Original Entry Point detection based on graph similarity

The official source code for the paper "Original Entry Point detection based on graph similarity"
This code is undergoing a refactoring process
This code is for research purposes only

Requirements

python graph_based_method.py --log_path logs/graph_based_method9

Packer identification by VirusTotal and PyPackerDetect
Note: Change the path of folder "check_virustotal" and "test_Gunpacker" in the code.

python tools/packer_identification_others.py

OEP detection by Gunpacker and QuickUnpack
Note: Change the path of folder "check_virustotal" and "test_Gunpacker" in the code.

Gunpacker:
python tools/packer_identification_others.py
QuickUnpack:
python tools/OEP_detection_QuickUnpack.py

Packer identification and OEP detection on malware samples:
Change the path of "log_be_pum_malware_all" in the code

python tools/malware_inference.py

sh scripts/running_[packer_name].sh

For example:

sh scripts/running_upx.sh

Delete "end_of_unpacking_sequence.txt" before running

python standard_graph_construction.py

Name		Name	Last commit message	Last commit date
Latest commit History 204 Commits
common		common
configs		configs
logs		logs
oep_data		oep_data
scripts		scripts
testing		testing
tools		tools
utils		utils
.gitignore		.gitignore
OEP_dataset.csv		OEP_dataset.csv
README.md		README.md
clustering_mixed_packer.py		clustering_mixed_packer.py
data_preparation.py		data_preparation.py
data_preparation_telock.py		data_preparation_telock.py
generate_sub_graph.py		generate_sub_graph.py
graph_based_method.py		graph_based_method.py
inference.py		inference.py
output_mixed_0.2_all.txt		output_mixed_0.2_all.txt
requirements.txt		requirements.txt
standard_graph_construction.py		standard_graph_construction.py