package edu.uci.iotproject;
+import org.pcap4j.core.*;
+import org.pcap4j.packet.*;
+import org.pcap4j.packet.DnsPacket;
+import org.pcap4j.packet.namednumber.DnsResourceRecordType;
+
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+import java.io.EOFException;
+import java.net.UnknownHostException;
+import java.util.concurrent.TimeoutException;
/**
* TODO add class documentation.
public static final FlowPattern TP_LINK_LOCAL_ON;
+ /**
+ * Class properties
+ */
private final String patternId;
/**
* The hostname that this {@code FlowPattern} is associated with.
*/
- private final String hostname;
+ private final String hostname; // The hostname that this {@code FlowPattern} is associated with.
/**
* The order of packet lengths that defines this {@link FlowPattern}
* TODO: this is a simplified representation, we should also include information about direction of each packet.
*/
private final List<Integer> flowPacketOrder;
+
+ private final Map<String, List<Integer>> hostnameToPacketOrderMap;
+ private final PcapHandle pcap;
+
+ /**
+ * Class constants
+ */
+
+ /**
+ * Constructor #1
+ */
+ public FlowPattern(String patternId, String hostname, PcapHandle pcap) {
+ this.patternId = patternId;
+ this.hostname = hostname;
+ this.pcap = pcap;
+ this.hostnameToPacketOrderMap = null;
+ this.flowPacketOrder = new ArrayList<Integer>();
+ processPcap();
+ }
+
+ /**
+ * Process the PcapHandle to strip off unnecessary packets and just get the integer array of packet lengths
+ */
+ private void processPcap() {
+
+ PcapPacket packet;
+ try {
+ while ((packet = pcap.getNextPacketEx()) != null) {
+ // For now, we only work support pattern search in TCP over IPv4.
+ IpV4Packet ipPacket = packet.get(IpV4Packet.class);
+ TcpPacket tcpPacket = packet.get(TcpPacket.class);
+ if (ipPacket == null || tcpPacket == null)
+ continue;
+ if (tcpPacket.getPayload() == null) // We skip non-payload control packets as these are less predictable
+ continue;
+ int packetLength = tcpPacket.getPayload().length();
+ flowPacketOrder.add(packetLength);
+ }
+ } catch (EOFException eofe) {
+ System.out.println("[ FlowPattern ] Finished processing a training PCAP stream!");
+ System.out.println("[ FlowPattern ] Pattern for " + patternId + ": " + Arrays.toString(flowPacketOrder.toArray()));
+ } catch (PcapNativeException |
+ TimeoutException |
+ NotOpenException ex) {
+ ex.printStackTrace();
+ }
+ }
+
+ /**
+ * Constructor #2
+ *
+ * @param patternId Label for this pattern
+ * @param hostname Hostname associated with this pattern
+ * @param flowPacketOrder List of packets in order
+ */
public FlowPattern(String patternId, String hostname, List<Integer> flowPacketOrder) {
this.patternId = patternId;
this.hostname = hostname;
+ this.hostnameToPacketOrderMap = null;
+ this.pcap = null;
this.flowPacketOrder = Collections.unmodifiableList(flowPacketOrder);
}
+
+ /**
+ * Constructor #3
+ */
+ public FlowPattern(String patternId, String hostname, Map<String, List<Integer>> hostnameToPacketOrderMap) {
+ this.patternId = patternId;
+ this.hostname = hostname;
+ this.pcap = null;
+ this.flowPacketOrder = null;
+ this.hostnameToPacketOrderMap = Collections.unmodifiableMap(hostnameToPacketOrderMap);
+ }
public String getPatternId() {
return patternId;
public static void main(String[] args) throws PcapNativeException, NotOpenException, EOFException, TimeoutException, UnknownHostException {
//final String fileName = "/users/varmarken/Desktop/wlan1.local.dns.pcap";
final String fileName = "/home/rtrimana/pcap_processing/smart_home_traffic/Code/Projects/SmartPlugDetector/pcap/wlan1.local.remote.dns.pcap";
+ final String trainingFileName = "/home/rtrimana/pcap_processing/smart_home_traffic/Code/Projects/SmartPlugDetector/pcap/TP_LINK_LOCAL_OFF.pcap";
// ====== Debug code ======
PcapHandle handle;
+ PcapHandle trainingPcap;
try {
handle = Pcaps.openOffline(fileName, PcapHandle.TimestampPrecision.NANO);
+ trainingPcap = Pcaps.openOffline(trainingFileName, PcapHandle.TimestampPrecision.NANO);
} catch (PcapNativeException pne) {
handle = Pcaps.openOffline(fileName);
+ trainingPcap = Pcaps.openOffline(trainingFileName);
}
- FlowPatternFinder fpf = new FlowPatternFinder(handle, FlowPattern.TP_LINK_LOCAL_ON);
+ FlowPattern fp = new FlowPattern("TP_LINK_LOCAL_OFF", "events.tplinkra.com", trainingPcap);
+
+ //FlowPatternFinder fpf = new FlowPatternFinder(handle, FlowPattern.TP_LINK_LOCAL_ON);
+ FlowPatternFinder fpf = new FlowPatternFinder(handle, fp);
fpf.start();
// ========================
projects / pingpong.git / commitdiff