Skip to content
/ Signature-Based-Malware-Detection-System Public

An open-source, educational web app built with Next.js and TypeScript. It scans uploaded files using static hex signature matching to detect known malware.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ullashdn/Signature-Based-Malware-Detection-System

BranchesTags

Repository files navigation

🔍 Signature-Based Malware Detection System

This project presents a lightweight, privacy-respecting, signature-based malware detection system developed using TypeScript and Next.js. It can scan multiple file formats including .exe, .docx, .png, .mp3, .csv, .json, and more by matching known malware signatures in the hexadecimal content of the file.

🚀 Technologies Used

  • TypeScript
  • Next.js
  • React
  • LocalStorage (for storing scan history)
  • TailwindCSS (optional styling)
  • HTML5 File API
  • Static Hexadecimal Analysis

📂 File Formats Supported

  • Binary files: .exe, .bin, .dat
  • Text-based files: .txt, .log, .csv, .json, .xml
  • Document files: .docx, .pdf
  • Media files: .png, .jpg, .mp3, .mp4
  • Archives: .zip, .rar

⚙️ How It Works

  1. User uploads a file via the web interface.
  2. The first 10KB of the file is read and converted to hexadecimal.
  3. Each byte pattern is compared to a local database of known malware signatures.
  4. If a match is found, it reports the type, severity, and category of the malware.
  5. All scans are performed locally to preserve privacy.

🧪 Installation & Usage

Clone the Repository

git clone https://github.com/ullashdn/Signature-Based-Malware-Detection-System.git
cd Signature-Based-Malware-Detection-System

📈 Results Summary

  • ✅ Successfully detected embedded malware in various file types.
  • 🧪 Benchmarked across clean and infected file samples.
  • 💡 Real-time feedback with a clean UI.
  • 📁 All scans are processed client-side.

⚠️ Limitations

  1. 🔒 Signature Scope: Only known (predefined) malware patterns can be detected.
  2. 🧬 Obfuscation: Cannot detect polymorphic or encrypted malware.
  3. 🔍 Scan Depth: The scan is limited to the first 10KB of each file.
  4. 📦 No Archive Unpacking: Files inside .zip or .rar are not extracted or analyzed.
  5. 🧠 No Heuristics or AI: No machine learning or behavior-based detection.
  6. 🕵️ Metadata Blind Spots: Steganographic and macro-based payloads may bypass detection.

🔮 Future Work

  1. 📚 Heuristic + ML Integration: Combine static scanning with lightweight machine learning.
  2. 📦 Recursive Scan Engine: Support for scanning extracted contents of .zip, .rar, and embedded objects.
  3. ⌛ Full File Scanning: Expand beyond the 10KB limit for deeper analysis.
  4. 🌐 Signature Update Module: Include auto-updating mechanism for threat signature sets.
  5. 🧩 Browser Plugin: Convert the system into a Chrome/Firefox browser extension for real-time scanning.
  6. 🛡️ Offline Forensics Tool: Build a downloadable forensic toolkit with an exportable report interface.

About

An open-source, educational web app built with Next.js and TypeScript. It scans uploaded files using static hex signature matching to detect known malware.

Topics

open-source security cybersecurity educational malware-analysis malware-research security-tools malware-detection malware-scanner malware-protection

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages