-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathcheckapk.py
108 lines (90 loc) · 3.1 KB
/
checkapk.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#! /usr/bin/python2
from __future__ import print_function
import keras
from optparse import OptionParser
from sklearn.preprocessing import StandardScaler
from keras.models import Model, load_model
from keras.layers import Dense, Dropout
from IPython.terminal.embed import InteractiveShellEmbed
from traitlets.config import Config
import numpy as np
from androguard.core.androconf import *
from androguard.misc import *
from androguard.session import Session
#from model import model_antivirus as md
import pefile
import os
import array
import math
import pickle
from sklearn.externals import joblib
import sys
import argparse
#import androlyze
#from antivirus1 import model
model=load_model('malware.h5')
model.load_weights('malware.hdf5',by_name=True)
def get_entropy(data):
if len(data) == 0:
return 0.0
occurences = array.array('L', [0] * 256)
for x in data:
occurences[x if isinstance(x, int) else ord(x)] += 1
entropy = 0
for x in occurences:
if x:
p_x = float(x) / len(data)
entropy -= p_x * math.log(p_x, 2)
return entropy
def get_resources(pe):
"""Extract resources :
[entropy, size]"""
resources = []
if hasattr(pe, 'DIRECTORY_ENTRY_RESOURCE'):
try:
for resource_type in pe.DIRECTORY_ENTRY_RESOURCE.entries:
if hasattr(resource_type, 'directory'):
for resource_id in resource_type.directory.entries:
if hasattr(resource_id, 'directory'):
for resource_lang in resource_id.directory.entries:
data = pe.get_data(resource_lang.data.struct.OffsetToData,
resource_lang.data.struct.Size)
size = resource_lang.data.struct.Size
entropy = get_entropy(data)
resources.append([entropy, size])
except Exception as e:
return resources
return resources
def analyze():
a,d,dx=AnalyzeAPK("Swiggy.apk")
b=a.get_permissions()
return b
def predict(arr):
'''parser = argparse.ArgumentParser(description='Detect malicious files')
parser.add_argument('FILE', help='File to be tested')
args = parser.parse_args()'''
#loaded in the same order as the dataset
predict_array=np.array([arr])
#with 1 being the permission present
#0 being permission not present
prediction=model.predict(predict_array)
prediction=(prediction>0.5)
if prediction==True:
print('malicious')
else:
print('not malicious')
if __name__ == '__main__':
features=pickle.loads(open(os.path.join(os.path.dirname(os.path.realpath(__file__)),'classifier/features.pkl'),'rb').read())
print('features:',features)
b=analyze()
res={}
for f in range(len(features)):
res[features[f]]=0
for f in range(len(b)):
res[b[f]]=1
p = [0]*len(features)
for f in range(len(features)):
p[f] = res[features[f]]
print(p)
predict(p)
print('Successfully done:-')