def evaluate(action_function):
success = []
misclassified = []
for sha256 in sha256_holdout:
success_dict = defaultdict(list)
bytez = interface.fetch_file(sha256)
label = interface.get_label_local(bytez)
if label == 0.0:
misclassified.append(sha256)
continue # already misclassified, move along
for _ in range(MAXTURNS):
action = action_function(bytez)
print(action)
success_dict[sha256].append(action)
bytez = manipulate.modify_without_breaking(bytez, [action])
new_label = interface.get_label_local(bytez)
if new_label == 0.0:
success.append(success_dict)
break
return success, misclassified # evasion accuracy is len(success) / len(sha256_holdout)
def evaluate( action_function ):
success=[]
misclassified = []
for sha256 in sha256_holdout:
success_dict = defaultdict(list)
bytez = interface.fetch_file(sha256)
label = interface.get_label_local(bytez)
if label == 0.0:
misclassified.append(sha256)
continue # already misclassified, move along
for _ in range(MAXTURNS):
action = action_function( bytez )
print(action)
success_dict[sha256].append(action)
bytez = manipulate.modify_without_breaking( bytez, [action] )
new_label = interface.get_label_local( bytez )
if new_label == 0.0:
success.append(success_dict)
break
return success, misclassified # evasion accuracy is len(success) / len(sha256_holdout)
def evaluate( action_function, pefolder, pefile , show):
global min_score
print("min score : " + str(min_score))
with open(join(pefolder, pefile), "rb") as binfile:
bytez = binfile.read()
label = interface.get_label_local(bytez)
if label == 0.0:
with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1:
file1.write(bytez)
return
for j in range(160):
action = action_function( bytez )
print(action)
if(action == "overlay_append"):
bytez = overlay_append(bytez, show)
elif(action == "section_rename"):
bytez = section_rename(bytez, show)
elif(action == "add_signature"):
pass
#print("not adding signature")
elif(action == "edit_tls"):
bytez = edit_tls(bytez)
elif(action == "load_config_dir"):
bytez = load_config_dir(bytez)
elif(action == "section_add"):
bytez = section_add(bytez, show)
elif(action == "imports_append"):
bytez = imports_append(bytez, show)
elif(action == "remove_signature"):
bytez = remove_signature(bytez, show)
elif(action == "remove_debug"):
bytez = remove_debug(bytez, show)
#bytez = manipulate.modify_without_breaking( bytez, [action] )
new_label = interface.get_label_local( bytez )
if new_label == 0.0:
score = interface.get_score_local(bytez)
if(score < min_score):
min_score = score
with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1:
file1.write(bytez)
return
score = interface.get_score_local(bytez)
if(score < min_score):
min_score = score
with open("Mutated_malware/" + str(pefile) + "_RLA", 'wb') as file1:
file1.write(bytez)
# gym_malware interface hello world
import os
import sys
sys.path.append("..")
from gym_malware.envs.utils import interface
# 统计sample里样本组成情况
sha_list = interface.get_available_sha256()
malware = []
benign = []
for sha256 in sha_list:
bytez = interface.fetch_file(sha256)
label = interface.get_label_local(bytez)
if label == 0.0:
benign.append(sha256)
interface.delete_file(sha256)
else:
malware.append(sha256)
print('malware:{}, benign:{}'.format(malware.__len__(), benign.__len__()))