1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
5 <!-- Generated by javadoc (1.8.0_191) on Thu Mar 28 11:26:59 PDT 2019 -->
6 <title>PcapPacketUtils</title>
7 <meta name="date" content="2019-03-28">
8 <link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
9 <script type="text/javascript" src="../../../../script.js"></script>
12 <script type="text/javascript"><!--
14 if (location.href.indexOf('is-external=true') == -1) {
15 parent.document.title="PcapPacketUtils";
21 var methods = {"i0":9,"i1":9,"i2":9,"i3":9,"i4":9,"i5":9,"i6":9,"i7":9,"i8":9,"i9":9,"i10":9,"i11":9,"i12":9,"i13":9,"i14":9,"i15":9,"i16":9,"i17":9,"i18":9,"i19":9,"i20":9,"i21":9};
22 var tabs = {65535:["t0","All Methods"],1:["t1","Static Methods"],8:["t4","Concrete Methods"]};
23 var altColor = "altColor";
24 var rowColor = "rowColor";
25 var tableTab = "tableTab";
26 var activeTableTab = "activeTableTab";
29 <div>JavaScript is disabled on your browser.</div>
31 <!-- ========= START OF TOP NAVBAR ======= -->
32 <div class="topNav"><a name="navbar.top">
35 <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
36 <a name="navbar.top.firstrow">
39 <ul class="navList" title="Navigation">
40 <li><a href="../../../../overview-summary.html">Overview</a></li>
41 <li><a href="package-summary.html">Package</a></li>
42 <li class="navBarCell1Rev">Class</li>
43 <li><a href="package-tree.html">Tree</a></li>
44 <li><a href="../../../../deprecated-list.html">Deprecated</a></li>
45 <li><a href="../../../../index-files/index-1.html">Index</a></li>
46 <li><a href="../../../../help-doc.html">Help</a></li>
51 <li>Prev Class</li>
52 <li><a href="../../../../edu/uci/iotproject/util/PrintUtils.html" title="class in edu.uci.iotproject.util"><span class="typeNameLink">Next Class</span></a></li>
55 <li><a href="../../../../index.html?edu/uci/iotproject/util/PcapPacketUtils.html" target="_top">Frames</a></li>
56 <li><a href="PcapPacketUtils.html" target="_top">No Frames</a></li>
58 <ul class="navList" id="allclasses_navbar_top">
59 <li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
62 <script type="text/javascript"><!--
63 allClassesLink = document.getElementById("allclasses_navbar_top");
65 allClassesLink.style.display = "block";
68 allClassesLink.style.display = "none";
74 <ul class="subNavList">
75 <li>Summary: </li>
76 <li>Nested | </li>
77 <li>Field | </li>
78 <li><a href="#constructor.summary">Constr</a> | </li>
79 <li><a href="#method.summary">Method</a></li>
81 <ul class="subNavList">
82 <li>Detail: </li>
83 <li>Field | </li>
84 <li><a href="#constructor.detail">Constr</a> | </li>
85 <li><a href="#method.detail">Method</a></li>
88 <a name="skip.navbar.top">
91 <!-- ========= END OF TOP NAVBAR ========= -->
92 <!-- ======== START OF CLASS DATA ======== -->
94 <div class="subTitle">edu.uci.iotproject.util</div>
95 <h2 title="Class PcapPacketUtils" class="title">Class PcapPacketUtils</h2>
97 <div class="contentContainer">
98 <ul class="inheritance">
99 <li>java.lang.Object</li>
101 <ul class="inheritance">
102 <li>edu.uci.iotproject.util.PcapPacketUtils</li>
106 <div class="description">
107 <ul class="blockList">
108 <li class="blockList">
111 <pre>public final class <span class="typeNameLabel">PcapPacketUtils</span>
112 extends java.lang.Object</pre>
113 <div class="block">Utility methods for inspecting <code>PcapPacket</code> properties.</div>
117 <div class="summary">
118 <ul class="blockList">
119 <li class="blockList">
120 <!-- ======== CONSTRUCTOR SUMMARY ======== -->
121 <ul class="blockList">
122 <li class="blockList"><a name="constructor.summary">
125 <h3>Constructor Summary</h3>
126 <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
127 <caption><span>Constructors</span><span class="tabEnd"> </span></caption>
129 <th class="colOne" scope="col">Constructor and Description</th>
131 <tr class="altColor">
132 <td class="colOne"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#PcapPacketUtils--">PcapPacketUtils</a></span>()</code> </td>
137 <!-- ========== METHOD SUMMARY =========== -->
138 <ul class="blockList">
139 <li class="blockList"><a name="method.summary">
142 <h3>Method Summary</h3>
143 <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
144 <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t1" class="tableTab"><span><a href="javascript:show(1);">Static Methods</a></span><span class="tabEnd"> </span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd"> </span></span></caption>
146 <th class="colFirst" scope="col">Modifier and Type</th>
