Malware Vector Visualizer

An interactive tool to analyze malware embeddings from a FastAPI backend.

What This App Does

This application is an interactive visualizer for malware analysis. It helps security analysts identify clusters, discover new malware families, and spot anomalies by visualizing high-dimensional data in 2D or 3D.

Steps it takes

Frontend (You are here)

A user selects options like the dimensionality reduction (DR) method (PaCMAP, UMAP, etc.) and clicks 'Fetch Data'.

API Proxy (Next.js)

The browser sends a request to a Next.js API route (/api/fastapi-data), which acts as a secure intermediary.

Backend (FastAPI)

The Next.js API route forwards the request to the main FastAPI backend service, passing along the user's chosen DR parameters.

Data Processing

The FastAPI backend queries a vector database (e.g., Weaviate) and applies the chosen DR algorithm if requested.

Response

The processed, lower-dimensional data is sent back through the Next.js API route to the frontend.

Visualization

The frontend uses a library to render the data as an interactive scatter plot.

  1. Configure Visualization Controls
    • Choose a data Collection.
    • Set the Dimension Reduction option and target Dimension (2D/3D).
  2. Interact with the Plot
    • Inspect details: Click any data point to see its information.
    • Color the data: Use the "Color By" dropdown to change groupings.
    • Filter via legend: Click categories in the legend to isolate or multi-select them. The legend corresponds to the current coloring mode:
      • Component: Standard heatmap based on vector distance.
      • Family: Groups by known malware family. Isolate: Source that reported selected family.
      • Cluster: Groups by clusters calculated via HDBSCAN. Isolate: Family that belongs to selected cluster.
      • Reporter: Groups by the source that reported the sample.
  3. Adjust the Layout
    • Swap control panels using the button.
    • Expand the plot to full-width using its dedicated button.

Fetch Options

Data Collection

Selected Point Details

Click on a point to see details.

Data Visualization

Color by:

No data to visualize.

FastAPI Response Details

Fetch data to see response details here.