|
@@ -19,6 +19,7 @@ import numpy as np
|
|
|
from dateutil import parser
|
|
|
import plotly.plotly as py
|
|
|
import plotly.graph_objs as go
|
|
|
+import machine_learning as ml
|
|
|
|
|
|
logging.basicConfig(stream=sys.stderr, level=logging.DEBUG)
|
|
|
## Increase the recursion limit by much to allow bs to parse large files
|
|
@@ -367,7 +368,7 @@ def updateCVETables(myid, dsatable, state, src2dsa, dsa2cve, cvetable, client):
|
|
|
|
|
|
###############################################################################
|
|
|
## Check for updates on Package information
|
|
|
-def aptsec_update(state, config, dsatable, client, src2dsa, dsa2cve, cvetable):
|
|
|
+def aptsec_update(state, config, dsatable, client, src2dsa, dsa2cve, src2month, cvetable):
|
|
|
args = sys.argv
|
|
|
# if not('--offline' in args):
|
|
|
# fetchMeta('Packages')
|
|
@@ -402,7 +403,7 @@ def aptsec_update(state, config, dsatable, client, src2dsa, dsa2cve, cvetable):
|
|
|
|
|
|
# recompute all pkg statistics
|
|
|
for srcpkg in src2dsa:
|
|
|
- processCVEs(srcpkg, now, src2dsa, dsa2cve, cvetable, config)
|
|
|
+ processCVEs(srcpkg, now, src2dsa, dsa2cve, src2month, cvetable, config)
|
|
|
|
|
|
return 0
|
|
|
###############################################################################
|
|
@@ -423,7 +424,7 @@ def resolvePkg2Src(pkglist, pkg2src):
|
|
|
## compute and store MTBF, MTBR and Scores of each src pkg
|
|
|
## output: %src2mtbf:
|
|
|
## (srcpkg=> ())
|
|
|
-def processCVEs(pkg, now, src2dsa, dsa2cve, cvetable, config):
|
|
|
+def processCVEs(pkg, now, src2dsa, dsa2cve, src2month, cvetable, config):
|
|
|
stats = [now, 0, 0, 0, 0, 0, 0]
|
|
|
mylambda = config['TRUST']['lambda']
|
|
|
cvestats = dict()
|
|
@@ -465,17 +466,53 @@ def processCVEs(pkg, now, src2dsa, dsa2cve, cvetable, config):
|
|
|
count = sum(cvestats.values())
|
|
|
|
|
|
print(pkg + ' ' + str(count))
|
|
|
- if pkg == 'chromium-browser':
|
|
|
- print(src2dsa[pkg])
|
|
|
- pkg_plot(pkg, cvestats)
|
|
|
+# if pkg == 'chromium-browser':
|
|
|
+# print(src2dsa[pkg])
|
|
|
+# pkg_plot(pkg, cvestats)
|
|
|
+
|
|
|
+ format_data(pkg, cvestats, src2month)
|
|
|
|
|
|
- for date in dates:
|
|
|
- pass
|
|
|
- ## Need to do compute value
|
|
|
|
|
|
##TODO Code to compute trust goes here
|
|
|
|
|
|
|
|
|
+###############################################################################
|
|
|
+## format vulnerability data into monthly intervals, suitable for tensorflow
|
|
|
+def format_data(pkg, cvestats, src2month):
|
|
|
+
|
|
|
+ x = []
|
|
|
+ y = []
|
|
|
+ monthyear = []
|
|
|
+ year = []
|
|
|
+
|
|
|
+ items=list(cvestats.items())
|
|
|
+ items.sort(key=lambda tup: tup[0])
|
|
|
+
|
|
|
+ for data_dict in items:
|
|
|
+ x.append(parser.parse(data_dict[0]))
|
|
|
+ y.append(int(data_dict[1]))
|
|
|
+
|
|
|
+ for i in range(2000, 2017):
|
|
|
+ temp = []
|
|
|
+ for j in range(12):
|
|
|
+ temp.append(0)
|
|
|
+ monthyear.append(temp)
|
|
|
+
|
|
|
+ for i in range(len(x)):
|
|
|
+ monthyear[x[i].year-2000][x[i].month-1] += y[i]
|
|
|
+
|
|
|
+ months_list = [item for sublist in monthyear for item in sublist]
|
|
|
+
|
|
|
+ temp_months = np.zeros(len(months_list))
|
|
|
+ i = 0
|
|
|
+ for element in months_list:
|
|
|
+ temp_months[i] = np.float32(element)
|
|
|
+ i += 1
|
|
|
+
|
|
|
+ src2month[pkg] = temp_months
|
|
|
+ return
|
|
|
+
|
|
|
+
|
|
|
###############################################################################
|
|
|
## plot vulnerability time distribution for a single package
|
|
|
def pkg_plot(pkg, cvestats):
|
|
@@ -494,7 +531,7 @@ def pkg_plot(pkg, cvestats):
|
|
|
monthyear = []
|
|
|
year = []
|
|
|
# initialize list
|
|
|
- for i in range(1995,2017):
|
|
|
+ for i in range(2000,2017):
|
|
|
temp = []
|
|
|
for j in range(12):
|
|
|
temp.append(0)
|
|
@@ -502,7 +539,7 @@ def pkg_plot(pkg, cvestats):
|
|
|
|
|
|
for i in range(len(x)):
|
|
|
# print(str(x[i].year) + str(x[i].month))
|
|
|
- monthyear[x[i].year-1995][x[i].month-1] += y[i]
|
|
|
+ monthyear[x[i].year-2000][x[i].month-1] += y[i]
|
|
|
newx = []
|
|
|
yearsx = []
|
|
|
year = []
|
|
@@ -534,9 +571,9 @@ def pkg_plot(pkg, cvestats):
|
|
|
|
|
|
|
|
|
for i in range(len(year)):
|
|
|
- yearsx.append(i + 1995)
|
|
|
+ yearsx.append(i + 2000)
|
|
|
|
|
|
- k = 1995
|
|
|
+ k = 2000
|
|
|
datapoints = []
|
|
|
for i in range(len(month)):
|
|
|
datapoints.append(i+1)
|
|
@@ -666,6 +703,7 @@ cve_db = client.cvedb
|
|
|
src2dsa = dict()
|
|
|
dsa2cve = dict()
|
|
|
cvetable = dict()
|
|
|
+src2month = dict()
|
|
|
|
|
|
(state, err) = load_state()
|
|
|
state['vendor'] = 'debian'
|
|
@@ -678,10 +716,11 @@ state['vendor'] = 'debian'
|
|
|
if action == 'update':
|
|
|
(dsatable, src2dsa, dsa2cve, cvetable) = load_DBs()
|
|
|
# loadsha1lists()
|
|
|
- aptsec_update(state,config, dsatable, client, src2dsa, dsa2cve, cvetable)
|
|
|
+ aptsec_update(state,config, dsatable, client, src2dsa, dsa2cve, src2month, cvetable)
|
|
|
# save_sha1lists()
|
|
|
save_DBs(dsatable, src2dsa, dsa2cve, cvetable)
|
|
|
save_state(state)
|
|
|
+ ml.predict(src2month)
|
|
|
elif action == 'status':
|
|
|
load_DBs or exit(1)
|
|
|
#handle errors more gracefully
|