real sample generation

[Vipagweca]

I am generating real samples using sec_malware library, working on white-box padding attack but the generated adversarial samples are same in size with the original one.


please suggest if any changes are required in code

[zangobot]

Hello!

Are you using the tutorial that I have developed, or custom code?
Please, next time, directly paste the code and not screenshots of the problem (otherwise, it is very hard for me to try it and replicate the bug).

[Vipagweca]

Yes, I am using the tutorial that I have developed. no execution error is there only real sample's size not increasing. following is the code

import os
import magic
import secml_malware
from secml.array import CArray

from secml_malware.attack.whitebox import CKreukEvasion
from secml_malware.models.malconv import MalConv
from secml_malware.models.c_classifier_end2end_malware import CClassifierEnd2EndMalware, End2EndModel

net = MalConv()
net = CClassifierEnd2EndMalware(net)
net.load_pretrained_model()
from secml_malware.attack.whitebox.c_padding_evasion import CPaddingEvasion

partial_dos = CPaddingEvasion(net, how_many=256,iterations=50,is_debug= False,random_init= False,threshold=0.50,penalty_regularizer= 0)

folder = "secml_malware/data/malware_samples/test_folder"
X = []
y = []
file_names = []
for i, f in enumerate(os.listdir(folder)):
path = os.path.join(folder, f)
if 'petya' not in path:
continue
if "PE32" not in magic.from_file(path):
continue
with open(path, "rb") as file_handle:
code = file_handle.read()
x = End2EndModel.bytes_to_numpy(code, net.get_input_max_length(), 256, False)
_,confidence = net.predict(CArray(x), True)
if confidence[0, 1].item() < 0.5:
continue
print(f"> Added {f} with confidence {confidence[0,1].item()}")
X.append(x)
#print(X)
conf = confidence[1][0].item()
y.append([1 - conf, conf])
file_names.append(path)

for sample, label in zip(X, y):
y_pred, adv_score, adv_ds, f_obj = partial_dos.run(CArray(sample), CArray(label[1]))
print(partial_dos.confidences_)
print(f_obj)

folder1 = "secml_malware/data/malware_samples/test_folder/padding"
for i, f in enumerate(file_names):
head_tail = os.path.split(f)
path1 = os.path.join(folder1, head_tail[1])
adv_x = adv_ds.X[0,:]
real_adv_x = partial_dos.create_real_sample_from_adv(file_names[i], adv_x,path1)

print(file_names[0])

print(len(real_adv_x))

real_x = End2EndModel.bytes_to_numpy(real_adv_x, net.get_input_max_length(), 256, False)
_, confidence = net.predict(CArray(real_x), True)
print(confidence[0,1].item())

[zangobot]

Ok thank you, I'll investigate.

[zangobot]

Well, if you call the End2EndModel.bytes_to_numpy function, it will generate a padded vector of the maximum input dimension of the netwrok.
No surprise that it is as the same length as before.
I am updating the notebook, so you can have a look at the before / after filesize.

[Vipagweca]

Thank you