penguinpowernz · November 8, 2023 00:55
diff --git a/buildembeddings.go b/buildembeddings.go
 package main

 //chatgpt generated god knows if it works

 import (
 	"fmt"
 	"log"

 	"github.com/ynqa/wego/pkg/model"
 )

 func main() {
 	// Load the pre-trained Word2Vec model.
  // maybe these ones will work https://wikipedia2vec.github.io/wikipedia2vec/pretrained/
 	m, err := model.New("word2vec.bin")
 	if err != nil {
 		log.Fatal(err)
 	}

 	// Input text for which you want to get word embeddings.
  execveDump, _ := os.ReadFile("execdump.txt")

 	// Tokenize the input text into words (assuming the text is space-separated).
  words := strings.Split(strings.ReplaceAll(string(execveDump), "\n", ""), "\n")

 	// Initialize a map to store word embeddings.
 	embeddings := make(map[string][]float64)

 	// Obtain embeddings for each word.
 	for _, word := range words {
 		if m.Exists(word) {
 			vector, _ := m.GetVector(word)
 			embeddings[word] = vector
 		} else {
 			fmt.Printf("Word '%s' not found in the vocabulary\n", word)
 		}
 	}

 	// Combine the individual word embeddings into one vector.
 	combinedVector := combineWordEmbeddings(embeddings, words)

 	// Print the combined vector for the entire text.
 	fmt.Printf("Combined Vector: %v\n", combinedVector)
 }

 // CombineWordEmbeddings combines individual word embeddings into one vector.
 func combineWordEmbeddings(embeddings map[string][]float64, words []string) []float64 {
 	if len(words) == 0 {
 		return nil
 	}

 	// Initialize the combined vector with the first word's embedding.
 	combinedVector := embeddings[words[0]]

 	// Iterate through the remaining words and add their embeddings to the combined vector.
 	for i := 1; i < len(words); i++ {
 		word := words[i]
 		if vector, exists := embeddings[word]; exists {
 			for j := 0; j < len(combinedVector); j++ {
 				combinedVector[j] += vector[j]
 			}
 		}
 	}

 	return combinedVector
 }
diff --git a/streamexec.go b/streamexec.go
 package main

 // run these commands first to get this to run:
 //   apt-get install auditd
 //   auditctl -a always,exit -F arch=b64 -S execve
 //   systemctl restart auditd

 import (
 	"bufio"
 	"fmt"
 	"os"
 	"regexp"
 )

 func main() {
 	// Open the audit.log file for reading
 	file, err := os.Open("/var/log/audit/audit.log")
 	if err != nil {
 		fmt.Println("Error opening audit.log:", err)
 		return
 	}
 	defer file.Close()

 	// Create a reader to read the file
 	reader := bufio.NewReader(file)

 	// Seek to the end of the file
 	_, err = file.Seek(0, os.SEEK_END)
 	if err != nil {
 		fmt.Println("Error seeking to the end of the file:", err)
 		return
 	}

 	// Define a regular expression to match execve events in the audit.log
 	execveRegex := regexp.MustCompile(`type=EXECVE.*`)

 	// Continuously read new lines from the end of the file
 	for {
 		line, err := reader.ReadString('\n')

 		if err != nil {
 			// Ignore EOF errors, wait for more data to be written
 			if err.Error() != "EOF" {
 				fmt.Println("Error reading audit.log:", err)
 			}
 		} else {
 			// Check if the line contains an execve event
 			if execveRegex.MatchString(line) {
 				// Extract and print the arguments
 				args := extractArguments(line)
 				fmt.Printf("Executed Command Arguments: %v\n", args)
 			}
 		}
 	}
 }

 func extractArguments(line string) []string {
 	// Define a regular expression to extract the arguments from the line
 	argRegex := regexp.MustCompile(`a\d+="([^"]+)"`)

 	// Find and collect the arguments in the line
 	matches := argRegex.FindAllStringSubmatch(line, -1)
 	args := []string{}
 	for _, match := range matches {
 		if len(match) == 2 {
 			args = append(args, match[1])
 		}
 	}

 	return args
 }
diff --git a/trainmodel.go b/trainmodel.go
 package main

 //chatgpt generated, god knows if it works

 import (
    "fmt"
    "log"

    "gorgonia.org/gorgonia"
    "gorgonia.org/tensor"
 )

 func main() {
    g := gorgonia.NewGraph()

    // Define the input size (adjust to your data)
    inputSize := 100

    // Define the encoder and decoder layer sizes
    encoderSize := 64
    decoderSize := inputSize

