I just finished the packet tracer activity, 'configure IOS intrusion prevention system using CLI'. Now I'd like to create a custom signature that detects a certain piece of malware's behaviour like its port scanning pattern, using a signature engine, and test if it works.

Can I do this using Packet Tracer or do I need a more advanced network simulator like GNS3? Or is there any dedicated simulator to test custom signatures? I don't think I can afford real equipment.