def main(test_file):
kassnn_f = Path("kass_nn")
train_filename = kassnn_f / "level_2/train_logs/min_meth/train_min_meth.log"
test_filename = kassnn_f / str("level_2/test_logs/min_meth/" + test_file)
config_file = kassnn_f / "config/config.yml"
logpar = LogParser(train_filename)
characteristic = MinMeth(logpar, config_file)
# Loading training data
X_train = lp.load_parsed_data(train_filename, True, characteristic)
# Loading testing data
X_test = lp.load_parsed_data(test_filename, False, characteristic)
# Training model
clf = eif.train_model(X_train, characteristic, characteristic.n_threads)
# Predicting model
anomaly_scores = eif.predict_wo_train(X_test, clf,
characteristic.n_threads)
i = 0
for anom in anomaly_scores:
print(
"TEST {}\n\tFull anomaly value: {}\n\tDangerousness in range [0-5]: {}"
.format(i, anom, get_dangerousness_int(anom)))
i += 1
# Plotting model
fig = plt.open_plot()
plt.plot_model(fig, X_train, X_test, anomaly_scores, clf,
characteristic.mesh, [1, 1, 1], "Min vs Meth",
characteristic.n_threads)
plt.close_plot()
def main(test_file):
kassnn_f = Path("kass_nn")
train_filename = kassnn_f / "level_2/train_logs/main/train_main.log"
test_filename = kassnn_f / str("level_2/test_logs/main/" + test_file)
config_file = kassnn_f / "config/config.yml"
logpar = LogParser(train_filename)
trainpredict = TrainPredict(train_filename, config_file, logpar)
trainpredict.train_all()
trainpredict.predict_all(test_filename)
def main(test_file):
kassnn_f = Path("kass_nn")
train_filename = kassnn_f / "level_1/train_logs/main/train_main.log"
test_filename = kassnn_f / str("level_1/test_logs/main/" + test_file)
config_file = kassnn_f / "config/config.yml"
logpar = LogParser(train_filename)
X_test = logpar.get_string_variables(test_filename)
i = 0
for test in X_test:
print("TEST {}".format(i))
presence_list_single = dangerousness.is_in_training_single(
test, logpar)
presence_list_combined = dangerousness.is_in_training_combined(
test, logpar)
print("\tDangerousness in range [0-100]: {}".format(
dangerousness.get_danger_value(presence_list_single,
presence_list_combined,
config_file)))
i += 1
def main(test_file):
kassnn_f = Path("kass_nn")
train_filename = kassnn_f / "level_2/train_logs/foreach_ip_url/train_foreach_ip_url_spec.log"
test_filename = kassnn_f / str("level_2/test_logs/foreach_ip_url/" +
test_file)
config_file = kassnn_f / "config/config.yml"
logpar = LogParser(train_filename)
characteristic = IPMinURL(logpar, config_file)
# Loading training data
X_train = lp.load_parsed_data(train_filename, True, characteristic)
# Loading testing data
X_test = lp.load_parsed_data(test_filename, False, characteristic)
# Training model
if isinstance(X_train, dict):
for key in X_train:
characteristic.clfs_by_ip[key] = eif.train_model(
X_train[key], characteristic)
else:
clf = eif.train_model(X_train)
# Predicting model
i = 0
for log in X_test:
ip = characteristic.get_group_criteria(log)
if ip in X_train:
anomaly_scores = eif.predict_wo_train(
[log], characteristic.clfs_by_ip[ip], characteristic.n_threads)
print(
"TEST {}\n\tFull anomaly value: {}\n\tDangerousness in range [0-5]: {}"
.format(i, anomaly_scores[0],
get_dangerousness_int(anomaly_scores[0])))
# Plotting model
fig = plt.open_plot()
plt.plot_model(fig, X_train[ip], [log], anomaly_scores,
characteristic.clfs_by_ip[ip], characteristic.mesh,
[1, 1, 1], "Min vs URL by IP", characteristic.n_threads)
plt.close_plot()
i += 1
def preparing(train_filename):
print("*" * 40 + " PARSING TRAINING DATA " + "*" * 40)
logpar = LogParser(train_filename)
return logpar