    // Create input placeholder
    x := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, inputSize), gorgonia.WithName("x"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, inputSize)))).(*gorgonia.Node)

    // Create encoder layer
    encWeights := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(inputSize, encoderSize), gorgonia.WithName("encWeights"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(inputSize, encoderSize)))).(*gorgonia.Node)
    encBiases := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, encoderSize), gorgonia.WithName("encBiases"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, encoderSize)))).(*gorgonia.Node)
    encoderLayer := gorgonia.Must(gorgonia.Add(gorgonia.Must(gorgonia.Mul(x, encWeights)), encBiases))

    // Create decoder layer
    decWeights := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(encoderSize, decoderSize), gorgonia.WithName("decWeights"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(encoderSize, decoderSize)))).(*gorgonia.Node)
    decBiases := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, decoderSize), gorgonia.WithName("decBiases"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, decoderSize)))).(*gorgonia.Node)
    decoderLayer := gorgonia.Must(gorgonia.Add(gorgonia.Must(gorgonia.Mul(encoderLayer, decWeights)), decBiases))

    // Define the loss function (e.g., mean squared error)
    loss := gorgonia.Must(gorgonia.Mean(gorgonia.Must(gorgonia.Square(gorgonia.Must(gorgonia.Sub(x, decoderLayer)))))

    // Create a gradient descent optimizer
    gradDesc := gorgonia.NewVanillaSolver(gorgonia.WithLearnRate(0.001))

    // Define the training operation
    gradDescOp, err := gorgonia.ApplyUpdates(encWeights, decWeights, encBiases, decBiases, gradDesc, gorgonia.NewGraph().Roots(loss))
    if err != nil {
        log.Fatal(err)
    }

    // Create a computation
    machine := gorgonia.NewTapeMachine(g, gorgonia.BindDualValues(encWeights, decWeights, encBiases, decBiases))

    // Simulated training data (replace with your data)
    trainingData := loadEmbeddings()

    for epoch := 0; epoch < 100; epoch++ {
        for _, data := range trainingData {
            // Set the input data
            gorgonia.Let(x, data)

            // Forward and backward pass
            if err := machine.RunAll(); err != nil {
                log.Fatal(err)
            }

            // Perform gradient descent
            gradDescOp()
        }
    }

    // Save the trained model for later use
    gorgonia.Save(g, "autoencoder_model")

    fmt.Println("Training complete.")
 }

 func loadEmbeddings() []float64 {
  return []float64{}
 }
	package main

	//chatgpt generated god knows if it works

	import (
	"fmt"
	"log"

	"github.com/ynqa/wego/pkg/model"
	)

	func main() {
	// Load the pre-trained Word2Vec model.
	// maybe these ones will work https://wikipedia2vec.github.io/wikipedia2vec/pretrained/
	m, err := model.New("word2vec.bin")
	if err != nil {
	log.Fatal(err)
	}

	// Input text for which you want to get word embeddings.
	execveDump, _ := os.ReadFile("execdump.txt")

	// Tokenize the input text into words (assuming the text is space-separated).
	words := strings.Split(strings.ReplaceAll(string(execveDump), "\n", ""), "\n")

	// Initialize a map to store word embeddings.
	embeddings := make(map[string][]float64)

	// Obtain embeddings for each word.
	for _, word := range words {
	if m.Exists(word) {
	vector, _ := m.GetVector(word)
	embeddings[word] = vector
	} else {
	fmt.Printf("Word '%s' not found in the vocabulary\n", word)
	}
	}

	// Combine the individual word embeddings into one vector.
	combinedVector := combineWordEmbeddings(embeddings, words)

	// Print the combined vector for the entire text.
	fmt.Printf("Combined Vector: %v\n", combinedVector)
	}

	// CombineWordEmbeddings combines individual word embeddings into one vector.
	func combineWordEmbeddings(embeddings map[string][]float64, words []string) []float64 {
	if len(words) == 0 {
	return nil
	}

	// Initialize the combined vector with the first word's embedding.
	combinedVector := embeddings[words[0]]

	// Iterate through the remaining words and add their embeddings to the combined vector.
	for i := 1; i < len(words); i++ {
	word := words[i]
	if vector, exists := embeddings[word]; exists {
	for j := 0; j < len(combinedVector); j++ {
	combinedVector[j] += vector[j]
	}
	}
	}

	return combinedVector
	}
	package main

	// run these commands first to get this to run:
	// apt-get install auditd
	// auditctl -a always,exit -F arch=b64 -S execve
	// systemctl restart auditd

	import (
	"bufio"
	"fmt"
	"os"
	"regexp"
	)

	func main() {
	// Open the audit.log file for reading
	file, err := os.Open("/var/log/audit/audit.log")
	if err != nil {
	fmt.Println("Error opening audit.log:", err)
	return
	}
	defer file.Close()

