Malware Shield
Protecting systems through intelligent static analysis and process monitoring
Created on 13th April 2025
•
Malware Shield
Protecting systems through intelligent static analysis and process monitoring
The problem Malware Shield solves
Our project addresses the growing need for proactive and intelligent malware detection in today’s diverse computing environments. Traditional antivirus tools often struggle with detecting emerging or obfuscated threats, especially those hidden in uncommon file types or behaving subtly within system processes. We built an AI-based malware detection system that not only scans a wide variety of files—such as executables, documents, scripts, archives, and more—but also monitors live processes to identify suspicious behavior like unauthorized network activity. This dual-layer approach enables both static and behavioral detection, offering a more comprehensive and adaptive security solution.
Challenges we ran into
One of the major challenges was achieving consistent model performance across all file types. For example, our initial use of a Random Forest model failed to accurately classify PDF files due to their complex and sparse structure. We resolved this by switching to a Decision Tree model, which provided better results for structured document formats. Additionally, balancing real-time performance with detection accuracy was difficult—especially in live process monitoring, where high memory usage and false positives (e.g., during legitimate file syncs) initially hampered reliability. We tackled this by implementing confidence thresholds, whitelisting rules, and efficient resource management strategies.
Technologies used