147 <th class="colLast" scope="col">Method and Description</th>
149 <tr id="i0" class="altColor">
150 <td class="colFirst"><code>static java.util.List<java.util.List<org.pcap4j.core.PcapPacket>></code></td>
151 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#clusterToListOfPcapPackets-org.apache.commons.math3.stat.clustering.Cluster-">clusterToListOfPcapPackets</a></span>(org.apache.commons.math3.stat.clustering.Cluster<<a href="../../../../edu/uci/iotproject/analysis/PcapPacketPair.html" title="class in edu.uci.iotproject.analysis">PcapPacketPair</a>> cluster)</code>
152 <div class="block">Transform a <code>Cluster</code> of <code>PcapPacketPair</code> objects into a <code>List</code> of <code>List</code> of
153 <code>PcapPacket</code> objects.</div>
156 <tr id="i1" class="rowColor">
157 <td class="colFirst"><code>static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>></code></td>
158 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#concatSequences-java.util.List-java.util.List-">concatSequences</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
159 java.util.List<<a href="../../../../edu/uci/iotproject/trafficreassembly/layer3/Conversation.html" title="class in edu.uci.iotproject.trafficreassembly.layer3">Conversation</a>> conversations)</code>
160 <div class="block">Concatenate sequences in <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
163 <tr id="i2" class="altColor">
164 <td class="colFirst"><code>static java.util.List<java.util.List<org.pcap4j.core.PcapPacket>></code></td>
165 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#extractRangeCorePoints-java.util.List-double-int-">extractRangeCorePoints</a></span>(java.util.List<java.util.List<org.pcap4j.core.PcapPacket>> pairs,
167 int minPts)</code>
168 <div class="block">Extract core point range in the form of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
171 <tr id="i3" class="rowColor">
172 <td class="colFirst"><code>static java.lang.String</code></td>
173 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getDestinationIp-org.pcap4j.core.PcapPacket-">getDestinationIp</a></span>(org.pcap4j.core.PcapPacket packet)</code>
174 <div class="block">Gets the destination IP (in decimal format) of an IPv4 packet.</div>
177 <tr id="i4" class="altColor">
178 <td class="colFirst"><code>static int</code></td>
179 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getDestinationPort-org.pcap4j.core.PcapPacket-">getDestinationPort</a></span>(org.pcap4j.core.PcapPacket packet)</code>
180 <div class="block">Gets the destination port of a TCP packet.</div>
183 <tr id="i5" class="rowColor">
184 <td class="colFirst"><code>static org.pcap4j.util.MacAddress</code></td>
185 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getEthDstAddr-org.pcap4j.core.PcapPacket-">getEthDstAddr</a></span>(org.pcap4j.core.PcapPacket packet)</code>
186 <div class="block">Gets the destination address of the Ethernet part of <code>packet</code>.</div>
189 <tr id="i6" class="altColor">
190 <td class="colFirst"><code>static org.pcap4j.util.MacAddress</code></td>
191 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getEthSrcAddr-org.pcap4j.core.PcapPacket-">getEthSrcAddr</a></span>(org.pcap4j.core.PcapPacket packet)</code>
192 <div class="block">Gets the source address of the Ethernet part of <code>packet</code>.</div>
195 <tr id="i7" class="rowColor">
196 <td class="colFirst"><code>static java.lang.String</code></td>
197 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getSourceIp-org.pcap4j.core.PcapPacket-">getSourceIp</a></span>(org.pcap4j.core.PcapPacket packet)</code>
198 <div class="block">Gets the source IP (in decimal format) of an IPv4 packet.</div>
201 <tr id="i8" class="altColor">
202 <td class="colFirst"><code>static int</code></td>
203 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#getSourcePort-org.pcap4j.core.PcapPacket-">getSourcePort</a></span>(org.pcap4j.core.PcapPacket packet)</code>
204 <div class="block">Gets the source port of a TCP packet.</div>
207 <tr id="i9" class="rowColor">
208 <td class="colFirst"><code>static boolean</code></td>
209 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isAck-org.pcap4j.core.PcapPacket-">isAck</a></span>(org.pcap4j.core.PcapPacket packet)</code>
210 <div class="block">Checks if <code>packet</code> wraps a TCP packet th at has the ACK flag set.</div>
213 <tr id="i10" class="altColor">
214 <td class="colFirst"><code>static boolean</code></td>
215 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isConservativeChecking-java.util.List-java.util.List-double-">isConservativeChecking</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
