PHỤ LỤC MÃ NGUỒN CƠ BẢN SỬ DỤNG TRONG LUẬN ÁN Thuật toán CFD from collections import defaultdict from copy import copy, deepcopy import time import sys import nltk from collections import Counter import angr sys.setrecursionlimit(100000) class TrongSo: def init (self, n): self.n = n self.tsD = [0.0] * n self.tsC = [[0.0] * n for _ in range(n)] self.tsDN = [0.0] * n def capNhapNguoc(self, u, v): self.tsD[u] = self.tsD[u] + self.tsD[v] self.tsC[v][u] = self.tsD[v] return True def capNhapXuoi(self, u, v, temp): self.tsDN[v] = self.tsDN[v] + self.tsC[v][u] * temp self.tsC[u][v] = self.tsC[v][u] * temp 143 return True class Graph: def init (self, vertices): # No of vertices self.starttime = self.nguong = 40 self.trongSoDeQuy = None self.opcodeNumber = 100 # so opcode thi self.trongso = None # mang so dem duong bang qhd self.goc = # dinh goc thi self.gocChuTrinh = # goc chu trinh self.truoc = [] # dinh lien truoc cua dinh qua trinh danh dau self.V = vertices self.paths = [] self.isleaf = None self.coLienThong = [False] * self.V self.graph = defaultdict(list) # thi chinh self.rgraph = defaultdict(list) # thi dao self.cgraph = defaultdict(list) # thi danh dau bo quy trinh self.lgraph = defaultdict(list) # thi danh dau cac duong lien thong co ban # function to add an edge to graph def addEdge(self, u, v): if (u == v): return if v in self.graph[u]: return 144 self.graph[u].append(v) self.rgraph[v].append(u) def delEdge(self, u,v): self.graph[u].remove(v) self.rgraph[v].remove(u) def Dfs(self, u): for v in self.graph[u][:]: if self.truoc[v] == -1: self.truoc[v] = u t = self.Dfs(v) if (t != -1 ): return t elif (v == self.gocChuTrinh): return u return -1 # xac dinh xem tu dinh i co bat dau chu trinh nao khong def boChuTrinh(self): chuaxet = [[0] * self.V for _ in range(self.V)] allVertexBefore = [list()] * self.V for i in range(self.V): allVertexBefore[i] = {i} que = [] que.append(self.goc) while (que. len () > 0): u = que.pop() canhxoa = [] for v in self.graph[u]: 145 if (chuaxet[u][v] == 0): if (not (v in allVertexBefore[u])): que.append(v) chuaxet[u][v] = allVertexBefore[v] = allVertexBefore[v] | allVertexBefore[u] else: canhxoa.append(v) for v in canhxoa: self.delEdge(u,v) #Đi ngược để gắn trọng số cho đồ thị def diNguoc(self): temGraph = deepcopy(self.graph) temrGraph = deepcopy(self.rgraph) ts = TrongSo(self.V) #Gan so cho cac dinh la stack = [] for i in range(0,self.V): if (len(self.graph[i]) == 0) and (self.coLienThong[i]): stack.append(i) ts.tsD[i] = #go backward while (len(stack) > 0): v = stack.pop() for u in self.rgraph[v][:]: #cap nhat nhan tu u cho v ts.capNhapNguoc(u,v) self.delEdge(u,v) if len(self.graph[u]) == 0: 146 stack.append(u) self.rgraph = deepcopy(temrGraph) self.graph = deepcopy(temGraph) # go forward stack.append(self.goc) ts.tsDN[self.goc] = ts.tsD[self.goc] while (len(stack) > 0): u = stack.pop() temp = 0.0 temp = ts.tsDN[u] / ts.tsD[u] for v in self.graph[u][:]: #cap nhat nhan tu u cho v ts.capNhapXuoi(u,v,temp) self.delEdge(u,v) if (len(self.rgraph[v]) == 0) and (len(self.graph[v]) >0): stack.append(v) self.rgraph = deepcopy(temrGraph) self.graph = deepcopy(temGraph) return ts # NP: Loang từ đỉnh u để đánh dấu đỉnh đến từ u def loangTu(self, u): # Mark the current node as visited and store in path