and classify them as benign or malicious without executing them. ## Overview Feature Extraction Extracts static features from PE files, including byte distributions, entropy, headers, imports/exports, sections, and strings. Machine Learning Classification Uses a pre-trained LightGBM model to predict whether a file is malicious. Outputs a score between 0 and 1 (1 = malicious). Prediction Output Supports single or batch PE file classification. Prints the probability score for each file. Dataset used from ember 2018: https://ember.elastic.co/ember_dataset_2018_2.tar.bz2 ## Installation Use `git` to download the files. git clone https://github.com/MazenWahed/Malware-Detection-Using-EMBER-and-LightGBM.git ## Install after cloning the repository Use `pip` to install the required packages. pip install -r requirements.txt ## How to run After you download the files and install packages. the pt model is connected to `fastapi` and a simple frontend code `index.html` Run the `app.py` Python app.py You can now open the website on your localhost you can find it as an output in the terminal example `http://127.0.0.1:8000` After you enter the website you will find a simple dashboard and a malware scan page enter it and upload the file you want to scan. In the files there is `notepad.exe` is a simple `.exe` with no malware that can be used for testing will reply with safe or benign. For safe reasons there is no malware in the files to test. You have to get your own Feel free to ask me anything