	// Create a reader to read the file
	reader := bufio.NewReader(file)

	// Seek to the end of the file
	_, err = file.Seek(0, os.SEEK_END)
	if err != nil {
	fmt.Println("Error seeking to the end of the file:", err)
	return
	}

	// Define a regular expression to match execve events in the audit.log
	execveRegex := regexp.MustCompile(`type=EXECVE.*`)

	// Continuously read new lines from the end of the file
	for {
	line, err := reader.ReadString('\n')

	if err != nil {
	// Ignore EOF errors, wait for more data to be written
	if err.Error() != "EOF" {
	fmt.Println("Error reading audit.log:", err)
	}
	} else {
	// Check if the line contains an execve event
	if execveRegex.MatchString(line) {
	// Extract and print the arguments
	args := extractArguments(line)
	fmt.Printf("Executed Command Arguments: %v\n", args)
	}
	}
	}
	}

	func extractArguments(line string) []string {
	// Define a regular expression to extract the arguments from the line
	argRegex := regexp.MustCompile(`a\d+="([^"]+)"`)

	// Find and collect the arguments in the line
	matches := argRegex.FindAllStringSubmatch(line, -1)
	args := []string{}
	for _, match := range matches {
	if len(match) == 2 {
	args = append(args, match[1])
	}
	}

	return args
	}
	package main

	//chatgpt generated, god knows if it works

	import (
	"fmt"
	"log"

	"gorgonia.org/gorgonia"
	"gorgonia.org/tensor"
	)

	func main() {
	g := gorgonia.NewGraph()

	// Define the input size (adjust to your data)
	inputSize := 100

	// Define the encoder and decoder layer sizes
	encoderSize := 64
	decoderSize := inputSize

	// Create input placeholder
	x := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, inputSize), gorgonia.WithName("x"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, inputSize)))).(*gorgonia.Node)

	// Create encoder layer
	encWeights := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(inputSize, encoderSize), gorgonia.WithName("encWeights"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(inputSize, encoderSize)))).(*gorgonia.Node)
	encBiases := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, encoderSize), gorgonia.WithName("encBiases"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, encoderSize)))).(*gorgonia.Node)
	encoderLayer := gorgonia.Must(gorgonia.Add(gorgonia.Must(gorgonia.Mul(x, encWeights)), encBiases))

	// Create decoder layer
	decWeights := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(encoderSize, decoderSize), gorgonia.WithName("decWeights"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(encoderSize, decoderSize)))).(*gorgonia.Node)
	decBiases := gorgonia.NewMatrix(g, tensor.Float64, gorgonia.WithShape(1, decoderSize), gorgonia.WithName("decBiases"), gorgonia.WithValue(gorgonia.NewMatrixValue(tensor.Float64, gorgonia.New(tensor.Of(tensor.Float64), gorgonia.WithShape(1, decoderSize)))).(*gorgonia.Node)
	decoderLayer := gorgonia.Must(gorgonia.Add(gorgonia.Must(gorgonia.Mul(encoderLayer, decWeights)), decBiases))

	// Define the loss function (e.g., mean squared error)
	loss := gorgonia.Must(gorgonia.Mean(gorgonia.Must(gorgonia.Square(gorgonia.Must(gorgonia.Sub(x, decoderLayer)))))

	// Create a gradient descent optimizer
	gradDesc := gorgonia.NewVanillaSolver(gorgonia.WithLearnRate(0.001))

	// Define the training operation
	gradDescOp, err := gorgonia.ApplyUpdates(encWeights, decWeights, encBiases, decBiases, gradDesc, gorgonia.NewGraph().Roots(loss))
	if err != nil {
	log.Fatal(err)
	}

	// Create a computation
	machine := gorgonia.NewTapeMachine(g, gorgonia.BindDualValues(encWeights, decWeights, encBiases, decBiases))

	// Simulated training data (replace with your data)
	trainingData := loadEmbeddings()

	for epoch := 0; epoch < 100; epoch++ {
	for _, data := range trainingData {
	// Set the input data
	gorgonia.Let(x, data)

	// Forward and backward pass
	if err := machine.RunAll(); err != nil {
	log.Fatal(err)
	}

	// Perform gradient descent
	gradDescOp()
	}
	}

	// Save the trained model for later use
	gorgonia.Save(g, "autoencoder_model")

	fmt.Println("Training complete.")
	}

	func loadEmbeddings() []float64 {
	return []float64{}
	}