Conditions | 20 |
Paths | 513 |
Total Lines | 94 |
Code Lines | 65 |
Lines | 0 |
Ratio | 0 % |
Changes | 2 | ||
Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
86 | public function analyze($sequenceId, $sequence) |
||
87 | { |
||
88 | $sequenceResult = new SequenceResult($sequenceId, 0, 0, 0, 0, $sequence); |
||
89 | if (sizeof($sequence) === 0) { |
||
90 | return $sequenceResult; |
||
91 | } |
||
92 | |||
93 | $files = ['written' => [], 'sizeWritten' => 0, 'deleted' => [], 'sizeDeleted' => 0, 'suspicious' => [], 'maybeSuspicious' => [], 'notSuspicious' => []]; |
||
94 | $suspicionScore = 0; |
||
95 | |||
96 | foreach ($sequence as $file) { |
||
97 | if ($file->getType() === 'file') { |
||
98 | switch ($file->getCommand()) { |
||
99 | case Monitor::WRITE: |
||
100 | $files['written'][] = $file; |
||
101 | $files['sizeWritten'] = $files['sizeWritten'] + $file->getSize(); |
||
102 | break; |
||
103 | case Monitor::READ: |
||
104 | break; |
||
105 | case Monitor::RENAME: |
||
106 | break; |
||
107 | case Monitor::DELETE: |
||
108 | $files['deleted'][] = $file; |
||
109 | $files['sizeDeleted'] = $files['sizeDeleted'] + $file->getSize(); |
||
110 | break; |
||
111 | case Monitor::CREATE: |
||
112 | break; |
||
113 | default: |
||
114 | break; |
||
115 | } |
||
116 | switch ($file->getSuspicionClass()) { |
||
117 | case Classifier::SUSPICIOUS: |
||
118 | $files['suspicious'][] = $file; |
||
119 | break; |
||
120 | case Classifier::MAYBE_SUSPICIOUS: |
||
121 | $files['maybeSuspicious'][] = $file; |
||
122 | break; |
||
123 | case Classifier::NOT_SUSPICIOUS: |
||
124 | $files['notSuspicious'][] = $file; |
||
125 | break; |
||
126 | case Classifier::NO_INFORMATION: |
||
127 | break; |
||
128 | default: |
||
129 | break; |
||
130 | } |
||
131 | } |
||
132 | } |
||
133 | |||
134 | // compare files written and files deleted |
||
135 | if (sizeof($files['written']) > 0 && sizeof($files['deleted']) > 0) { |
||
136 | $sequenceResult->setSizeWritten($files['sizeWritten']); |
||
137 | $sequenceResult->setSizeDeleted($files['sizeDeleted']); |
||
138 | $upperBound = sizeof($files['deleted']) + self::NUMBER_OF_INFO_FILES; |
||
139 | if (sizeof($files['written']) <= $upperBound && sizeof($files['written']) >= sizeof($files['deleted'])) { |
||
140 | if ($this->sequenceSizeAnalyzer->analyze($sequence) === SequenceSizeAnalyzer::EQUAL_SIZE) { |
||
141 | $sequenceResult->setQuantities(2); |
||
142 | $suspicionScore += 1; |
||
143 | } else { |
||
144 | $sequenceResult->setQuantities(1); |
||
145 | $suspicionScore += 0; |
||
146 | } |
||
147 | } |
||
148 | } |
||
149 | |||
150 | $numberOfWrittenFiles = sizeof($files['suspicious']) + sizeof($files['maybeSuspicious']) + sizeof($files['notSuspicious']); |
||
151 | |||
152 | // remove info files from the weight |
||
153 | $numberOfInfoFiles = self::NUMBER_OF_INFO_FILES; |
||
154 | if (sizeof($files['notSuspicious']) < self::NUMBER_OF_INFO_FILES) { |
||
155 | $numberOfInfoFiles = sizeof($files['notSuspicious']); |
||
156 | } |
||
157 | |||
158 | // weight the suspicion levels. |
||
159 | $suspicionSum = (sizeof($files['suspicious']) * 1) + (sizeof($files['maybeSuspicious']) * 0.5); |
||
160 | |||
161 | // check for division by zero. |
||
162 | if (($numberOfWrittenFiles - $numberOfInfoFiles) > 0) { |
||
163 | $sequenceResult->setFileSuspicion($suspicionSum / ($numberOfWrittenFiles - $numberOfInfoFiles)); |
||
164 | $suspicionScore += $suspicionSum / ($numberOfWrittenFiles - $numberOfInfoFiles); |
||
165 | } |
||
166 | |||
167 | // entropy funnelling |
||
168 | $entropyFunnelling = $this->entropyFunnellingAnalyzer->analyze($files['deleted'], $files['written']); |
||
169 | $sequenceResult->setEntropyFunnelling($entropyFunnelling); |
||
170 | $suspicionScore += $entropyFunnelling->getEntropyFunnelling(); |
||
171 | |||
172 | // check for file type funneling |
||
173 | $fileTypeFunnelling = $this->fileTypeFunnellingAnalyzer->analyze($sequence); |
||
174 | $sequenceResult->setFileTypeFunnelling($fileTypeFunnelling); |
||
175 | $suspicionScore += $fileTypeFunnelling; |
||
176 | |||
177 | $sequenceResult->setSuspicionScore($suspicionScore); |
||
178 | |||
179 | return $sequenceResult; |
||
180 | } |
||
182 |