Planck-99 by Division-36
Planck-99 is a behavioral malware classifier for embedded Linux, developed by Division-36. It uses syscall-based deterministic inference to classify malware on resource-constrained devices. The binary is 37KB. Median inference time is 34 nanoseconds. Accuracy is 96.28% on the ADFA-LD dataset. There are zero external dependencies — no GPU, no network access, no OS runtime required.
Planck-99 is implemented in C using Int8-quantized integer math. The table below compares its performance and resource usage against the same classification logic implemented in Python with NumPy.
| Metric | Planck-99 (C) | Python (NumPy) | Difference |
|---|---|---|---|
| Median Latency | 34 ns | 388 ms | ~11.4 million × faster |
| P95 Latency | 39 ns | 1.34 s | ~34 million × faster |
| P99 Latency | 41 ns | 2.51 s | ~61 million × faster |
| Throughput | 29.4 M/s | 2 / s | ~14.7 million × higher |
| Peak RAM | 1.4 MB | 1,001.7 MB | 715 × less |
| CPU Usage | 0.0% | 43% | — |
| Binary Size | 37 KB | 50+ MB | ~1,350 × smaller |
| External Dependencies | None | NumPy + CPython runtime | — |
Planck-99 is a syscall-based malware classifier designed for devices with 256KB to 4MB of RAM. Its binary is 37KB, requires no external dependencies, and produces deterministic results — the same input always produces the same output. It runs entirely on-device with no GPU or network access required.
Length-invariant representation. The 32-dimensional frequency vector uses ratios, not raw counts. The classifier was trained on approximately 863 syscall traces and performs consistently on traces up to 117,088 syscalls — a 51× generalization ceiling inherent to the representation, not to empirical tuning.
Deterministic inference. The Int8-quantized dot product contains no randomness. Every classification produces a JSON proof file containing the input vector, weight hash, and computed score — verifiable and reproducible.
Explicit failure modeling. Traces under 500 syscalls are gated because the signal is statistically unreliable. On the full ADFA-LD dataset with its 5.3:1 malware-to-benign distribution, the false positive rate is 12.18%. On a balanced subset, it is 1.45%. Above 13,172 syscalls, the error rate drops to 0.0%.
Results verified on 1,505 samples from the ADFA-LD dataset (2016–2026): 1,267 malware, 238 benign. All numbers are reproducible from the public benchmark repository.
| Metric | C Interface | Python |
|---|---|---|
| Accuracy | 96.28% | 96.48% |
| Precision | 97.71% | 97.72% |
| Recall | 97.87% | 98.11% |
| F1 Score | 97.79% | 97.91% |
| FPR (1:5.3 ratio) | 12.18% | 12.18% |
| FPR (balanced) | 1.45% | — |
| Metric | C Interface | Python |
|---|---|---|
| Mean | 34 ns | 537.65 ms |
| P50 | 34 ns | 388.08 ms |
| P95 | 39 ns | 1.34 s |
| P99 | 41 ns | 2.51 s |
| Throughput | 29.41M/s | 2/s |
| Speedup | 15,813,342× | 1× |
Planck-99 uses 1.4 MB peak RAM vs 1,001.7 MB for the Python equivalent — a 715× reduction that makes deployment feasible on devices with 256 KB to 4 MB of memory.
Planck-99 C Interface
1.4 MB peak RAM
Python Equivalent
1,001.7 MB peak RAM
Planck-99 Advantage
715× less RAM
500-syscall gating eliminates the highest-error bin in Planck-99. Above 13,172 syscalls: 0.0% error rate.
| Range | Total | Errors | Rate |
|---|---|---|---|
| 40 – 969 | 150 | 26 | 17.3% |
| 969 – 4,541 | 152 | 15 | 9.9% |
| 4,541 – 10,783 | 151 | 12 | 7.9% |
| 10,783 – 13,172 | 155 | 3 | 1.9% |
| 13,172+ | 897 | 0 | 0.0% |
All benchmark results are reproducible from the public Division-36 GitHub repository.
View on GitHubPlanck-99 processes raw Linux syscall data through five deterministic stages to produce an auditable classification verdict.
Planck-99 intercepts the embedded Linux kernel's syscall interface across 32 categories — read, write, mmap, execve, socket, and 27 more. No user-space instrumentation needed.
