{
"cells": [
{
"cell_type": "code",
"execution_count": 6,
"id": "b156c93b-7114-4401-8956-0bbdf3f55819",
"metadata": {},
"outputs": [
{
"name": "stderr",
"output_type": "stream",
"text": [
"/home/cheikh/anaconda3/lib/python3.12/site-packages/gradio/blocks.py:1049: UserWarning: Cannot load huggingface. Caught Exception: 404 Client Error: Not Found for url: https://huggingface.co/api/spaces/huggingface (Request ID: Root=1-6761d652-5bc4d5a26e798b4156071116;691ae8e4-ee45-43b8-8d96-de80ab472888)\n",
"\n",
"Sorry, we can't find the page you are looking for.\n",
" warnings.warn(f\"Cannot load {theme}. Caught Exception: {str(e)}\")\n"
]
},
{
"name": "stdout",
"output_type": "stream",
"text": [
"* Running on local URL: http://127.0.0.1:7861\n",
"* Running on public URL: https://9cd0ff2c927f533d29.gradio.live\n",
"\n",
"This share link expires in 72 hours. For free permanent hosting and GPU upgrades, run `gradio deploy` from the terminal in the working directory to deploy to Hugging Face Spaces (https://huggingface.co/spaces)\n"
]
},
{
"data": {
"text/html": [
""
],
"text/plain": [
""
]
},
"metadata": {},
"output_type": "display_data"
}
],
"source": [
"\n",
"import os\n",
"import joblib\n",
"import pefile\n",
"import numpy as np\n",
"import pandas as pd\n",
"import gradio as gr\n",
"import hashlib\n",
"\n",
"\n",
"# Charger le modèle pré-entraîné\n",
"try:\n",
" model = joblib.load('random_forest_model.pkl')\n",
"except Exception as e:\n",
" print(f\"Erreur de chargement du modèle : {e}\")\n",
" model = None\n",
"\n",
"def calculate_file_hash(file_path):\n",
" \"\"\"Calculer le hash SHA-256 du fichier.\"\"\"\n",
" sha256_hash = hashlib.sha256()\n",
" with open(file_path, \"rb\") as f:\n",
" for byte_block in iter(lambda: f.read(4096), b\"\"):\n",
" sha256_hash.update(byte_block)\n",
" return sha256_hash.hexdigest()\n",
"\n",
"def extract_pe_attributes(file_path):\n",
" \"\"\"Extraction avancée des attributs du fichier PE.\"\"\"\n",
" try:\n",
" pe = pefile.PE(file_path)\n",
"\n",
" attributes = {\n",
" # Attributs PE standard\n",
" 'AddressOfEntryPoint': pe.OPTIONAL_HEADER.AddressOfEntryPoint,\n",
" 'MajorLinkerVersion': pe.OPTIONAL_HEADER.MajorLinkerVersion,\n",
" 'MajorImageVersion': pe.OPTIONAL_HEADER.MajorImageVersion,\n",
" 'MajorOperatingSystemVersion': pe.OPTIONAL_HEADER.MajorOperatingSystemVersion,\n",
" 'DllCharacteristics': pe.OPTIONAL_HEADER.DllCharacteristics,\n",
" 'SizeOfStackReserve': pe.OPTIONAL_HEADER.SizeOfStackReserve,\n",
" 'NumberOfSections': pe.FILE_HEADER.NumberOfSections,\n",
" 'ResourceSize':pe.OPTIONAL_HEADER.DATA_DIRECTORY[2].Size\n",
" }\n",
" \"\"\"## Ressources\n",
" data_directory_entries = pe.OPTIONAL_HEADER.DATA_DIRECTORY\n",
" # Parcourir la liste pour trouver l'entrée du répertoire des ressources\n",
" for entry in data_directory_entries:\n",
" if entry.name == \"IMAGE_DIRECTORY_ENTRY_RESOURCE\":\n",
" resource_size = entry.Size\n",
" attributes['ResourceSize'] = resource_size\n",
" break\n",
" else:\n",
" attributes['ResourceSize'] = 0\"\"\"\n",
" \n",
" \n",
"\n",
" return attributes\n",
" except Exception as e:\n",
" print(f\"Erreur de traitement du fichier {file_path}: {str(e)}\")\n",
" return f\"Erreur de traitement du fichier {file_path}: {str(e)}\"\n",
"\n",
"def predict_malware(file):\n",
" \"\"\"Prédiction de malware avec gestion d'erreurs.\"\"\"\n",
" if model is None:\n",
" return \"Erreur : Modèle non chargé\"\n",
"\n",
" try:\n",
" # Extraire les attributs du fichier\n",
" attributes = extract_pe_attributes(file.name)\n",
" if \"Erreur\" in attributes:\n",
" return attributes\n",
"\n",
" # Convertir en DataFrame\n",
" df = pd.DataFrame([attributes])\n",
"\n",
" # Prédiction\n",
" prediction = model.predict(df)\n",
" proba = model.predict_proba(df)[0]\n",
"\n",
" # Résultat avec probabilité\n",
" if prediction[0] == 1:\n",
" return f\"🚨 MALWARE (Probabilité: {proba[1] * 100:.2f}%)\"\n",
" else:\n",
" return f\"✅ Fichier Légitime (Probabilité: {proba[0] * 100:.2f}%)\"\n",
" except Exception as e:\n",
" return f\"Erreur d'analyse : {str(e)}\"\n",
"\n",
"# Interface Gradio\n",
"demo = gr.Interface(\n",
" fn=predict_malware,\n",
" inputs=gr.File(file_types=['.exe', '.dll', '.sys'], label=\"Télécharger un fichier exécutable\"),\n",
" outputs=\"text\",\n",
" title=\"🛡️ Détecteur de Malwares\",\n",
" theme='huggingface' # Thème moderne\n",
")\n",
"\n",
"if __name__ == \"__main__\":\n",
" demo.launch(share=True) # Rend l'interface accessible publiquement\n"
]
},
{
"cell_type": "code",
"execution_count": null,
"id": "5f87e13b-157d-4105-865f-daa2919c2711",
"metadata": {},
"outputs": [],
"source": []
},
{
"cell_type": "code",
"execution_count": null,
"id": "c23ce0c3-ac81-438b-a8b8-1264ac99dd12",
"metadata": {},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3 (ipykernel)",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.12.4"
}
},
"nbformat": 4,
"nbformat_minor": 5
}