216 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> otherSignature,
217 double eps)</code>
218 <div class="block">Check if there is any overlap between the signature stored in this class and another signature.</div>
221 <tr id="i11" class="rowColor">
222 <td class="colFirst"><code>static boolean</code></td>
223 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isDestination-org.pcap4j.core.PcapPacket-java.lang.String-int-">isDestination</a></span>(org.pcap4j.core.PcapPacket packet,
224 java.lang.String ip,
225 int port)</code>
226 <div class="block">Helper method to determine if the given combination of IP and port matches the destination of the given packet.</div>
229 <tr id="i12" class="altColor">
230 <td class="colFirst"><code>static boolean</code></td>
231 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isDstIpLocal-org.pcap4j.core.PcapPacket-">isDstIpLocal</a></span>(org.pcap4j.core.PcapPacket packet)</code>
232 <div class="block">Checks if the destination IP address of the <code>IpV4Packet</code> contained in <code>packet</code> is a local address,
233 i.e., if it pertains to subnet 10.0.0.0/8, 172.16.0.0/16, or 192.168.0.0/16.</div>
236 <tr id="i13" class="rowColor">
237 <td class="colFirst"><code>static boolean</code></td>
238 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isRangeBasedMatching-java.util.List-double-java.util.List...-">isRangeBasedMatching</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
240 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>>... otherSignatures)</code>
241 <div class="block">Test the conservativeness of the signatures (basically whether we want strict or range-based matching).</div>
244 <tr id="i14" class="altColor">
245 <td class="colFirst"><code>static boolean</code></td>
246 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isSource-org.pcap4j.core.PcapPacket-java.lang.String-int-">isSource</a></span>(org.pcap4j.core.PcapPacket packet,
247 java.lang.String ip,
248 int port)</code>
249 <div class="block">Helper method to determine if the given combination of IP and port matches the source of the given packet.</div>
252 <tr id="i15" class="rowColor">
253 <td class="colFirst"><code>static boolean</code></td>
254 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isSrcIpLocal-org.pcap4j.core.PcapPacket-">isSrcIpLocal</a></span>(org.pcap4j.core.PcapPacket packet)</code>
255 <div class="block">Checks if the source IP address of the <code>IpV4Packet</code> contained in <code>packet</code> is a local address, i.e.,
256 if it pertains to subnet 10.0.0.0/8, 172.16.0.0/16, or 192.168.0.0/16.</div>
259 <tr id="i16" class="altColor">
260 <td class="colFirst"><code>static boolean</code></td>
261 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isSyn-org.pcap4j.core.PcapPacket-">isSyn</a></span>(org.pcap4j.core.PcapPacket packet)</code>
262 <div class="block">Checks if <code>packet</code> wraps a TCP packet that has the SYN flag set.</div>
265 <tr id="i17" class="rowColor">
266 <td class="colFirst"><code>static boolean</code></td>
267 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#isTcp-org.pcap4j.core.PcapPacket-">isTcp</a></span>(org.pcap4j.core.PcapPacket packet)</code>
268 <div class="block">Determines if a given <code>PcapPacket</code> wraps a <code>TcpPacket</code>.</div>
271 <tr id="i18" class="altColor">
272 <td class="colFirst"><code>static void</code></td>
273 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#printSignatures-java.util.List-java.io.PrintWriter-boolean-">printSignatures</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
274 java.io.PrintWriter resultsWriter,
275 boolean printToOutput)</code>
276 <div class="block">Print signatures in <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
279 <tr id="i19" class="rowColor">
280 <td class="colFirst"><code>static void</code></td>
281 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#removeSequenceFromSignature-java.util.List-int-">removeSequenceFromSignature</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
282 int sequenceIndex)</code>
283 <div class="block">Remove a sequence in a signature object.</div>
286 <tr id="i20" class="altColor">
287 <td class="colFirst"><code>static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>></code></td>
288 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#sortSequences-java.util.List-">sortSequences</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures)</code>
