Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/undo-ransomware/ransomware_detection.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Held <ilovemilk@wusa.io>2018-09-14 21:55:02 +0300
committerMatthias Held <ilovemilk@wusa.io>2018-09-14 21:55:02 +0300
commitd4c8484a92b4c372091c5204333501368aed8c90 (patch)
treeb09a4cd6e7b9542fb72c2ec57b2282841891b6b9
parent29a997e5b309ec320648c1f836238814ba4f4912 (diff)
Extend tests
Signed-off-by: Matthias Held <matthias.held@uni-konstanz.de>
Diffstat
-rw-r--r--tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php9
-rw-r--r--tests/Unit/Analyzer/SequenceAnalyzerTest.php24
2 files changed, 31 insertions, 2 deletions
diff --git a/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php b/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
index e2e0bc1..054d6a3 100644
--- a/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
+++ b/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
@@ -131,6 +131,13 @@ class FileTypeFunnellingAnalyzerTest extends TestCase
$fileOperation7->setFileExtensionClass(FileExtensionResult::SUSPICIOUS);
$fileOperation7->setCorrupted(false);
$fileOperation7->setType('file');
+
+ $fileOperation8 = new FileOperation();
+ $fileOperation8->setCommand(Monitor::CREATE);
+ $fileOperation8->setOriginalName('file.unknown');
+ $fileOperation8->setFileExtensionClass(FileExtensionResult::SUSPICIOUS);
+ $fileOperation8->setCorrupted(false);
+ $fileOperation8->setType('file');
// not a sequence
$sequence1 = [$fileOperation1];
$sequence2 = [$fileOperation1, $fileOperation1];
@@ -155,7 +162,7 @@ class FileTypeFunnellingAnalyzerTest extends TestCase
// all written files have known extensions but are corrupted
$sequence13 = [$fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3];
// only read access
- $sequence14 = [$fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7];
+ $sequence14 = [$fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation8];
return [
['sequence' => [], 'fileTypeFunnelingClass' => 0],
diff --git a/tests/Unit/Analyzer/SequenceAnalyzerTest.php b/tests/Unit/Analyzer/SequenceAnalyzerTest.php
index eeed975..4c9a774 100644
--- a/tests/Unit/Analyzer/SequenceAnalyzerTest.php
+++ b/tests/Unit/Analyzer/SequenceAnalyzerTest.php
@@ -99,9 +99,22 @@ class SequenceAnalyzerTest extends TestCase
$fileOperation6->setType('file');
$fileOperation6->setSuspicionClass(Classifier::NO_INFORMATION);
+ $fileOperation7 = new FileOperation();
+ $fileOperation7->setCommand(Monitor::DELETE);
+ $fileOperation7->setType('file');
+ $fileOperation7->setSize(123000);
+ $fileOperation7->setOriginalName('test.csv');
+
+ $fileOperation8 = new FileOperation();
+ $fileOperation8->setCommand(Monitor::DELETE);
+ $fileOperation8->setType('file');
+ $fileOperation8->setSize(1230022);
+ $fileOperation8->setOriginalName('test.csv');
+
$fileOperationRead = new FileOperation();
$fileOperationRead->setCommand(Monitor::READ);
$fileOperationRead->setType('file');
+ $fileOperationRead->setSize(123000);
$fileOperationRead->setOriginalName('test.csv');
$fileOperationRename = new FileOperation();
@@ -114,6 +127,11 @@ class SequenceAnalyzerTest extends TestCase
$fileOperationUnknown->setType('file');
$fileOperationUnknown->setOriginalName('test.csv');
+ $fileOperationCreate = new FileOperation();
+ $fileOperationCreate->setCommand(Monitor::CREATE);
+ $fileOperationCreate->setType('file');
+ $fileOperationCreate->setOriginalName('test.csv');
+
//TODO: extend tests
return [
['sequence' => [], 'suspicionScore' => 0],
@@ -121,11 +139,15 @@ class SequenceAnalyzerTest extends TestCase
['sequence' => [$fileOperation2], 'suspicionScore' => 1],
['sequence' => [$fileOperationRead], 'suspicionScore' => 0],
['sequence' => [$fileOperationRename], 'suspicionScore' => 0],
- ['sequence' => [$fileOperationUnknown], 'suspicionScore' => 0],
+ ['sequence' => [$fileOperationUnknown], 'suspicionScore' => 0],
+ ['sequence' => [$fileOperationCreate], 'suspicionScore' => 0],
+ ['sequence' => [$fileOperation6], 'suspicionScore' => 0],
['sequence' => [$fileOperation3], 'suspicionScore' => 0.5],
['sequence' => [$fileOperation4], 'suspicionScore' => 0],
['sequence' => [$fileOperation5], 'suspicionScore' => 0],
['sequence' => [$fileOperation6], 'suspicionScore' => 0],
+ ['sequence' => [$fileOperation6, $fileOperation7], 'suspicionScore' => 1],
+ ['sequence' => [$fileOperation6, $fileOperation8], 'suspicionScore' => 0],
];
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 09:09:43 +0300