def find_constfunc(self, datas): """ get the feature of the function code :param datas: List of bytes :return: entry and distinct num of datas """ t_l = Converter.convert_raw_to_count(datas) t_en = base_analyzer.get_entry([value for value in t_l.values()]) return t_en, len(t_l)
def findFunAbs(self, datas, startLo): if len(datas) == 0: return -1 itomLen = len(datas[0]) TC = 255 * itomLen TE = base_analyzer.get_entry([1.0 / num for num in range(TC)]) dataE, dataC = self.find_constfunc(datas) fValue = (1 - dataC / TC) * (1 - dataE / TE) * (1 - startLo / self.MaxLen) return fValue
def getFuncScore(self, Los=None, datas=None): if Los != None: datas = self.cverter.getDatasByLocs(self.messages, Los) datasDic = Converter.convert_raw_to_count(datas) sumValue = 0 for value in datasDic.values(): sumValue = sumValue + value datas = [data / sumValue for data in datasDic.values()] datasEntry = base_analyzer.get_entry(datas) return datasEntry, len(datasDic)
def inferFunc(self, datas): datasDic = Converter.convert_raw_to_count(datas) sumValue = 0 for value in datasDic.values(): sumValue = sumValue + value datas = [data / sumValue for data in datasDic.values()] datasEntry = base_analyzer.get_entry(datas) if len(datasDic) < self.FuncT: return 1 else: return 0
def inferFunc(self, datas): datasDic = Converter.convert_raw_to_count(datas) datasEntry = base_analyzer.get_entry( [value for value in datasDic.values()])