289 <div class="block">Sort the sequences in the <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
292 <tr id="i21" class="rowColor">
293 <td class="colFirst"><code>static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>></code></td>
294 <td class="colLast"><code><span class="memberNameLink"><a href="../../../../edu/uci/iotproject/util/PcapPacketUtils.html#useRangeBasedMatching-java.util.List-java.util.List-">useRangeBasedMatching</a></span>(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
295 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> corePointRange)</code>
296 <div class="block">Test the conservativeness of the signatures (basically whether we want strict or range-based matching).</div>
300 <ul class="blockList">
301 <li class="blockList"><a name="methods.inherited.from.class.java.lang.Object">
304 <h3>Methods inherited from class java.lang.Object</h3>
305 <code>equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
312 <div class="details">
313 <ul class="blockList">
314 <li class="blockList">
315 <!-- ========= CONSTRUCTOR DETAIL ======== -->
316 <ul class="blockList">
317 <li class="blockList"><a name="constructor.detail">
320 <h3>Constructor Detail</h3>
321 <a name="PcapPacketUtils--">
324 <ul class="blockListLast">
325 <li class="blockList">
326 <h4>PcapPacketUtils</h4>
327 <pre>public PcapPacketUtils()</pre>
332 <!-- ============ METHOD DETAIL ========== -->
333 <ul class="blockList">
334 <li class="blockList"><a name="method.detail">
337 <h3>Method Detail</h3>
338 <a name="getEthSrcAddr-org.pcap4j.core.PcapPacket-">
341 <ul class="blockList">
342 <li class="blockList">
343 <h4>getEthSrcAddr</h4>
344 <pre>public static org.pcap4j.util.MacAddress getEthSrcAddr(org.pcap4j.core.PcapPacket packet)</pre>
345 <div class="block">Gets the source address of the Ethernet part of <code>packet</code>.</div>
347 <dt><span class="paramLabel">Parameters:</span></dt>
348 <dd><code>packet</code> - The packet for which the Ethernet source address is to be extracted.</dd>
349 <dt><span class="returnLabel">Returns:</span></dt>
350 <dd>The source address of the Ethernet part of <code>packet</code>.</dd>
354 <a name="getEthDstAddr-org.pcap4j.core.PcapPacket-">
357 <ul class="blockList">
358 <li class="blockList">
359 <h4>getEthDstAddr</h4>
360 <pre>public static org.pcap4j.util.MacAddress getEthDstAddr(org.pcap4j.core.PcapPacket packet)</pre>
361 <div class="block">Gets the destination address of the Ethernet part of <code>packet</code>.</div>
363 <dt><span class="paramLabel">Parameters:</span></dt>
364 <dd><code>packet</code> - The packet for which the Ethernet destination address is to be extracted.</dd>
365 <dt><span class="returnLabel">Returns:</span></dt>
366 <dd>The destination address of the Ethernet part of <code>packet</code>.</dd>
370 <a name="isTcp-org.pcap4j.core.PcapPacket-">
373 <ul class="blockList">
374 <li class="blockList">
376 <pre>public static boolean isTcp(org.pcap4j.core.PcapPacket packet)</pre>
377 <div class="block">Determines if a given <code>PcapPacket</code> wraps a <code>TcpPacket</code>.</div>
379 <dt><span class="paramLabel">Parameters:</span></dt>
380 <dd><code>packet</code> - The <code>PcapPacket</code> to inspect.</dd>
381 <dt><span class="returnLabel">Returns:</span></dt>
382 <dd><code>true</code> if <code>packet</code> wraps a <code>TcpPacket</code>, <code>false</code> otherwise.</dd>
386 <a name="getSourceIp-org.pcap4j.core.PcapPacket-">
389 <ul class="blockList">
390 <li class="blockList">
392 <pre>public static java.lang.String getSourceIp(org.pcap4j.core.PcapPacket packet)</pre>
393 <div class="block">Gets the source IP (in decimal format) of an IPv4 packet.</div>
395 <dt><span class="paramLabel">Parameters:</span></dt>
396 <dd><code>packet</code> - The packet for which the IPv4 source address is to be extracted.</dd>
397 <dt><span class="returnLabel">Returns:</span></dt>
398 <dd>The decimal representation of the source IP of <code>packet</code> <em>iff</em> <code>packet</code> wraps an
399 <code>IpV4Packet</code>.</dd>
400 <dt><span class="throwsLabel">Throws:</span></dt>
401 <dd><code>java.lang.NullPointerException</code> - if <code>packet</code> does not encapsulate an <code>IpV4Packet</code>.</dd>
405 <a name="getDestinationIp-org.pcap4j.core.PcapPacket-">
408 <ul class="blockList">
409 <li class="blockList">
410 <h4>getDestinationIp</h4>
411 <pre>public static java.lang.String getDestinationIp(org.pcap4j.core.PcapPacket packet)</pre>
412 <div class="block">Gets the destination IP (in decimal format) of an IPv4 packet.</div>
