DEVELOPMENT OF AN AUTOMATED SYSTEM FOR CREATING SIGNATURES TO IDENTIFY MALWARE

Abstract

The work solves the problem of developing an automated signature generation system for detecting malicious software (MSW). The system simplifies the process of analyzing, creating and managing signatures, allowing users to quickly receive results in adaptive formats.

The general characteristics of malicious software are studied, the main approaches to its analysis are presented, in particular static and dynamic methods, and various types of methods for detecting MSW are described. Particular attention is paid to the signature method as one of the most effective in modern practice.

The requirements for an automated signature generation system are determined. The system implementation process is considered, which includes the selection of appropriate technologies and the implementation of components in accordance with the established requirements. A comparison of methods and tools available on the market is carried out, and the uniqueness of the proposed approach, which combines efficiency, integration via API and ease of use, is substantiated.

MongoDB and Python technologies were selected for development, which provide flexibility and productivity. This approach contributes to effective integration with other software products to increase the level of cybersecurity.

Integration with the MongoDB database for data storage and processing has been implemented, and a web interface has been created for convenient visual representation of signatures. An automated system has been developed that generates signatures, stores them in the database, provides access via API, and displays the results in the web interface. Examples of generated signatures are provided to confirm the functionality of the system.

As part of the system implementation, key modules have been developed, such as signature generation, API for data access, and integration of the web interface for convenient presentation of results.