class OperateSample(object):
"""
the class will save or get the benign or malware sample to mongo
"""
def __init__(self):
self.session = MongDBSession()
def save_sample(self, apk_dir):
"""
对apk中的源代码作分词,其中的词作为key,出现的次数作为value,存储到mongo中
:param apk_dir:
:return:
"""
try:
for dir in os.listdir(apk_dir):
# 每遍历到一个目录就为一个app,将其源代码作为一条记录插到mongo中
apk_dict = {}
dir = os.path.join(apk_dir, dir)
feature.scan_file(dir, apk_dict)
logger.info(len(apk_dict))
if len(apk_dict) > 500:
sample_train = {
"train-word": apk_dict,
"description": "this is the malware's source code word",
"create": datetime.now()
}
self.session.insert_one(BENIGN_SOURCE, sample_train)
except Exception:
traceback.print_exc()
class OperateSample(object):
"""
the class will save or get the benign or malware sample to mongo
"""
def __init__(self):
self.session = MongDBSession()
def save_sample(self, apk_dir):
"""
对apk中的源代码作分词,其中的词作为key,出现的次数作为value,存储到mongo中
:param apk_dir:
:return:
"""
try:
for dir in os.listdir(apk_dir):
# 每遍历到一个目录就为一个app,将其源代码作为一条记录插到mongo中
apk_dict = {}
dir = os.path.join(apk_dir, dir)
feature.scan_file(dir, apk_dict)
logger.info(len(apk_dict))
if len(apk_dict) > 500:
sample_train = {
"train-word": apk_dict,
"description":
"this is the malware's source code word",
"create": datetime.now()
}
self.session.insert_one(BENIGN_SOURCE, sample_train)
except Exception:
traceback.print_exc()
def getdata_mongo(db_name, file_path):
#backup mongodb of trainbayes
session = MongDBSession()
train_data = session.query_all(db_name)
f = file(file_path, "w")
for i in range(train_data.count()):
for key in train_data[i]:
f.write(key)
f.write("\n")
f.write(str(train_data[i][key]))
f.write("\n")
f.write("\n")
f.close()
class BasePermission(object):
def __init__(self):
self.session = MongDBSession()
def get_permission_from_apk(self, apk):
"""
:param apk: use androguard to deal apk
:return: permissions of the apk
"""
permission = []
requested_permissions = apk.get_requested_permissions()
for i in requested_permissions:
str_permission = i.split('.')
stand_permission = str_permission[-1]
permission.append(stand_permission)
return permission
def get_standard_permission_from_mongodb(self):
"""
:return: the stand permission list form google
"""
stand_permissions_dict = self.session.query_one(PERMISSIONS_COLLECTION)
stand_permissions = stand_permissions_dict['permissions']
return stand_permissions
def create_permission_vector(self, stand_permissions, input_permissions):
"""
:param stand_permissions: the stand permission of google
:param input_permissions: the permission that you want to convert vector
:return: the vector of permission
"""
return_permission = zeros(len(stand_permissions))
return_permission = list(return_permission)
for permission in input_permissions:
if permission in stand_permissions:
return_permission[stand_permissions.index(permission)] = 1
# else:
# logger.debug("the permission: %s is not"
# " in my permission list" % permission)
return return_permission
def __init__(self):
self.session = MongDBSession()
def __init__(self):
self.session = MongDBSession()
__author__ = 'wtq'
import numpy
import time
from sklearn import metrics
from detector.logger import AdDetectorLogger
from detector.config import TRAIN_PERMISSION
from permission.predict import AdBernoulliPredict
from permission.predict import AdSVMPredict
from permission.predict import AdRandomForestPredict
from detector.db.session import MongDBSession
from permission.base import BasePermission
from detector.ad.ad_detector_web.ad_detector import ad_detector
base_permission = BasePermission()
session = MongDBSession()
gauss_predict = AdBernoulliPredict()
svm_predict = AdSVMPredict()
random_predict = AdRandomForestPredict()
logger = AdDetectorLogger()
def test_complx_model():
"""
:return:
"""
start_time = time.time()
test_permission = session.query_sort(TRAIN_PERMISSION, 'create', limit=1)
permission_list = test_permission["train-permission"]
class OperateSample(object):
"""
the class will save or get the benign or malware sample to mongo
"""
def __init__(self):
self.session = MongDBSession()
def save_sample(self, apk_dir, app_class, table_name):
"""
对apk中的源代码作分词,其中的词作为key,出现的次数作为value,存储到mongo中
:param apk_dir:
:return:
"""
count = 0
try:
for dir in os.listdir(apk_dir):
count += 1
if count > 1000:
break
# 每遍历到一个目录就为一个app,将其源代码作为一条记录插到mongo中
apk_dict = {}
apk_name = dir
apk_class = str(apk_name).split(".")
if len(apk_class) == 1:
apk_class = app_class
else:
apk_class = apk_class[0]
print apk_class
dir = os.path.join(apk_dir, dir)
feature.scan_file(dir, apk_dict)
logger.info(len(apk_dict))
if len(apk_dict) > 100:
sample_train = {
"apk_name": apk_name,
"apk_class": apk_class,
"train_word": apk_dict,
"description": "this is the malware's source code word",
"create": datetime.now()
}
# self.session.insert_one(BENIGN_SOURCE, sample_train)
self.session.insert_one(table_name, sample_train)
except Exception:
traceback.print_exc()
def get_sample_api(self, apk_dir):
"""
遍历源代码获取目标api
:param apk_dir:
:return:
"""
with open(
"/home/wtq/develop/workspace/gitlab/android-app-security-detector/detector/malware/source_malware_feature.json",
'r') as f:
js = json.loads(f.read())
for dir in os.listdir(apk_dir):
# 每遍历到一个目录就为一个app,api与cishi
apk_dict = {}
print "apk name", dir
dir = os.path.join(apk_dir, dir)
feature.scan_file(dir, apk_dict)
for key in apk_dict.keys():
if key in js:
print key, apk_dict[key]