414 <dt><span class="paramLabel">Parameters:</span></dt>
415 <dd><code>packet</code> - The packet for which the IPv4 source address is to be extracted.</dd>
416 <dt><span class="returnLabel">Returns:</span></dt>
417 <dd>The decimal representation of the destination IP of <code>packet</code> <em>iff</em> <code>packet</code> wraps an
418 <code>IpV4Packet</code>.</dd>
419 <dt><span class="throwsLabel">Throws:</span></dt>
420 <dd><code>java.lang.NullPointerException</code> - if <code>packet</code> does not encapsulate an <code>IpV4Packet</code>.</dd>
424 <a name="getSourcePort-org.pcap4j.core.PcapPacket-">
427 <ul class="blockList">
428 <li class="blockList">
429 <h4>getSourcePort</h4>
430 <pre>public static int getSourcePort(org.pcap4j.core.PcapPacket packet)</pre>
431 <div class="block">Gets the source port of a TCP packet.</div>
433 <dt><span class="paramLabel">Parameters:</span></dt>
434 <dd><code>packet</code> - The packet for which the source port is to be extracted.</dd>
435 <dt><span class="returnLabel">Returns:</span></dt>
436 <dd>The source port of the <code>TcpPacket</code> encapsulated by <code>packet</code>.</dd>
437 <dt><span class="throwsLabel">Throws:</span></dt>
438 <dd><code>java.lang.IllegalArgumentException</code> - if <code>packet</code> does not encapsulate a <code>TcpPacket</code>.</dd>
442 <a name="getDestinationPort-org.pcap4j.core.PcapPacket-">
445 <ul class="blockList">
446 <li class="blockList">
447 <h4>getDestinationPort</h4>
448 <pre>public static int getDestinationPort(org.pcap4j.core.PcapPacket packet)</pre>
449 <div class="block">Gets the destination port of a TCP packet.</div>
451 <dt><span class="paramLabel">Parameters:</span></dt>
452 <dd><code>packet</code> - The packet for which the destination port is to be extracted.</dd>
453 <dt><span class="returnLabel">Returns:</span></dt>
454 <dd>The destination port of the <code>TcpPacket</code> encapsulated by <code>packet</code>.</dd>
455 <dt><span class="throwsLabel">Throws:</span></dt>
456 <dd><code>java.lang.IllegalArgumentException</code> - if <code>packet</code> does not encapsulate a <code>TcpPacket</code>.</dd>
460 <a name="isSource-org.pcap4j.core.PcapPacket-java.lang.String-int-">
463 <ul class="blockList">
464 <li class="blockList">
466 <pre>public static boolean isSource(org.pcap4j.core.PcapPacket packet,
467 java.lang.String ip,
469 <div class="block">Helper method to determine if the given combination of IP and port matches the source of the given packet.</div>
471 <dt><span class="paramLabel">Parameters:</span></dt>
472 <dd><code>packet</code> - The packet to check.</dd>
473 <dd><code>ip</code> - The IP to look for in the ip.src field of <code>packet</code>.</dd>
474 <dd><code>port</code> - The port to look for in the tcp.port field of <code>packet</code>.</dd>
475 <dt><span class="returnLabel">Returns:</span></dt>
476 <dd><code>true</code> if the given ip+port match the corresponding fields in <code>packet</code>.</dd>
480 <a name="isDestination-org.pcap4j.core.PcapPacket-java.lang.String-int-">
483 <ul class="blockList">
484 <li class="blockList">
485 <h4>isDestination</h4>
486 <pre>public static boolean isDestination(org.pcap4j.core.PcapPacket packet,
487 java.lang.String ip,
489 <div class="block">Helper method to determine if the given combination of IP and port matches the destination of the given packet.</div>
491 <dt><span class="paramLabel">Parameters:</span></dt>
492 <dd><code>packet</code> - The packet to check.</dd>
493 <dd><code>ip</code> - The IP to look for in the ip.dst field of <code>packet</code>.</dd>
494 <dd><code>port</code> - The port to look for in the tcp.dstport field of <code>packet</code>.</dd>
495 <dt><span class="returnLabel">Returns:</span></dt>
496 <dd><code>true</code> if the given ip+port match the corresponding fields in <code>packet</code>.</dd>
500 <a name="isSrcIpLocal-org.pcap4j.core.PcapPacket-">
503 <ul class="blockList">
504 <li class="blockList">
505 <h4>isSrcIpLocal</h4>
506 <pre>public static boolean isSrcIpLocal(org.pcap4j.core.PcapPacket packet)</pre>
507 <div class="block">Checks if the source IP address of the <code>IpV4Packet</code> contained in <code>packet</code> is a local address, i.e.,
508 if it pertains to subnet 10.0.0.0/8, 172.16.0.0/16, or 192.168.0.0/16.</div>
510 <dt><span class="paramLabel">Parameters:</span></dt>
511 <dd><code>packet</code> - The packet for which the source IP address is to be examined.</dd>
512 <dt><span class="returnLabel">Returns:</span></dt>
