In [1]:
import networkx as nx
from pathlib import Path

def dot_to_networkx(dot_file_path):
    """
    將.dot檔案轉換為NetworkX圖形對象
    
    參數:
    dot_file_path (str): .dot檔案的路徑
    
    返回:
    networkx.Graph: 轉換後的NetworkX圖形
    """
    try:
        # 檢查檔案是否存在
        if not Path(dot_file_path).is_file():
            raise FileNotFoundError(f"找不到檔案: {dot_file_path}")
            
        # 檢查檔案副檔名
        if not dot_file_path.lower().endswith('.dot'):
            raise ValueError("檔案必須是.dot格式")
            
        # 讀取.dot檔案並轉換為NetworkX圖形
        graph = nx.drawing.nx_pydot.read_dot(dot_file_path)
        
        # 若需要將圖形轉換為無向圖
        # graph = graph.to_undirected()
        
        return graph
        
    except Exception as e:
        print(f"轉換過程中發生錯誤: {str(e)}")
        return None



In [41]:
name = "03d927a00afb76d9e2dd4b27d57c673b66babcbe57681bc5a399efb66384e8e8"
dot_file = f"/home/manying/Data/malware/Malware202403/fcg_ghidra/X86_64/{name}/{name}.dot"
G = dot_to_networkx(dot_file)

if G is not None:
    # 顯示圖形的基本信息
    print(f"節點數量: {G.number_of_nodes()}")
    print(f"邊的數量: {G.number_of_edges()}")
    
    # 存儲為其他格式（可選）
    # nx.write_gexf(G, "output.gexf")
    # nx.write_graphml(G, "output.graphml")

節點數量: 268
邊的數量: 477


In [42]:
import json

json_file = f"/home/manying/Data/malware/Malware202403/fcg_ghidra/X86_64/{name}/{name}.json"
with open(json_file, 'r') as f:
    data = json.load(f)

print(data.keys())

for node in data.keys():
    instructions = data[node]['instructions']
    opcode = []
    for ins in instructions:
        opcode.append(ins['instruction'].split()[0])
    G.nodes[node]['x'] = opcode
    
    


dict_keys(['0x102df0L', '0x31a2c0L', '0x1026b0L', '0x31a0d8L', '0x106bb0L', '0x103440L', '0x1022d0L', '0x31a070L', '0x102730L', '0x102500L', '0x31a038L', '0x31a268L', '0x102120L', '0x108490L', '0x31a220L', '0x102350L', '0x102580L', '0x1050b0L', '0x1025a0L', '0x1073c0L', '0x105b40L', '0x106840L', '0x31a1e8L', '0x31a1a0L', '0x1021c0L', '0x1023f0L', '0x107670L', '0x107b70L', '0x104910L', '0x31a180L', '0x102620L', '0x1038b0L', '0x105510L', '0x31a148L', '0x102240L', '0x31a330L', '0x109bd0L', '0x31a100L', '0x102470L', '0x1030f0L', '0x31a0a0L', '0x1026a0L', '0x31a2d0L', '0x106730L', '0x1022c0L', '0x1024f0L', '0x108be0L', '0x104ed0L', '0x31a0e8L', '0x104810L', '0x31a230L', '0x102720L', '0x31a080L', '0x102190L', '0x102340L', '0x102570L', '0x31a000L', '0x31a278L', '0x31a1b0L', '0x31a308L', '0x1021b0L', '0x1023e0L', '0x31a1f8L', '0x31a340L', '0x31a190L', '0x102610L', '0x31a158L', '0x102230L', '0x31a110L', '0x102460L', '0x102690L', '0x1022b0L', '0x31a0f0L', '0x31a0b8L', '0x31a2a0L', '0x107b10L', '

In [43]:
print(f"節點數量: {G.number_of_nodes()}")
print(f"邊的數量: {G.number_of_edges()}")

print(len(data.keys()))

for node in G.nodes(data=True):
    print(node)
    break


節點數量: 268
邊的數量: 477
268
('0x1020f8L', {'label': '"_init"', 'x': ['SUB', 'MOV', 'TEST', 'JZ', 'CALL', 'ADD', 'RET']})


