def mkActionList(subject,mkclass): token= { "registry_reads": registry_reads, "file_reads": file_reads, "loaded_libraries": loaded_libraries, #"process": process_action, #"overview": overview, "registry_deletions": registry_deletions, "file_writes": file_writes, #"process_interactions": process_interactions, #"raised_exceptions": raised_exceptions, "mutex_opens": mutex_opens, "dns_queries": dns_queries, "mutex_creates": mutex_create, "file_deletes": file_delete, "modified_libraries" : modified_libraries, "http_conversations" : http_conversations } b = Behavior() ba = BehavioralAction() bas = BehavioralActions() #ba.behavioral_ordering bas.action = ba b.description = subject['overview']['analysis_reason'] bls = [] als = [] for k,v in subject.items(): if token.has_key(k): actions = [] for n in v: act = token[k](n) # ActionListの作成 mkclass.bundle.actions.append(act) actions.append(act) mkclass.bundle.als.append(act) else: # Bundleにまとめる if len(actions) == 0: print "action Null:", k bas.action = actions b.action_composition = bas bls.append(b) else: print "This Key is not Checked:",k else: if als is None : print "ActionListNone:",subject['overview'] mkSubject.xmlwrite(ActionList(als),BehaviorList(bls))
def test_to_xml_no_encoding(self): b = Behavior() b.description = UNICODE_STR xml = b.to_xml(encoding=None) self.assertTrue(isinstance(xml, unicode)) self.assertTrue(UNICODE_STR in xml)
def test_to_xml_default_encoded(self): b = Behavior() b.description = UNICODE_STR xml = b.to_xml() self.assertTrue(UNICODE_STR in xml.decode('utf-8'))
def test_to_xml_utf16_encoded(self): encoding = 'utf-16' b = Behavior() b.description = UNICODE_STR xml = b.to_xml(encoding=encoding) self.assertTrue(UNICODE_STR in xml.decode(encoding))
def test_behavior(self): behavior = Behavior() behavior.description = UNICODE_STR behavior2 = round_trip(behavior) self.assertEqual(behavior.description, behavior2.description)
def test_to_xml_no_encoding(self): b = Behavior() b.description = UNICODE_STR xml = b.to_xml(encoding=None) self.assertTrue(isinstance(xml, text_type)) self.assertTrue(UNICODE_STR in xml)
def test_to_xml_default_encoded(self): b = Behavior() b.description = UNICODE_STR xml = b.to_xml() self.assertTrue(UNICODE_STR in xml.decode('utf-8'))
def test_to_xml_utf16_encoded(self): encoding = 'utf-16' b = Behavior() b.description = UNICODE_STR xml = b.to_xml(encoding=encoding) self.assertTrue(UNICODE_STR in xml.decode(encoding))
def test_behavior(self): behavior = Behavior() behavior.description = UNICODE_STR behavior2 = round_trip(behavior) self.assertEqual(behavior.description, behavior2.description)