513 <dd><code>true</code> if <code>packet</code> wraps a <code>IpV4Packet</code> for which the source IP address is a local IP
514 address, <code>false</code> otherwise.</dd>
515 <dt><span class="throwsLabel">Throws:</span></dt>
516 <dd><code>java.lang.NullPointerException</code> - if <code>packet</code> does not encapsulate an <code>IpV4Packet</code>.</dd>
520 <a name="isDstIpLocal-org.pcap4j.core.PcapPacket-">
523 <ul class="blockList">
524 <li class="blockList">
525 <h4>isDstIpLocal</h4>
526 <pre>public static boolean isDstIpLocal(org.pcap4j.core.PcapPacket packet)</pre>
527 <div class="block">Checks if the destination IP address of the <code>IpV4Packet</code> contained in <code>packet</code> is a local address,
528 i.e., if it pertains to subnet 10.0.0.0/8, 172.16.0.0/16, or 192.168.0.0/16.</div>
530 <dt><span class="paramLabel">Parameters:</span></dt>
531 <dd><code>packet</code> - The packet for which the destination IP address is to be examined.</dd>
532 <dt><span class="returnLabel">Returns:</span></dt>
533 <dd><code>true</code> if <code>packet</code> wraps a <code>IpV4Packet</code> for which the destination IP address is a local
534 IP address, <code>false</code> otherwise.</dd>
535 <dt><span class="throwsLabel">Throws:</span></dt>
536 <dd><code>java.lang.NullPointerException</code> - if <code>packet</code> does not encapsulate an <code>IpV4Packet</code>.</dd>
540 <a name="isSyn-org.pcap4j.core.PcapPacket-">
543 <ul class="blockList">
544 <li class="blockList">
546 <pre>public static boolean isSyn(org.pcap4j.core.PcapPacket packet)</pre>
547 <div class="block">Checks if <code>packet</code> wraps a TCP packet that has the SYN flag set.</div>
549 <dt><span class="paramLabel">Parameters:</span></dt>
550 <dd><code>packet</code> - A <code>PcapPacket</code> that is suspected to contain a <code>TcpPacket</code> for which the SYN flag is set.</dd>
551 <dt><span class="returnLabel">Returns:</span></dt>
552 <dd><code>true</code> <em>iff</em> <code>packet</code> contains a <code>TcpPacket</code> for which the SYN flag is set,
553 <code>false</code> otherwise.</dd>
557 <a name="isAck-org.pcap4j.core.PcapPacket-">
560 <ul class="blockList">
561 <li class="blockList">
563 <pre>public static boolean isAck(org.pcap4j.core.PcapPacket packet)</pre>
564 <div class="block">Checks if <code>packet</code> wraps a TCP packet th at has the ACK flag set.</div>
566 <dt><span class="paramLabel">Parameters:</span></dt>
567 <dd><code>packet</code> - A <code>PcapPacket</code> that is suspected to contain a <code>TcpPacket</code> for which the ACK flag is set.</dd>
568 <dt><span class="returnLabel">Returns:</span></dt>
569 <dd><code>true</code> <em>iff</em> <code>packet</code> contains a <code>TcpPacket</code> for which the ACK flag is set,
570 <code>false</code> otherwise.</dd>
574 <a name="clusterToListOfPcapPackets-org.apache.commons.math3.stat.clustering.Cluster-">
577 <ul class="blockList">
578 <li class="blockList">
579 <h4>clusterToListOfPcapPackets</h4>
580 <pre>public static java.util.List<java.util.List<org.pcap4j.core.PcapPacket>> clusterToListOfPcapPackets(org.apache.commons.math3.stat.clustering.Cluster<<a href="../../../../edu/uci/iotproject/analysis/PcapPacketPair.html" title="class in edu.uci.iotproject.analysis">PcapPacketPair</a>> cluster)</pre>
581 <div class="block">Transform a <code>Cluster</code> of <code>PcapPacketPair</code> objects into a <code>List</code> of <code>List</code> of
582 <code>PcapPacket</code> objects.</div>
584 <dt><span class="paramLabel">Parameters:</span></dt>
585 <dd><code>cluster</code> - A <code>Cluster</code> of <a href="../../../../edu/uci/iotproject/analysis/PcapPacketPair.html" title="class in edu.uci.iotproject.analysis"><code>PcapPacketPair</code></a> objects that needs to be transformed.</dd>
586 <dt><span class="returnLabel">Returns:</span></dt>
587 <dd>A <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects as the result of the transformation.</dd>
591 <a name="concatSequences-java.util.List-java.util.List-">
594 <ul class="blockList">
595 <li class="blockList">
596 <h4>concatSequences</h4>
597 <pre>public static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> concatSequences(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
598 java.util.List<<a href="../../../../edu/uci/iotproject/trafficreassembly/layer3/Conversation.html" title="class in edu.uci.iotproject.trafficreassembly.layer3">Conversation</a>> conversations)</pre>
599 <div class="block">Concatenate sequences in <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.
