Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make CuckooML plotting dependant on library imports #15

Open
So-Cool opened this issue Oct 2, 2016 · 11 comments
Open

Make CuckooML plotting dependant on library imports #15

So-Cool opened this issue Oct 2, 2016 · 11 comments

Comments

@So-Cool
Copy link
Collaborator

So-Cool commented Oct 2, 2016

In the try: import... create a global variable for all the libraries necessary for plotting and condition CuckooML plotting on that.
The result: no need to install plotting packages if you're only interested in malware analysis with textual output.

@greninja
Copy link

greninja commented Nov 8, 2016

can we add a 'raw_input()' prompting for 'if the user wants to use plotting or not' and import the required libraries only on a 'yes'?

@So-Cool
Copy link
Collaborator Author

So-Cool commented Nov 9, 2016

Not really, given that we want to automatically analyse large malware datasets this could potentially cause inconvenience. A better approach would be to give one plotting switch in conf/cuckooml.conf, but still check for imports in case someone is running an analysis and forgot to install the plotting packages; in that case all the computation time will go in vain as the code will crash while attempting to plot something before reporting any useful results.

@greninja
Copy link

greninja commented Dec 3, 2016

The checking for imports of plotting libraries is taken care by the try and catch block.

As far as giving a plotting switch is concerned, don't the "figures" argument in detect_abnormal_behavior() and "plot" argument in clustering_label_distribution() do exactly that?

@So-Cool
Copy link
Collaborator Author

So-Cool commented Dec 6, 2016

At the moment they are all imported in one block. For instance pandas is necessary for the module to work, but matplotlib is only needed if you want to plot something. Separating these into blocks responsible for particular CuckooML's functionality is probably what we want to do.

greninja added a commit to greninja/cuckooml that referenced this issue Dec 8, 2016
If user only wants textual output as mentioned by So-Cool in enhancement issue honeynet#15.
@So-Cool
Copy link
Collaborator Author

So-Cool commented Dec 26, 2016

@greninja, this is good beginning, but there are couple of issues with your contribution.

First of all, plotting variable is missing in the conf/cuckooml.conf.

In detect_abnormal_behaviour figures is by default set to True and in clustering_label_distribution plot is set by default to False.
In both these functions there has to be a safety check for plotting. If somebody sets any of these variables to True but Config("cuckooml").cuckooml.plotting is set to False than both these functions should overwrite plotting variable to False and possibly print some sort of warning.

Are you willing to fix these?

@greninja
Copy link

greninja commented Dec 27, 2016

Hey @So-Cool,

I actually have added the plotting variable:
in commit 80148b4

For the other issue:

Absolutely correct. So if a user sets Config("cuckooml").cuckooml.plotting to False and either of the variables(figures and plot) to true, the libraries wont be imported and the plotting cant be done. My question is : is terminating the program ,when this error occurs, with a warning a good idea or importing the modules there , in the function block, would be appropriate?

@So-Cool
Copy link
Collaborator Author

So-Cool commented Dec 28, 2016

Sorry @greninja, I've missed that commit.

Terminating is not particularly good idea; I guess people would be annoyed if it takes a lot of time to crunch the data and then they are left with nothing because they have forgotten to install the plotting libraries.
On the other hand, if just a warning is printed, the computation will finish and they can produce the plots later based on the classification outcome that has been saved to a file. Therefore, in such a case I would opt for overwriting these variables to False and printing a warning message.

greninja added a commit to greninja/cuckooml that referenced this issue Dec 28, 2016
greninja added a commit to greninja/cuckooml that referenced this issue Dec 28, 2016
Enhancement Features according to honeynet#15
@greninja
Copy link

I have made the changes apprised by you.

Though I made a mistake while pushing commits. I am really sorry. Hence I had to close the PR and open it again.

Also while running 'cuckooml.py' I am facing 'ImportError: No module named lib.cuckoo.common.config'
. How do I rectify it?

@So-Cool
Copy link
Collaborator Author

So-Cool commented Dec 29, 2016

I haven't come across lib.cuckoo.common.config ImportError, @greninja. How do you run it? What's your PYTHONPATH?

greninja pushed a commit to greninja/cuckooml that referenced this issue Dec 31, 2016
greninja added a commit to greninja/cuckooml that referenced this issue Dec 31, 2016
greninja added a commit to greninja/cuckooml that referenced this issue Jan 2, 2017
@greninja
Copy link

greninja commented Jan 5, 2017

I run it normally: python cuckooml.py. I did add the projects path to the .bashrc file like:
export PYTHONPATH="$PYTHONPATH:/home/shadab/cuckooml/" but it doesnt seem to work.

@So-Cool
Copy link
Collaborator Author

So-Cool commented Jan 6, 2017

Alright, you shouldn't run cuckooml.py directly from modules/processing directory. The correct way is to be in cuckooml root directory and in Python interpreter do import modules.processing.cuckooml.

greninja added a commit to greninja/cuckooml that referenced this issue Jan 15, 2017
greninja added a commit to greninja/cuckooml that referenced this issue Jan 15, 2017
greninja added a commit to greninja/cuckooml that referenced this issue Feb 18, 2017
greninja added a commit to greninja/cuckooml that referenced this issue Feb 18, 2017
greninja added a commit to greninja/cuckooml that referenced this issue Feb 19, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants