Here’s an old-school file name-based research… it is not game changing, it won’t bring any immediate solution, but it’s still worth doing today…<\/p>\n\n\n\n
The software we install (focus here is on Windows, as usual) creates a loooot of files, and while many of them seem to be completely random, whimsical in nature, especially with regards to their file names, they do end up forming a corpora of sort… Or, when bundled together, all these file names known to be created for legitimate purposes are a great material for research.<\/p>\n\n\n\n
For this post I collected 1.5M executable file names from Windows. They may not be a full set of file names ‘out there’, but it’s enough to play around with….<\/p>\n\n\n\n
I then looked at statistics of 2- and 3- and 4-character long infixes (ignoring any non [a-z] characters).<\/p>\n\n\n\n
The results are below:<\/p>\n\n\n\n
Using the latter, we can create regexes sets:<\/p>\n\n\n\n
Using these regexes sets you may actually get better at finding randomly named filenames! You will also find a lot of FPs, of course, but now you have a set of regexes you can tune to your needs…<\/p>\n\n\n\n
Can this be used in ML\/AI research?<\/p>\n\n\n\n
Yes, by all means, but the set of file names used as a base should be a loooot higher and collected in a more meaningful way. One can argue that f.ex. temporary files created by installers<\/a> could be excluded, we could also exclude file names that are following certain patterns in names (f.ex. starting with a dollar ‘$’, tilde ‘~’, or file names conforming to a pattern ‘<GUID>.exe’), we could reduce the corpora by understanding versioned file names (f.ex. ‘FirefoxSetup63.exe’, ‘FirefoxSetup64.0.2.exe’, etc.), we could ignore non-English file names (‘\u041c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 BIM \u0421\u0435\u0440\u0432\u0435\u0440\u0430 GRAPHISOFT 19.exe’, ‘\u8054\u7cfb\u6c49\u5316\u4f5c\u8005.exe’, etc.) or, artificially created file names that are used by many ‘download\/update’ managers (‘ICReinstall_’ as in ‘ICReinstall_any_video_converter.exe’, ‘ICReinstall_driver identifier.exe’, etc.), or … we could also focus entirely on signed installers only as well, or compiled within a certain timeframe f.ex. last decade).<\/p>\n\n\n\n As I said… it is not game changing, it won’t bring any immediate solution, but it’s still worth doing today… <\/p>\n\n\n\n And I will now answer the ‘why’:<\/p>\n\n\n\n – just to understand how hopeless the whole file name-matching idea is!<\/p>\n","protected":false},"excerpt":{"rendered":" Here’s an old-school file name-based research… it is not game changing, it won’t bring any immediate solution, but it’s still worth doing today… The software we install (focus here is on Windows, as usual) creates a loooot of files, and … Continue reading