From d4c8484a92b4c372091c5204333501368aed8c90 Mon Sep 17 00:00:00 2001
From: Matthias Held <ilovemilk@wusa.io>
Date: Fri, 14 Sep 2018 20:55:02 +0200
Subject: Extend tests

Signed-off-by: Matthias Held <matthias.held@uni-konstanz.de>
---
 .../Analyzer/FileTypeFunnellingAnalyzerTest.php    |  9 +++++++-
 tests/Unit/Analyzer/SequenceAnalyzerTest.php       | 24 +++++++++++++++++++++-
 2 files changed, 31 insertions(+), 2 deletions(-)

(limited to 'tests/Unit')

diff --git a/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php b/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
index e2e0bc1..054d6a3 100644
--- a/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
+++ b/tests/Unit/Analyzer/FileTypeFunnellingAnalyzerTest.php
@@ -131,6 +131,13 @@ class FileTypeFunnellingAnalyzerTest extends TestCase
         $fileOperation7->setFileExtensionClass(FileExtensionResult::SUSPICIOUS);
         $fileOperation7->setCorrupted(false);
         $fileOperation7->setType('file');
+
+		$fileOperation8 = new FileOperation();
+        $fileOperation8->setCommand(Monitor::CREATE);
+        $fileOperation8->setOriginalName('file.unknown');
+        $fileOperation8->setFileExtensionClass(FileExtensionResult::SUSPICIOUS);
+        $fileOperation8->setCorrupted(false);
+        $fileOperation8->setType('file');
         // not a sequence
         $sequence1 = [$fileOperation1];
         $sequence2 = [$fileOperation1, $fileOperation1];
@@ -155,7 +162,7 @@ class FileTypeFunnellingAnalyzerTest extends TestCase
         // all written files have known extensions but are corrupted
         $sequence13 = [$fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3, $fileOperation3];
         // only read access
-        $sequence14 = [$fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7];
+        $sequence14 = [$fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation7, $fileOperation8];
 
         return [
             ['sequence' => [], 'fileTypeFunnelingClass' => 0],
diff --git a/tests/Unit/Analyzer/SequenceAnalyzerTest.php b/tests/Unit/Analyzer/SequenceAnalyzerTest.php
index eeed975..4c9a774 100644
--- a/tests/Unit/Analyzer/SequenceAnalyzerTest.php
+++ b/tests/Unit/Analyzer/SequenceAnalyzerTest.php
@@ -99,9 +99,22 @@ class SequenceAnalyzerTest extends TestCase
         $fileOperation6->setType('file');
         $fileOperation6->setSuspicionClass(Classifier::NO_INFORMATION);
 
+		$fileOperation7 = new FileOperation();
+        $fileOperation7->setCommand(Monitor::DELETE);
+        $fileOperation7->setType('file');
+		$fileOperation7->setSize(123000);
+        $fileOperation7->setOriginalName('test.csv');
+
+		$fileOperation8 = new FileOperation();
+        $fileOperation8->setCommand(Monitor::DELETE);
+        $fileOperation8->setType('file');
+		$fileOperation8->setSize(1230022);
+        $fileOperation8->setOriginalName('test.csv');
+
         $fileOperationRead = new FileOperation();
         $fileOperationRead->setCommand(Monitor::READ);
         $fileOperationRead->setType('file');
+		$fileOperationRead->setSize(123000);
         $fileOperationRead->setOriginalName('test.csv');
 
         $fileOperationRename = new FileOperation();
@@ -114,6 +127,11 @@ class SequenceAnalyzerTest extends TestCase
         $fileOperationUnknown->setType('file');
         $fileOperationUnknown->setOriginalName('test.csv');
 
+		$fileOperationCreate = new FileOperation();
+        $fileOperationCreate->setCommand(Monitor::CREATE);
+        $fileOperationCreate->setType('file');
+        $fileOperationCreate->setOriginalName('test.csv');
+
         //TODO: extend tests
         return [
             ['sequence' => [], 'suspicionScore' => 0],
@@ -121,11 +139,15 @@ class SequenceAnalyzerTest extends TestCase
             ['sequence' => [$fileOperation2], 'suspicionScore' => 1],
             ['sequence' => [$fileOperationRead], 'suspicionScore' => 0],
             ['sequence' => [$fileOperationRename], 'suspicionScore' => 0],
-            ['sequence' => [$fileOperationUnknown], 'suspicionScore' => 0],
+			['sequence' => [$fileOperationUnknown], 'suspicionScore' => 0],
+            ['sequence' => [$fileOperationCreate], 'suspicionScore' => 0],
+			['sequence' => [$fileOperation6], 'suspicionScore' => 0],
             ['sequence' => [$fileOperation3], 'suspicionScore' => 0.5],
             ['sequence' => [$fileOperation4], 'suspicionScore' => 0],
             ['sequence' => [$fileOperation5], 'suspicionScore' => 0],
             ['sequence' => [$fileOperation6], 'suspicionScore' => 0],
+			['sequence' => [$fileOperation6, $fileOperation7], 'suspicionScore' => 1],
+			['sequence' => [$fileOperation6, $fileOperation8], 'suspicionScore' => 0],
         ];
     }
 
-- 
cgit v1.2.3