self.coLienThong[u] = True for v in self.graph[u]: if self.coLienThong[v] == False: # danh dau canh u,v la quan vi chua co canh nao den self.lgraph[u].append(v) # loang tiep tu v self.loangTu(v) 147 #Đệ quy tìm tất đường từ đỉnh u đến lá, kết lưu self.paths def tryAllPathToLeafs(self, u, visited, path): visited[u] = True path.append(u) if self.isleaf[u]: self.paths.append(path[:]) else: for i in self.graph[u]: if visited[i] == False: self.tryAllPathToLeafs(i, visited, path) path.pop() visited[u] = False # Đếm tất đường từ gốc đến theo cách duyệt def calAllPathToLeafs(self): self.checkLeaf() self.trongSoDeQuy = TrongSo(self.V) self.starttime = time.time() # Mark all the vertices as not visited visited = [False] * (self.V) path = [] # Call the recursive helper function to print all paths self.tryPathToLeafs(self.goc, visited, path) return self.trongSoDeQuy.tsD # Đề quy để tìm đường đến lá, kết trả lại biến self.paths def tryPathToLeafs(self, u, visited, path): 148 # Mark the current node as visited and store in path visited[u] = True path.append(u) # If current vertex is same as destination, then print # current path[] if self.isleaf[u]: # cap nhat so for i in path: self.trongSoDeQuy.tsD[i] = self.trongSoDeQuy.tsD[i] + else: if (time.time() - self.starttime < self.nguong): # If current vertex is not destination # Recur for all the vertices adjacent to this vertex for i in self.graph[u]: if visited[i] == False: self.tryPathToLeafs(i, visited, path) # Remove current vertex from path[] and mark it as unvisited path.pop() visited[u] = False # Duyệt theo cách Ding để tìm tất đường, lưu dường tổng vào biến paths def getAllPathToLeafs(self): self.checkLeaf() self.paths = [] #self.isleaf = isleaf # Mark all the vertices as not visited visited = [False] * (self.V) # Create an array to store paths 149 path = [] # Call the recursive helper function to print all paths self.tryAllPathToLeafs(self.goc, visited, path) return self.paths # Kiểm tra thành phần liên thông def checkLeaf(self): self.isleaf = [False] * self.V self.tinhLienThong(self.goc) for v in range(0,self.V): if ((self.coLienThong[v]) and (len(self.graph[v]) == 0)): self.isleaf[v] = True # Đếm số đường theo phương pháp CFD # Số lần xuất đỉnh u đường tổng sefl.trongso.tsDN[u] # Số lần xuất cạnh (u,v) đường tổng sefl.trongso.tsC[u][v] def demDuongDiMoi(self): self.boChuTrinh() self.tinhLienThong(self.goc) trongSo = self.diNguoc() self.trongso = trongSo return self.trongso.tsDN # Tính n-gram opcode baisc block def n_gram_in_block(opcode_basicBlock, n): ''' :param opcode_basicBlock: mang opcode basic block :param n: ngram (2-3) 150 :return: mang n_gram cua basic block ''' gram_list = nltk.ngrams(opcode_basicBlock,n) fdist = nltk.FreqDist(gram_list) return fdist #Nh tất key fdist với trọng số def multiple_freq(fdist, ts): for key in fdist.keys(): fdist[key] = fdist[key] * ts return fdist #Tính phần giao block (2 đỉnh) lấy 3-gram def opcode_giao_nhau_2dinh_3gram(elf,idV1, idV2): ''' tính phần 3-gram giao basic block :param elf: tệp tin elf :param idV1: id đỉnh :param idV2: id đỉnh :return: đếm 3-gram giao ''' opcodeV1 = elf.disasemBlock(idV1) opcodeV2 = elf.disasemBlock(idV2) if len(opcodeV1) >=2 and len(opcodeV2) >= 2: giaogiao = [opcodeV1[-2], opcodeV1[-1], opcodeV2[0], opcodeV2[1]] return