def classify(self, samples):
global min_score
# Run model
generation_input = [sample.features for sample in samples]
generation_labels = [sample.label for sample in samples]
with nostdout():
p_labs, p_acc, p_vals = liblinearutil.predict(
generation_labels, generation_input, model, '-b 1')
for i, val in enumerate(p_vals):
samples[i].score = val[1]
samples.sort(key=lambda sample: sample.score)
generation_best_score = samples[0].score
if generation_best_score < self.min_score:
self.min_score = generation_best_score
std_logger.info("Fitness: " + str(generation_best_score))
std_logger.debug("----------Sorted samples----------")
for sample in samples:
std_logger.debug(sample.stringify())
std_logger.debug("----------------------------------")
return samples
def reset_generation(self, seed):
self.generation = list()
with nostdout():
p_labs, p_acc, p_vals = liblinearutil.predict([seed.label], [seed.features], model, '-b 1')
seed.score = p_vals[0][1]
self.best_cumulative_extra = [seed] * sample_size
def classify(self, samples):
"""
Query Marvin classifier implemented with LIBLINEAR
:param samples: Samples to classify
:return: Confidence scores
"""
with nostdout():
labels = [sample.label for sample in samples]
features = [sample.features for sample in samples]
p_labs, p_acc, p_vals = liblinearutil.predict(
labels, features, self.model, '-b 1')
return [val[1] for val in p_vals]
def evasion_thread(id, malicious_samples, evasive_output):
std_logger, feature_logger = init_logger(id)
evasive_file = open(evasive_output, "w+")
for malicious_sample in malicious_samples:
malicious = load_record(malicious_sample)
malicious_orig = copy.deepcopy(malicious)
best_probs = [1.0, 0.0]
best_feat = -1
std_logger.debug("------------------------------")
# print("------------------------------")
std_logger.info(malicious_orig.stringify())
for i in range(15):
mutation_list = []
mutation_labels = []
for feat in benign_list:
malicious.features[feat] = 1
mutation_list.append(malicious.features)
mutation_labels.append(malicious.label)
malicious = copy.deepcopy(malicious_orig)
with nostdout():
p_labs, p_acc, p_vals = liblinearutil.predict(
mutation_labels, mutation_list, model, '-b 1')
best_feat_index, best_probs = min(enumerate(p_vals),
key=lambda vals: vals[1][0])
best_feat = benign_list[best_feat_index]
# print("Feat: " + str(best_feat) + ", prob: " + str(best_probs))
std_logger.info(str(best_feat) + ": " + str(best_probs))
feature_logger.info(str(best_feat))
malicious_orig.features[best_feat] = 1
malicious = copy.deepcopy(malicious_orig)
if best_probs[0] < 0.5:
std_logger.warning("Success | Final: " + str(best_probs[0]) +
" | Mutations: " + str(i + 1))
evasive_file.write(malicious.sparse_arff())
break
# print("Success - final prob: " + str(best_probs[0]))
if best_probs[0] > 0.5:
std_logger.warning("Failure | Final prob: " + str(best_probs[0]))
def mutate(model_file, malicious_file, evasive_output):
(std_logger, feature_logger) = init()
model = liblinearutil.load_model(model_file)
with open("seeds/training_1.benign", "r") as f:
benign = util.load_record(f.read())
print("------------------------------")
print("Total features: " + str(len(benign.features.keys())))
print("------------------------------")
benign_list = list(benign.features.keys())
with open(malicious_file, "r") as f:
malicious_samples = f.readlines()
evasive_file = open(evasive_output, "w+")
malicious_sample_size = len(malicious_samples)
for sample_num, malicious_sample in enumerate(malicious_samples):
malicious = util.load_seed(malicious_sample)
malicious_orig = copy.deepcopy(malicious)
best_probs = [1.0, 0.0]
best_feat = -1
std_logger.debug("------------------------------")
# print("------------------------------")
std_logger.info(malicious_orig.stringify())
for i in range(15):
mutation_list = []
mutation_labels = []
for feat in benign_list:
malicious.features[feat] = 1
mutation_list.append(malicious.features)
mutation_labels.append(malicious.label)
malicious = copy.deepcopy(malicious_orig)
with nostdout():
p_labs, p_acc, p_vals = liblinearutil.predict(mutation_labels, mutation_list, model, '-b 1')
best_feat_index, best_probs = min(enumerate(p_vals), key=lambda vals: vals[1][1])
best_feat = benign_list[best_feat_index]
# print("Feat: " + str(best_feat) + ", prob: " + str(best_probs))
std_logger.info(str(best_feat) + ": " + str(best_probs))
feature_logger.info(str(best_feat))
malicious_orig.features[best_feat] = 1
malicious = copy.deepcopy(malicious_orig)
if best_probs[1] < 0.5:
std_logger.warning("Success | Final: " + str(best_probs[0]) + " | Mutations: " + str(i+1))
evasive_file.write(malicious.sparse_arff())
break
# print("Success - final prob: " + str(best_probs[0]))
if best_probs[1] > 0.5:
std_logger.warning("Failure | Final prob: " + str(best_probs[0]))
if malicious_sample_size > 20 and sample_num % int(malicious_sample_size/20) == 0:
print("Progress: " + str(round(sample_num/malicious_sample_size*100)) + "%")
evasive_file.close()
print("------------------------------")
subprocess.run(["./util/postprocess.sh", "assisted_mutation"])
print("------------------------------")
malicious = load_record(malicious_sample)
malicious_orig = copy.deepcopy(malicious)
best_probs = [1.0, 0.0]
best_feat = -1
std_logger.debug("------------------------------")
print("------------------------------")
std_logger.info(malicious_orig.stringify())
for i in range(15):
for feat in benign_list:
malicious.features[feat] = 1
with nostdout():
p_labs, p_acc, p_vals = liblinearutil.predict([malicious.label], [malicious.features], model, '-b 1')
score = p_vals[0][0]
inv_score = p_vals[0][1]
if best_probs[0] > score:
best_probs = [score, inv_score]
best_feat = feat
malicious = copy.deepcopy(malicious_orig)
# print("Feat: " + str(best_feat) + ", prob: " + str(best_probs))
std_logger.info(str(best_feat) + ": " + str(best_probs))
feature_logger.info(str(best_feat))
malicious_orig.features[best_feat] = 1
malicious = copy.deepcopy(malicious_orig)
