- Introduction
Traditional IT department in a large enterprise usually diagnoses and mitigates malware infections device-by-device, using endpoint protections like McAfee and Norton softwares. It took a lot of time and cost for the companies to identify individual machines under attack.
- Abstract
We aim to develop a predictive AI model using the malware dataset provided by Microsoft, so it can help the company predict which machines might be vulnerable to malware attacks and take preventive measures in advance, as well as detecting malware-infected machines on a large scale more efficiently. We will make a dashboard to present the results so the IT department can view the analysis results and take security measures immediately.
- Approach
Using the dataset provided by Microsoft, we will train a ML model to predict whether a Windows computer might be infected by malware. We will use realtime event logs and Windows Defender logs on each Windows machine as the input to the model. A dashboard will be built to display the prediction results and other aggregated information such as monthly report, time-series analysis, etc.
-
Persona
- IT department of enterprises, government departments, organizations, etc
-
Dataset links
https://www.kaggle.com/c/microsoft-malware-prediction/overview