secml_malware.utils package
Subpackages
Submodules
secml_malware.utils.exceptions module
- exception secml_malware.utils.exceptions.FileNotExistsException(message)
Bases:
Exception
- exception secml_malware.utils.exceptions.FolderNotExistsException(message)
Bases:
Exception
- exception secml_malware.utils.exceptions.OptimizerNotSetException(message)
Bases:
Exception
secml_malware.utils.extend_pe module
- secml_malware.utils.extend_pe.apply_shift(file_name: str, new_file_name: Optional[str] = None, amount: int = 512) bytearray
Applies the content shifting manipulations to the sample pointed by the path
- Parameters
file_name (str) – the file path
new_file_name (str, optional, default None) – path where to save perturbed sample, if not None
amount (int, optional, default 512) – the amount to inject. Default is 512
- Returns
the perturbed code
- Return type
bytearray
- secml_malware.utils.extend_pe.apply_shift_to_raw_code(amount: int, code: bytearray, new_file_name: str) bytearray
Applies the content shifting manipulation to the sample as bytearray
- Parameters
amount (int) – the amount to inject
code (bytearray) – the code to perturb
new_file_name (str) – the path where to save the sample. Pass None to skip this.
- Returns
the perturbed code
- Return type
bytearray
- secml_malware.utils.extend_pe.create_int_list_from_x_adv(x_adv: secml.array.c_array.CArray, embedding_value: int, is_shifting_values: bool) bytearray
Convert CArray sample to list of integers
- Parameters
x_adv (CArray) – the sample as a CArray
embedding_value (int) – the value used for padding the sample
is_shifting_values (bool) – True if the values are shifted by one
- Returns
the sample as list of int
- Return type
list
- secml_malware.utils.extend_pe.shift_pe_header(liefpe: lief.PE.Binary, raw_code: bytearray, amount: int) bytearray
Shifts the PE header, injecting a default pattern
- Parameters
liefpe (lief.PE.Binary) – the binary wrapper by lief
raw_code (bytearray) – the code of the executable to perturb
amount (int) – how much to inject
- Returns
the modified code
- Return type
bytearray
- secml_malware.utils.extend_pe.shift_pe_header_by(x: list, preferable_extension_amount: int) -> (<class 'list'>, <class 'list'>)
Applies the DOS header extension to a sample contained inside a list
- Parameters
x (list) – the sample as a list of integers
preferable_extension_amount (int) – how much extension
- Returns
returns the perturbed sample and which are the indexes that can be perturbed
- Return type
list, list
- secml_malware.utils.extend_pe.shift_pointer_to_section_content(liefpe: lief.PE.Binary, raw_code: bytearray, entry_index: int, amount: int, pe_shifted_by: int = 0) bytearray
Shifts the section content pointer.
- Parameters
liefpe (lief.PE.Binary) – the binary wrapper by lief
raw_code (bytearray) – the code of the executable to eprturb
entry_index (int) – the entry of the section to manipulate
amount (int) – the shift amount
pe_shifted_by (int, optional, default 0) – if the PE header was shifted, this value should be set to that amount
- Returns
the modified code
- Return type
bytearray
- secml_malware.utils.extend_pe.shift_section_by(x: list, preferable_extension_amount: int, pe_shifted_by: int = 0) -> (<class 'list'>, <class 'list'>)
Applies the content shifting to a sample contained inside a list
- Parameters
x (list) – the sample as a list of integers
preferable_extension_amount (int) – how much extension
pe_shifted_by (int, optional, default 0) – if the PE header was shifted, this value should be set to that amount
- Returns
returns the perturbed sample and which are the indexes that can be perturbed
- Return type
list, list
- secml_malware.utils.extend_pe.shift_section_by_using_lief(x: list, liefpe: lief.PE.Binary, preferable_extension_amount: int, pe_shifted_by: int = 0) -> (<class 'list'>, <class 'list'>)