<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Tejas</title>
    <description>The latest articles on DEV Community by Tejas (@tejas_yaml).</description>
    <link>https://dev.to/tejas_yaml</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3990640%2Fd48128ba-a82e-47a4-9c56-95ad13a57e6b.jpg</url>
      <title>DEV Community: Tejas</title>
      <link>https://dev.to/tejas_yaml</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/tejas_yaml"/>
    <language>en</language>
    <item>
      <title>TraceTree: Mapping malware behavior to catch supply chain attacks</title>
      <dc:creator>Tejas</dc:creator>
      <pubDate>Sun, 05 Jul 2026 12:47:34 +0000</pubDate>
      <link>https://dev.to/tejas_yaml/tracetree-mapping-malware-behavior-to-catch-supply-chain-attacks-13p9</link>
      <guid>https://dev.to/tejas_yaml/tracetree-mapping-malware-behavior-to-catch-supply-chain-attacks-13p9</guid>
      <description>&lt;p&gt;We just released an important update: retraining our Random Forest model on real malware behavior from the CIC-MalMem-2022 dataset. The challenge was mapping 58,000 complex memory dump traces into a clean 10-feature vector space that our syscall graph extractor produces.&lt;/p&gt;

&lt;h2&gt;
  
  
  How it works:
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Sandbox target in Docker (network dropped)&lt;/li&gt;
&lt;li&gt;Trace every syscall with strace -t -f&lt;/li&gt;
&lt;li&gt;Parse into a NetworkX directed graph&lt;/li&gt;
&lt;li&gt;Extract 10 features (process count, network connections, file operations, severity scores, etc.)&lt;/li&gt;
&lt;li&gt;Feed into RandomForest for classification&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;We also resolved module-level import cycles and pinned skops for safer model deserialization in production.&lt;/p&gt;

&lt;p&gt;Looking for collaborators who understand malware behavior, syscall parsing, or want to contribute detection rules. Open to issues and PRs.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://github.com/tejasprasad2008-afk/TraceTree" rel="noopener noreferrer"&gt;https://github.com/tejasprasad2008-afk/TraceTree&lt;/a&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>opensource</category>
      <category>security</category>
      <category>cybersecurity</category>
    </item>
  </channel>
</rss>