600 We cross-check these with <code>List</code> of <code>Conversation</code> objects to see
601 if two <code>List</code> of <code>PcapPacket</code> objects actually belong to the same <code>Conversation</code>.</div>
603 <dt><span class="paramLabel">Parameters:</span></dt>
604 <dd><code>signatures</code> - A <code>List</code> of <code>List</code> of <code>List</code> of
605 <code>PcapPacket</code> objects that needs to be checked and concatenated.</dd>
606 <dd><code>conversations</code> - A <code>List</code> of <a href="../../../../edu/uci/iotproject/trafficreassembly/layer3/Conversation.html" title="class in edu.uci.iotproject.trafficreassembly.layer3"><code>Conversation</code></a> objects as reference for concatenation.</dd>
607 <dt><span class="returnLabel">Returns:</span></dt>
608 <dd>A <code>List</code> of <code>List</code> of <code>List</code> of
609 <code>PcapPacket</code> objects as the result of the concatenation.</dd>
613 <a name="sortSequences-java.util.List-">
616 <ul class="blockList">
617 <li class="blockList">
618 <h4>sortSequences</h4>
619 <pre>public static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> sortSequences(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures)</pre>
620 <div class="block">Sort the sequences in the <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.
621 The purpose of this is to sort the order of sequences in the sequence list. For detection purposes, we need
622 to know if one sequence occurs earlier/later in time with respect to the other sequences for more confidence
623 in detecting the occurrence of an event.</div>
625 <dt><span class="paramLabel">Parameters:</span></dt>
626 <dd><code>signatures</code> - A <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects that needs sorting.
627 We assume that innermost <code>List</code> of <code>PcapPacket</code> objects have been sorted ascending
628 by timestamps. By the time we use this method, we should have sorted it when calling the
629 <code>clusterToListOfPcapPackets</code> method.</dd>
630 <dt><span class="returnLabel">Returns:</span></dt>
631 <dd>A sorted <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</dd>
635 <a name="printSignatures-java.util.List-java.io.PrintWriter-boolean-">
638 <ul class="blockList">
639 <li class="blockList">
640 <h4>printSignatures</h4>
641 <pre>public static void printSignatures(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
642 java.io.PrintWriter resultsWriter,
643 boolean printToOutput)</pre>
644 <div class="block">Print signatures in <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
646 <dt><span class="paramLabel">Parameters:</span></dt>
647 <dd><code>signatures</code> - A <code>List</code> of <code>List</code> of <code>List</code> of
648 <code>PcapPacket</code> objects that needs to be printed.</dd>
649 <dd><code>resultsWriter</code> - PrintWriter object to write into log file.</dd>
650 <dd><code>printToOutput</code> - Boolean to decide whether to print out to screen or just log file.</dd>
654 <a name="extractRangeCorePoints-java.util.List-double-int-">
657 <ul class="blockList">
658 <li class="blockList">
659 <h4>extractRangeCorePoints</h4>
660 <pre>public static java.util.List<java.util.List<org.pcap4j.core.PcapPacket>> extractRangeCorePoints(java.util.List<java.util.List<org.pcap4j.core.PcapPacket>> pairs,
662 int minPts)</pre>
663 <div class="block">Extract core point range in the form of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects.</div>
665 <dt><span class="paramLabel">Parameters:</span></dt>
666 <dd><code>pairs</code> - The pairs for core points extraction.</dd>
667 <dd><code>eps</code> - Epsilon value for the DBSCAN algorithm.</dd>
668 <dd><code>minPts</code> - minPts value for the DBSCAN algorithm.</dd>
669 <dt><span class="returnLabel">Returns:</span></dt>
670 <dd>A <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects that contains core points range
671 in the first and second element.</dd>
675 <a name="isRangeBasedMatching-java.util.List-double-java.util.List...-">
678 <ul class="blockList">
679 <li class="blockList">
680 <h4>isRangeBasedMatching</h4>
681 <pre>public static boolean isRangeBasedMatching(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
683 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>>... otherSignatures)</pre>
684 <div class="block">Test the conservativeness of the signatures (basically whether we want strict or range-based matching).
685 We go for a conservative approach (strict matching) when there is no range or there are ranges but the
686 ranges overlap across multiple signatures, e.g., ON and OFF signatures.</div>
688 <dt><span class="paramLabel">Parameters:</span></dt>
689 <dd><code>signature</code> - The signature we want to check and overwrite if needed.</dd>
690 <dd><code>eps</code> - Epsilon value for the DBSCAN algorithm.</dd>
691 <dd><code>otherSignatures</code> - Other signatures we want to check against this signature.</dd>
692 <dt><span class="returnLabel">Returns:</span></dt>
693 <dd>A boolean that is True when range-based matching is used.</dd>
697 <a name="useRangeBasedMatching-java.util.List-java.util.List-">
700 <ul class="blockList">
701 <li class="blockList">
702 <h4>useRangeBasedMatching</h4>
703 <pre>public static java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> useRangeBasedMatching(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
704 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> corePointRange)</pre>
705 <div class="block">Test the conservativeness of the signatures (basically whether we want strict or range-based matching).
