1 package edu.uci.iotproject.detection.layer2;
3 import edu.uci.iotproject.util.PcapPacketUtils;
4 import org.pcap4j.core.PcapPacket;
6 import java.util.ArrayList;
10 * Base class for layer 2 matchers ({@code Layer2SequenceMatcher} and {@code Layer2RangeMatcher}).
12 * @author Janus Varmarken {@literal <jvarmark@uci.edu>}
13 * @author Rahmadi Trimananda {@literal <rtrimana@uci.edu>}
15 abstract public class Layer2AbstractMatcher {
18 * Buffer of actual packets seen so far that match the searched range (i.e., constitutes a subsequence).
20 protected final List<PcapPacket> mMatchedPackets = new ArrayList<>();
23 * Models the directions of packets. As the sequence matcher assumes that it is only presented
24 * with packet from a single flow (packets exchanged between two devices), we can model the packet directions with a
25 * single bit. We don't have any notion "phone to device" or "device to phone" as we don't know the MAC addresses
26 * of devices in advance during matching.
28 protected final boolean[] mPacketDirections;
31 * Create a {@code Layer2AbstractMatcher}.
32 * @param sequence The sequence of the signature.
34 public Layer2AbstractMatcher(List<PcapPacket> sequence) {
35 mPacketDirections = new boolean[sequence.size()];
36 // Compute packet directions for sequence.
37 for (int i = 0; i < sequence.size(); i++) {
39 // No previous packet; boolean parameter is ignored in this special case.
40 mPacketDirections[i] = getPacketDirection(null, true, sequence.get(i));
42 // Base direction marker on direction of previous packet.
43 PcapPacket prevPkt = sequence.get(i-1);
44 boolean prevPktDirection = mPacketDirections[i-1];
45 mPacketDirections[i] = getPacketDirection(prevPkt, prevPktDirection, sequence.get(i));
51 * Compute the direction of a packet based on the previous packet. If no previous packet is provided, the direction
52 * of {@code currPkt} is {@code true} by definition.
53 * @param prevPkt The previous packet, if any.
54 * @param prevPktDirection The computed direction of the previous packet
55 * @param currPkt The current packet for which the direction is to be determined.
56 * @return The direction of {@code currPkt}.
58 protected boolean getPacketDirection(PcapPacket prevPkt, boolean prevPktDirection, PcapPacket currPkt) {
59 if (prevPkt == null) {
60 // By definition, use true as direction marker for first packet
63 if (PcapPacketUtils.getEthSrcAddr(prevPkt).equals(PcapPacketUtils.getEthSrcAddr(currPkt))) {
64 // Current packet goes in same direction as previous packet.
65 return prevPktDirection;
67 // Current packet goes in opposite direction of previous packet.
68 return !prevPktDirection;
73 * See the implementer class for the following method.
76 * @return {@code true} if this {@code Layer2SequenceMatcher} could advance by adding {@code packet} to its set of
77 * matched packets, {@code false} otherwise.
79 public abstract boolean matchPacket(PcapPacket packet);
82 * See the implementer class for the following method.
84 public abstract int getTargetSequencePacketCount();
86 public int getMatchedPacketsCount() {
87 return mMatchedPackets.size();
90 public List<PcapPacket> getMatchedPackets() {
91 return mMatchedPackets;
95 * Utility for {@code getMatchedPackets().get(getMatchedPackets().size()-1)}.
96 * @return The last matched packet, or {@code null} if no packets have been matched yet.
98 public PcapPacket getLastPacket() {
99 //return mSequence.size() > 0 ? mSequence.get(mSequence.size()-1) : null;
100 return mMatchedPackets.size() > 0 ? mMatchedPackets.get(mMatchedPackets.size()-1) : null;
projects / pingpong.git / blob