initiliaze updating

ApiCallSequence-MalDect/ApiCallSequence-MalDect.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ApiCallSequence-MalDect", "ApiCallSequence-MalDect\ApiCallSequence-MalDect.csproj", "{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

ApiCallSequence-MalDect/ApiCallSequence-MalDect/ApiCallSequence-MalDect.csproj

@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{FAEED01F-7C2A-4F64-9157-72F3F0BEDE48}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>ApiCallSequence_MalDect</RootNamespace>
+    <AssemblyName>ApiCallSequence-MalDect</AssemblyName>
+    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Deployment" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.Windows.Forms" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Form1.cs">
+      <SubType>Form</SubType>
+    </Compile>
+    <Compile Include="Form1.Designer.cs">
+      <DependentUpon>Form1.cs</DependentUpon>
+    </Compile>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <EmbeddedResource Include="Form1.resx">
+      <DependentUpon>Form1.cs</DependentUpon>
+    </EmbeddedResource>
+    <EmbeddedResource Include="Properties\Resources.resx">
+      <Generator>ResXFileCodeGenerator</Generator>
+      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
+      <SubType>Designer</SubType>
+    </EmbeddedResource>
+    <Compile Include="Properties\Resources.Designer.cs">
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Resources.resx</DependentUpon>
+    </Compile>
+    <None Include="Properties\Settings.settings">
+      <Generator>SettingsSingleFileGenerator</Generator>
+      <LastGenOutput>Settings.Designer.cs</LastGenOutput>
+    </None>
+    <Compile Include="Properties\Settings.Designer.cs">
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Settings.settings</DependentUpon>
+      <DesignTimeSharedInput>True</DesignTimeSharedInput>
+    </Compile>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>

ApiCallSequence-MalDect/ApiCallSequence-MalDect/App.config

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
+    </startup>
+</configuration>

ApiCallSequence-MalDect/ApiCallSequence-MalDect/Form1.cs

@@ -0,0 +1,104 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Forms;
+
+namespace ApiCallSequence_MalDect
+{
+    public partial class Form1 : Form
+    {
+        public Form1()
+        {
+            InitializeComponent();
+            //belirtilen dosyadan sequence alınır ve apiler kodlanır. api adları ce kodları codesdgw e yuklenir her kod ile ACSdgw nin row başlıkları olur, columlarını da malware yazılır
+            //o malwarede varsa 1 yoksa 0 koyulur.
+            //en çok malwarede olan row başlıklarından subsequence oluşturulur ve girilen bulunma oranına göre subsequence çıkarılır.
+            string filename = @"D:\api_call_seq1.txt";
+            string filename2 = @"D:\api_call_seq2.txt";
+            comboBox1.Items.Add(filename);
+            ACSdgw.DataSource = ApiCallSeqeuence(filename);
+            Lcsdgw.DataSource = LongestCommonSubsequence(filename, filename2);
+        }
+        public List<String> readFile(string filename)
+        {
+            //@"C:\Users\Public\TestFolder\WriteLines2.txt"
+            List<String> apiFuncSeq = new List<string>();
+            string[] lines = System.IO.File.ReadAllLines(filename);
+
+            // Display the file contents by using a foreach loop.
+            int i=0;
+            foreach (string line in lines)
+            {
+                if (i == 0||line == "[" || line == "]")
+                {
+                    i++;
+                    continue;
+                }
+
+                // Use a tab to indent each line of the file.
+                Console.WriteLine("\t" + line);
+                apiFuncSeq.Add(line);
+                i++;
+            }
+            return apiFuncSeq;
+         }
+        public DataTable LongestCommonSubsequence(string f1, string f2)
+        {
+            DataTable dt = new DataTable();
+            dt.Columns.Add("API function", typeof(String));
+            List<String> apiFuncSeq1 = readFile(f1);
+            List<String> apiFuncSeq2 = readFile(f2);
+            foreach (string af in apiFuncSeq1.Distinct())
+            {
+                if(apiFuncSeq2.Contains(af))
+                     dt.Rows.Add(af);
+            }
+            return dt;
+        }
+        public DataTable ApiCallSeqeuence(string filename)
+        {
+            DataTable dt = new DataTable();
+            dt.Columns.Add("API function", typeof(String));
+            List < String > apiFuncSeq = readFile(filename);
+            foreach (string af in apiFuncSeq.Distinct())
+            {
+
+                dt.Rows.Add(af);
+            }
+            return dt;
+        }
+        public DataTable apiFuncCoding(List<String> apiFuncSeq)
+        {
+            DataTable dt = new DataTable();
+            dt.Columns.Add("API function", typeof(String));
+            dt.Columns.Add("Codes", typeof(String));
+            string code="";
+            foreach(string af in apiFuncSeq.Distinct())
+            {
+                code="";
+                if (af.Any(char.IsUpper))
+                {
+                    foreach (char letter in af)
+                    {
+                        if (Char.IsUpper(letter) && af.Length > 0)
+                            code += " " + letter;
+                        else
+                            code += letter;
+                    }
+
+                }
+                else
+                {
+                    code = af.Substring(0, 4);
+                }
+                dt.Rows.Add(af, code);
+            }
+            return dt;
+        }
+    }
+}