public FileReportPrediction Predict(IFileReport fr) { var predictor = _mlContext.Model.CreatePredictionEngine <FileReportML, FileReportPrediction>(_model); var predictModel = fr.ConvertML(); var prediction = predictor.Predict(predictModel); return(prediction); }
public static FileReportML Convert(IFileReport file) { return(new FileReportML() { IsMalware = file.Class == "malware", MimeType = file.MimeType, Entropy = (float)file.Entropy, IsDotNet = file.IsDotNet, IsDriver = file.IsDriver, IsExe = file.IsExe, IsDll = file.IsDll, IsSigned = file.IsSigned, Behavior = file.Behavior != null ? (file.Behavior as List <string>).ToArray() : new string[] { }, VirusTotal = file.PositiveTests, ContainsEmail = file.Mails != null && (file.Mails as List <string>).ToArray().Length > 0, ContainsFiles = file.Files != null && (file.Files as List <string>).ToArray().Length > 0, ContainsIP = file.IPAddrs != null && (file.Files as List <string>).ToArray().Length > 0, Sections = file.Sections != null?file.Sections.Count() : 0, Imports = file.Imports != null?file.Imports.Keys.Select(x => x).ToArray() : null, KnownMethods = file.KnownMethods != null?file.KnownMethods.Values.SelectMany(x => x).ToArray() : null }); }
/// <summary> /// Return JSON format of File report object /// </summary> public static string ToJson(this IFileReport obj) => JsonSerializer.Serialize(obj);
/// <summary> /// Converts FileReport to ML.NET format /// </summary> public static FileReportML ConvertML(this IFileReport report) { return(FileReportML.Convert(report)); }
public FileReportPrediction Predict(string fileName) { //Analyse current file fr = new FileReport(fileName); return(Predict(fr)); }