def evaluate(action_function): success = [] misclassified = [] for sha256 in sha256_holdout: success_dict = defaultdict(list) bytez = interface.fetch_file(sha256) label = interface.get_label_local(bytez) if label == 0.0: misclassified.append(sha256) continue # already misclassified, move along for _ in range(MAXTURNS): action = action_function(bytez) print(action) success_dict[sha256].append(action) bytez = manipulate.modify_without_breaking(bytez, [action]) new_label = interface.get_label_local(bytez) if new_label == 0.0: success.append(success_dict) break return success, misclassified # evasion accuracy is len(success) / len(sha256_holdout)
def evaluate( action_function ): success=[] misclassified = [] for sha256 in sha256_holdout: success_dict = defaultdict(list) bytez = interface.fetch_file(sha256) label = interface.get_label_local(bytez) if label == 0.0: misclassified.append(sha256) continue # already misclassified, move along for _ in range(MAXTURNS): action = action_function( bytez ) print(action) success_dict[sha256].append(action) bytez = manipulate.modify_without_breaking( bytez, [action] ) new_label = interface.get_label_local( bytez ) if new_label == 0.0: success.append(success_dict) break return success, misclassified # evasion accuracy is len(success) / len(sha256_holdout)
def evaluate( action_function, pefolder, pefile , show): global min_score print("min score : " + str(min_score)) with open(join(pefolder, pefile), "rb") as binfile: bytez = binfile.read() label = interface.get_label_local(bytez) if label == 0.0: with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1: file1.write(bytez) return for j in range(160): action = action_function( bytez ) print(action) if(action == "overlay_append"): bytez = overlay_append(bytez, show) elif(action == "section_rename"): bytez = section_rename(bytez, show) elif(action == "add_signature"): pass #print("not adding signature") elif(action == "edit_tls"): bytez = edit_tls(bytez) elif(action == "load_config_dir"): bytez = load_config_dir(bytez) elif(action == "section_add"): bytez = section_add(bytez, show) elif(action == "imports_append"): bytez = imports_append(bytez, show) elif(action == "remove_signature"): bytez = remove_signature(bytez, show) elif(action == "remove_debug"): bytez = remove_debug(bytez, show) #bytez = manipulate.modify_without_breaking( bytez, [action] ) new_label = interface.get_label_local( bytez ) if new_label == 0.0: score = interface.get_score_local(bytez) if(score < min_score): min_score = score with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1: file1.write(bytez) return score = interface.get_score_local(bytez) if(score < min_score): min_score = score with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1: file1.write(bytez)
# gym_malware interface hello world import os import sys sys.path.append("..") from gym_malware.envs.utils import interface # 统计sample里样本组成情况 sha_list = interface.get_available_sha256() malware = [] benign = [] for sha256 in sha_list: bytez = interface.fetch_file(sha256) label = interface.get_label_local(bytez) if label == 0.0: benign.append(sha256) interface.delete_file(sha256) else: malware.append(sha256) print('malware:{}, benign:{}'.format(malware.__len__(), benign.__len__()))