In [44]:
CSV_PATH = "/home/manying/Projects/fcgFewShot/dataset/raw_csv/malware_diec_ghidra_x86_64_fcg_dataset.csv"
ORIGINAL_PATH = "/home/manying/Documents/malwareReport/ghidra_fcg_temp_dup.csv"
import pandas as pd
replace_name = "036d8e54a44548d9da0a545cdbbf5931f3d92ae214d933c509d17459f73a6857"
df = pd.read_csv(CSV_PATH)
ori = pd.read_csv(ORIGINAL_PATH)
if replace_name:
    row = df[df['file_name'] == replace_name]
    loc = row.index[0]
    df.loc[loc] = ori[ori['file_name'] == name].values[0]
family = df[df['file_name'] == name]['family'].values[0]
print(family)


malsource


In [45]:
output = f"/home/manying/Projects/fcgFewShot/dataset/data_ghidra_fcg/Advanced Micro Devices X86-64/{family}/{name}.gpickle"
import pickle

with open(output, 'wb') as f:
    pickle.dump(G, f)

df.to_csv(CSV_PATH, index=False)

In [31]:
## example file
import pickle
file = "/home/manying/Projects/fcgFewShot/dataset/data_r2_5_9_4_fcg/Advanced Micro Devices X86-64/adore/9b2f229e504900957812985c538c9984ebb9e1d6194100d5b64751ec9d597115.gpickle"

with open(file, 'rb') as f:
    example = pickle.load(f)

for node in example.nodes():
    print(node)
    print(example.nodes[node])


entry0
{'x': ['endbr64', 'xor', 'mov', 'pop', 'mov', 'and', 'push', 'push', 'xor', 'xor', 'lea', 'call']}
reloc.__libc_start_main
{'x': []}
entry.fini0
{'x': ['endbr64', 'cmp', 'jne', 'push', 'cmp', 'mov', 'je', 'mov', 'call', 'call', 'mov', 'pop', 'ret', 'ret']}
fcn.00001150
{'x': ['endbr64', 'bnd']}
sym.deregister_tm_clones
{'x': ['lea', 'lea', 'cmp', 'je', 'mov', 'test', 'je', 'jmp', 'ret']}
sym.adore_makeroot
{'x': ['endbr64', 'push', 'mov', 'mov', 'mov', 'lea', 'mov', 'call', 'mov', 'call', 'mov', 'call', 'call', 'pop', 'neg', 'sbb', 'ret']}
sym.imp.open
{'x': ['endbr64', 'bnd']}
sym.imp.close
{'x': ['endbr64', 'bnd']}
sym.imp.unlink
{'x': ['endbr64', 'bnd']}
sym.imp.geteuid
{'x': ['endbr64', 'bnd']}
sym.adore_init
{'x': ['endbr64', 'push', 'mov', 'mov', 'push', 'lea', 'sub', 'mov', 'mov', 'xor', 'call', 'mov', 'mov', 'mov', 'mov', 'mov', 'call', 'mov', 'call', 'mov', 'call', 'lea', 'lea', 'lea', 'call', 'mov', 'mov', 'mov', 'mov', 'lea', 'mov', 'call', 'call', 'cmp', 'je', 'mov',

In [46]:
import os

os.cpu_count()

32

In [52]:
import psutil

# 獲取 CPU 使用率
def get_idle_cpu():
    # 獲取每個 CPU 核心的使用率
    cpu_percent_per_cpu = psutil.cpu_percent(interval=1, percpu=True)
    
    # 計算閒置的 CPU 數量（使用率低於某個閾值視為閒置）
    idle_threshold = 20  # 設定閒置閾值為 20%
    idle_cpus = sum(1 for cpu in cpu_percent_per_cpu if cpu < idle_threshold)
    
    return {
        'total_cpus': psutil.cpu_count(),
        'physical_cpus': psutil.cpu_count(logical=False),
        'idle_cpus': idle_cpus,
        'cpu_percent_per_core': cpu_percent_per_cpu
    }

# 使用範例
info = get_idle_cpu()
print(f"總 CPU 核心數: {info['total_cpus']}")
print(f"物理 CPU 核心數: {info['physical_cpus']}")
print(f"閒置 CPU 數: {info['idle_cpus']}")
print("每個核心使用率:", info['cpu_percent_per_core'])

總 CPU 核心數: 32
物理 CPU 核心數: 16
閒置 CPU 數: 3
每個核心使用率: [14.9, 82.0, 71.7, 82.8, 43.6, 68.3, 83.0, 58.0, 60.0, 76.5, 47.0, 33.7, 78.0, 93.1, 74.0, 53.5, 80.2, 43.4, 76.2, 25.5, 92.1, 90.2, 11.2, 76.2, 39.4, 12.1, 48.0, 93.0, 89.1, 100.0, 38.0, 85.9]