706 We go for a conservative approach (strict matching) when there is no range or there are ranges but the
707 ranges overlap across multiple signatures, e.g., ON and OFF signatures.</div>
709 <dt><span class="paramLabel">Parameters:</span></dt>
710 <dd><code>signature</code> - The signature we want to check and overwrite if needed.</dd>
711 <dd><code>corePointRange</code> - The core points range of this signature.</dd>
712 <dt><span class="returnLabel">Returns:</span></dt>
713 <dd>A boolean that is True when range-based matching is used.</dd>
717 <a name="isConservativeChecking-java.util.List-java.util.List-double-">
720 <ul class="blockList">
721 <li class="blockList">
722 <h4>isConservativeChecking</h4>
723 <pre>public static boolean isConservativeChecking(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signature,
724 java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> otherSignature,
725 double eps)</pre>
726 <div class="block">Check if there is any overlap between the signature stored in this class and another signature.
728 1) If both signatures do not have any range, then we need to do conservative checking (return true).
729 2) If both signatures have the same number of packets/packet lengths, then we check the range; if the
730 numbers of packets/packet lengths are different then we assume that there is no overlap.
731 3) If there is any range in the signatures, then we need to check for overlap.
732 4) If there is overlap for EVERY packet/packet length, then we return true (conservative checking);
733 otherwise false (range-based checking).</div>
735 <dt><span class="paramLabel">Parameters:</span></dt>
736 <dd><code>signature</code> - A <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects to be checked
737 for overlaps with the other signature.</dd>
738 <dd><code>otherSignature</code> - A <code>List</code> of <code>List</code> of <code>List</code> of <code>PcapPacket</code> objects to be checked
739 for overlaps with the signature.</dd>
740 <dd><code>eps</code> - Epsilon value for the DBSCAN algorithm.</dd>
741 <dt><span class="returnLabel">Returns:</span></dt>
742 <dd>A boolean that is true if there is an overlap; false otherwise.</dd>
746 <a name="removeSequenceFromSignature-java.util.List-int-">
749 <ul class="blockListLast">
750 <li class="blockList">
751 <h4>removeSequenceFromSignature</h4>
752 <pre>public static void removeSequenceFromSignature(java.util.List<java.util.List<java.util.List<org.pcap4j.core.PcapPacket>>> signatures,
753 int sequenceIndex)</pre>
754 <div class="block">Remove a sequence in a signature object.</div>
756 <dt><span class="paramLabel">Parameters:</span></dt>
757 <dd><code>signatures</code> - A <code>List</code> of <code>List</code> of <code>List</code> of
758 <code>PcapPacket</code> objects.</dd>
759 <dd><code>sequenceIndex</code> - An index for a sequence that consists of {<code>List</code> of <code>List</code> of
760 <code>PcapPacket</code> objects.</dd>
770 <!-- ========= END OF CLASS DATA ========= -->
771 <!-- ======= START OF BOTTOM NAVBAR ====== -->
772 <div class="bottomNav"><a name="navbar.bottom">
775 <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
776 <a name="navbar.bottom.firstrow">
779 <ul class="navList" title="Navigation">
780 <li><a href="../../../../overview-summary.html">Overview</a></li>
781 <li><a href="package-summary.html">Package</a></li>
782 <li class="navBarCell1Rev">Class</li>
783 <li><a href="package-tree.html">Tree</a></li>
784 <li><a href="../../../../deprecated-list.html">Deprecated</a></li>
785 <li><a href="../../../../index-files/index-1.html">Index</a></li>
786 <li><a href="../../../../help-doc.html">Help</a></li>
791 <li>Prev Class</li>
792 <li><a href="../../../../edu/uci/iotproject/util/PrintUtils.html" title="class in edu.uci.iotproject.util"><span class="typeNameLink">Next Class</span></a></li>
795 <li><a href="../../../../index.html?edu/uci/iotproject/util/PcapPacketUtils.html" target="_top">Frames</a></li>
796 <li><a href="PcapPacketUtils.html" target="_top">No Frames</a></li>
798 <ul class="navList" id="allclasses_navbar_bottom">
799 <li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
802 <script type="text/javascript"><!--
803 allClassesLink = document.getElementById("allclasses_navbar_bottom");
805 allClassesLink.style.display = "block";
808 allClassesLink.style.display = "none";
814 <ul class="subNavList">
815 <li>Summary: </li>
816 <li>Nested | </li>
817 <li>Field | </li>
818 <li><a href="#constructor.summary">Constr</a> | </li>
819 <li><a href="#method.summary">Method</a></li>
821 <ul class="subNavList">
822 <li>Detail: </li>
823 <li>Field | </li>
824 <li><a href="#constructor.detail">Constr</a> | </li>
825 <li><a href="#method.detail">Method</a></li>
828 <a name="skip.navbar.bottom">
831 <!-- ======== END OF BOTTOM NAVBAR ======= -->