Sakura

Using a trained AI Model to detect malware riddled PE Files within individual and directory files.

Comment

Sakura Malware Scanner

Inspiration

Our inspiration came from the growing need for accessible and efficient malware detection tools. With the rise in malware threats, especially targeting Windows systems, we wanted to create a tool that combines the power of machine learning with user-friendly interface design. The name "Sakura" was chosen to represent the tool's elegant simplicity while maintaining powerful detection capabilities.

What it does

Sakura is a sophisticated malware detection tool that:

  • Analyzes Windows executable files (PE files) for malicious characteristics
  • Provides real-time risk assessment scores from 0-10
  • Features an intuitive graphical interface for easy file scanning
  • Supports both individual file and directory scanning
  • Implements recursive directory scanning for thorough system analysis
  • Utilizes advanced PE file analysis techniques to identify potential threats

How we built it

We developed Sakura using:

  • Python as the core programming language
  • EMBER dataset for training our machine learning model
  • LightGBM for efficient and accurate malware classification
  • LIEF library for PE file analysis
  • tkinter for creating the graphical user interface
  • scikit-learn for machine learning model implementation

The development process involved:

  1. Training a machine learning model on the EMBER dataset
  2. Implementing sophisticated feature extraction from PE files
  3. Creating an intuitive GUI for user interaction
  4. Optimizing the detection algorithm for accuracy

Challenges we ran into

We faced several significant challenges:

  • Balancing detection accuracy with processing speed
  • Handling various PE file formats and structures
  • Implementing proper feature extraction from executable files
  • Managing false positives while maintaining high detection rates
  • Creating a standalone executable that properly bundles all dependencies
  • Ensuring the model performs consistently across different Windows environments

Accomplishments that we're proud of

Our key achievements include:

  • Achieving high detection accuracy with minimal false positives
  • Creating a user-friendly interface that makes malware scanning accessible
  • Successfully implementing machine learning for real-time threat detection
  • Developing a lightweight yet powerful scanning engine
  • Creating a portable application that runs without installation
  • Implementing efficient directory scanning with progress tracking

What we learned

Through this project, we gained valuable experience in:

  • Machine learning model training and optimization
  • Windows PE file structure and analysis
  • GUI development with tkinter
  • Feature extraction techniques for malware detection
  • Software packaging and distribution
  • Balancing user experience with technical functionality

What's next for Sakura

Future development plans include:

  • Implementing real-time file system monitoring
  • Adding support for more file types beyond PE files
  • Creating a database of known malware signatures
  • Developing network traffic analysis capabilities
  • Adding detailed report generation
  • Implementing cloud-based threat intelligence integration
  • Creating an update system for the machine learning model
  • Adding support for different operating systems

Built With

Share this project:

Updates