Skip to content

Make your own extractor with your own set of features

Ayoub Benaissa edited this page Apr 20, 2019 · 3 revisions

Malware Revealer has been built with this flexibility in mind, you can use any set of feature extractor classes (supported ones or your own custom classes) by specifying them in an extractor configuration file.

Extractor Configuration File

An extractor configuration file is just a simple yaml file which lists the classes that should be used during the extraction phase. Below is an example of an extractor configuration file.

    - ByteCounts
    - BinaryImage
    - GeneralFileInfo
    - SomeELFFeature

This file indicate that the extraction should use the ByteCounts and the BinaryImage class from the base package, the GeneralFileInfo from the pe package and the SomeELFFeature from the elf package. You can develop your own set of feature classes and add them in this file to create an extractor that uses them.

Using this feature, you will be able to experiment different Machine Learning models (that uses different kind of features) quickly and easily.

Clone this wiki locally