Raw syscall counts become a 32-dimensional normalized frequency vector. Length-invariant by construction — the same signal is produced from 1,000 or 100,000 syscalls.
Traces under 500 syscalls are blocked. Below this threshold, statistical signals are unreliable. Reduces FPR from 17.3% to 0.0% on traces above 13,172 syscalls.
Pure integer math, zero floating point. Closed-form dot product against a precomputed weight matrix. Deterministic: same input, same verdict, every time.
Binary classification plus JSON proof file — input vector, weight hash, computed score. Complete, reproducible audit trail for EU CRA Article 13 compliance.
Planck-99's mathematical determinism ensures each classification is reproducible and auditable — a requirement under EU CRA, FDA, and other regulatory frameworks.
Effective August 2027. Every connected device in Europe must demonstrate on-device traceable security. Planck-99's JSON proof file addresses Article 13 directly — each classification produces a reproducible audit trail satisfying regulatory scrutiny.
Embedded devices in critical infrastructure — including network equipment, industrial controllers, and telecommunications hardware — operate with limited memory and no behavioral protection. Planck-99's 37KB binary fits these environments.
Every Planck-99 classification produces a JSON proof file containing the input vector, weight hash, and computed score — providing a verifiable audit trail for regulatory review.
Four tools spanning behavioral malware detection, vulnerability analysis, web application filtering, and offensive security research.
Behavioral Malware Classifier
Deterministic, syscall-based malware classification for embedded Linux. Zero dependencies. 1.4 MB peak RAM. EU CRA compliant. 500-syscall gating. JSON proof output.
AST Vulnerability Detection — Division-36
AST-based vulnerability detection for Python from Division-36. 8 CWE classes — SQLi, XSS, IDOR, SSRF, Path Traversal, Open Redirect, Broken Auth, RCE.
Logic-First WAF — Division-36
Logic-first WAF from Division-36. Reaches logic saturation at 200 samples. Tested on 313,604 real-world requests with 12 evasion transforms.
Offensive Security Research
Offensive security research tooling from Division-36. Same proprietary math principles as AxiomWAF, applied to penetration testing.
Planck-99 is designed for devices running embedded Linux with 256 KB to 4 MB of available memory — environments where traditional security software cannot operate.
PLCs, RTUs, and industrial gateways with 1–4 MB of memory currently have no behavioral malware protection. Planck-99 fills this gap.
Infusion pumps, patient monitors, and diagnostic equipment. FDA and EU MDR increasingly require on-device behavioral security.
Routers, switches, and base stations with 256 KB to 4 MB of firmware memory — a significant attack surface with no behavioral protection.
In-vehicle infotainment, telematics units, and ECUs. Strict memory and latency budgets make Planck-99's 37KB binary a viable option.
CubeSats, ground radios, and avionics where every byte and nanosecond is budgeted. Planck-99 fits within these constraints.
Building controllers, HVAC gateways, and access control systems with long deployment cycles that make firmware security essential.
Division-36 is the company behind Planck-99, founded in 2026 by Ziad Salah. Division-36 develops behavioral malware detection for embedded Linux.
Planck-99 is a syscall-based behavioral malware classifier for embedded Linux. It uses a 37KB binary, achieves 34ns median inference at 96.28% accuracy, and has no external dependencies.
Planck-99 achieves 34ns median latency (P50), 39ns at P95, and 41ns at P99. Throughput is 29.4 million inferences per second. Uses Int8 integer math with no floating point.
No. Planck-99 has no external dependencies — no GPU, no network access, and no OS beyond a C controller. It runs entirely on-device using integer math.
Yes. Each Planck-99 classification produces a JSON proof file containing the input vector, weight hash, and computed score. This satisfies EU CRA Article 13 traceability requirements.
Industrial IoT, medical devices, network infrastructure, automotive, satellite/aerospace, and smart building management — all running embedded Linux with 256KB to 4MB of memory.
Planck-99, Syrth, and AxiomWAF are proprietary technologies from Division-36. Source code is confidential. All benchmark results are independently reproducible from public repos.
Division-36 accepts commercial licensing inquiries, research partnerships, and technical discussions from qualified organizations.
Contact on LinkedIn