Relax strict requirement for LIEF 0.9.0 while still warning users about possible inconsistencies. Testing with LIEF 0.10.1 (latest release) shows the following:
On Linux and Windows, I found no difference in scores produced by classifier_binaries.py when extracting features at test time using LIEF 0.9.0 or 0.10.1. (The model was trained using 0.9.0. I tested benign binaries from C:\Windows\System32\*.exe.)
When comparing 0.9.0 to 0.10.1, improvements to PE parsing appear to include: authenticode parsing, PE debug directory, handling empty strings. Other commit message for PE appear to center around modifying PE files.
By upgrading to 0.10.1, Python 3.7+ now becomes available, as LIEF has built .whl packages for new LIEF for new Python releases across platforms. (The LIEF 0.9.0 release was restricted to older .egg files, with no versions for Python versions exceeding 3.6.)
Using this one fix, one can now install ember via
pip install git+https://github.com/endgameinc/ember.git@update_lief_dependency
(where the @update_lief_dependency branch tag may be removed when this PR is merged)
Relax strict requirement for LIEF 0.9.0 while still warning users about possible inconsistencies. Testing with LIEF 0.10.1 (latest release) shows the following:
On Linux and Windows, I found no difference in scores produced by
classifier_binaries.pywhen extracting features at test time using LIEF 0.9.0 or 0.10.1. (The model was trained using 0.9.0. I tested benign binaries fromC:\Windows\System32\*.exe.)When comparing 0.9.0 to 0.10.1, improvements to PE parsing appear to include: authenticode parsing, PE debug directory, handling empty strings. Other commit message for PE appear to center around modifying PE files.
By upgrading to 0.10.1, Python 3.7+ now becomes available, as LIEF has built
.whlpackages for new LIEF for new Python releases across platforms. (The LIEF 0.9.0 release was restricted to older.eggfiles, with no versions for Python versions exceeding 3.6.)Using this one fix, one can now install
emberviapip install git+https://github.com/endgameinc/ember.git@update_lief_dependency(where the@update_lief_dependencybranch tag may be removed when this PR is merged)