n_gram_in_block(giaogiao,3) elif len(opcodeV1) ==1 and len(opcodeV2) >= 2: return Counter([(opcodeV1[0], opcodeV2[0], opcodeV2[1])]) elif len(opcodeV1) >=2 and len(opcodeV2) == 1: 151 return Counter([(opcodeV1[-1], opcodeV1[-2], opcodeV2[0])]) else: return Counter() #Tính phần giao block (2 đỉnh) lấy 2-gram def opcode_giao_nhau_2dinh_2gram(elf,idV1, idV2): ''' lay phan 2-gram giao giua basic block :param elf: file mẫu elf :param idV1: id đỉnh :param idV2: id đỉnh :return: đếm 2-gram giao ''' opcodeV1 = elf.disasemBlock(idV1) opcodeV2 = elf.disasemBlock(idV2) if len(opcodeV1) != and len(opcodeV2) != 0: return Counter([(opcodeV1[-1], opcodeV2[0])]) else: return Counter() 152 Thuật toán CFDVex from lib.analysis.graph import Graph from lib.analysis.elf_analysis import Elf import nltk from collections import Counter class NGram(): def init (self, elfFile, cfgFile): self.elfFile = elfFile self.cfgFile = cfgFile self.vex2gramStatements = None self.graphInfo = None @staticmethod def nGram_in_block(basicBlock, nGram): ''' Tính n-gram basic block :param basicBlock: mã Vex basic block lưu mảng basicBlock :param nGram: :return: ngram cua basic block ''' gram_list = nltk.ngrams(basicBlock, nGram) fdist = nltk.FreqDist(gram_list) return fdist @staticmethod def multiple_freq(fdist, ts): # nhan tat ca cac key fdist voi so for key in fdist.keys(): 153 fdist[key] = fdist[key] * ts return fdist # Lấy phần giao block # cho 2-gram def vexStatement_2gram_giao_nhau(elf, idV1, idV2): ''' :param elf: object elf :param idV1: id đỉnh :param idV2: id đỉnh :return: counter 2-gram giao ''' opcodeV1 = elf.vexStatements(idV1) opcodeV2 = elf.vexStatements(idV2) if len(opcodeV1) != and len(opcodeV2) != 0: return Counter([(opcodeV1[-1], opcodeV2[0])]) else: return Counter() def vexStatements_2gram(self): ''' TODO tinh 2gram VEX IR statements: :param binPath: duong dan elf :param cfgPath: duong dan cfg :return: counter chua 2-gram opcode cua file elf ''' elf = Elf(self.elfFile) elf.loadCFG(self.cfgFile) elf.makeGraph() 154 elf.normalizeGraph() elf.listNodes() nodes = list(elf.graph.nodes) # lay ma tran so numVertices = len(list(elf.normalGraph.nodes)) entry_node = elf.cfg.get_any_node(elf.entry) entryNodeNormal = nodes.index(entry_node) # tao graph graph = Graph(numVertices) for edge in elf.normalGraph.edges(): if edge[0] != edge[1]: graph.addEdge(edge[0], edge[1]) # xac dinh la graph.goc = entryNodeNormal graph.boChuTrinh() numPaths = graph.demDuongDiMoi() self.graphInfo = [numVertices, numPaths[0]] # tinh freqdist cua 2-gram opcode opcode_2gram_freqdist = Counter() # counter chua 2-gram cua file elf for u in range(graph.V): try: block_freqdist = self. nGram_in_block(elf.vexStatements(u), 2) # 2-gram ts = graph.trongso.ts[u] if ts != 0: block_freqdist = self. multiple_freq(block_freqdist, ts) # nhan freq cua 2-gram voi so 155 opcode_2gram_freqdist.update(block_freqdist) # cap nhat 2-gram list_file = [] #cua block vao 2gram cua elf file for v in graph.graph[u]: ts = graph.trongso.ts[v] if ts != 0: giaonhau = self. vexStatement_2gram_giao_nhau(elf, u, v) giaonhau = self. multiple_freq(giaonhau, ts) # nhan freq cua phan giao voi so opcode_2gram_freqdist.update(giaonhau) except: pass self.vex2gramStatements = opcode_2gram_freqdist.items() return self.vex2gramStatements 156