JSON_KEY_FRAME_TIME = "frame.time"
TABLE_HEADER_X = "Timestamp (hh:mm:ss)"
TABLE_HEADER_Y = "Packet frequency (pps)"
+INCOMING_APPENDIX = "_incoming"
+OUTGOING_APPENDIX = "_outgoing"
+FILE_APPENDIX = ".dat"
# Use this constant as a flag
WINDOW_SIZE = 5
-USE_MOVING_AVERAGE = True
+USE_MOVING_AVERAGE = False
def moving_average(array, window=3):
return retarr
-def save_to_file(tbl_header, dictionary, filename_out):
+def save_to_file(tblheader, dictionary, filenameout):
""" Show summary of statistics of PCAP file
Args:
- tbl_header: header for the saved table
+ tblheader: header for the saved table
dictionary: dictionary to be saved
filename_out: file name to save
"""
# Appending, not overwriting!
- f = open(filename_out, 'a')
+ f = open(filenameout, 'a')
# Write the table header
- f.write("# " + TABLE_HEADER_X + " " + TABLE_HEADER_Y + "\n");
+ f.write("# " + tblheader + "\n")
+ f.write("# " + TABLE_HEADER_X + " " + TABLE_HEADER_Y + "\n")
# Write "0 0" if dictionary is empty
if not dictionary:
- f.write("0 0");
+ f.write("0 0")
f.close()
- print "Writing zeroes to file: ", filename_out
+ print "Writing zeroes to file: ", filenameout
return
if USE_MOVING_AVERAGE:
# Space separated
f.write(str(key) + " " + str(dictionary[key]) + "\n")
f.close()
- print "Writing output to file: ", filename_out
+ print "Writing output to file: ", filenameout
def main():
print "Usage: python", sys.argv[0], "<input_file> <output_file> <device_name> <mac_address>"
return
# Parse the file for the specified MAC address
- time_freq = parse_json(sys.argv[1], sys.argv[4])
+ timefreq_incoming = parse_json(sys.argv[1], sys.argv[4], True)
+ timefreq_outgoing = parse_json(sys.argv[1], sys.argv[4], False)
# Write statistics into file
- save_to_file(sys.argv[3], time_freq, sys.argv[2])
+ print "====================================================================="
+ print "==> Analyzing incoming traffic ..."
+ save_to_file(sys.argv[3] + INCOMING_APPENDIX, timefreq_incoming, sys.argv[2] + INCOMING_APPENDIX + FILE_APPENDIX)
+ print "====================================================================="
+ print "==> Analyzing outgoing traffic ..."
+ save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timefreq_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX)
print "====================================================================="
#for time in time_freq.keys():
#for key in sorted(time_freq):
# Convert JSON file containing DNS traffic to a map in which a hostname points to its set of associated IPs.
-def parse_json(file_path, mac_address):
+def parse_json(filepath, macaddress, incomingoutgoing):
""" Show summary of statistics of PCAP file
Args:
- file_path: path of the read file
- mac_address: MAC address of a device to analyze
+ filepath: path of the read file
+ macaddress: MAC address of a device to analyze
+ incomingoutgoing: boolean to define whether we collect incoming or outgoing traffic
+ True = incoming, False = outgoing
"""
# Maps timestamps to frequencies of packets
- time_freq = dict()
- with open(file_path) as jf:
+ timefreq = dict()
+ with open(filepath) as jf:
# Read JSON.
# data becomes reference to root JSON object (or in our case json array)
data = json.load(jf)
layers = p[JSON_KEY_SOURCE][JSON_KEY_LAYERS]
# Get timestamp
frame = layers.get(JSON_KEY_FRAME, None)
- date_time = frame.get(JSON_KEY_FRAME_TIME, None)
+ datetime = frame.get(JSON_KEY_FRAME_TIME, None)
# Get into the Ethernet address part
eth = layers.get(JSON_KEY_ETH, None)
# Skip any non DNS traffic
src = eth.get(JSON_KEY_ETH_SRC, None)
dst = eth.get(JSON_KEY_ETH_DST, None)
# Get just the time part
- date_time_obj = parser.parse(date_time)
+ datetimeobj = parser.parse(datetime)
# Remove the microsecond part
- time_str = str(date_time_obj.time())[:8]
- print str(time_str) + " - src:" + str(src) + " - dest:" + str(dst)
+ timestr = str(datetimeobj.time())[:8]
+ print str(timestr) + " - src:" + str(src) + " - dest:" + str(dst)
# Get and count the traffic for the specified MAC address
- if src == mac_address or dst == mac_address:
- # Check if timestamp already exists in the map
- # If yes, then just increment the frequency value...
- if time_str in time_freq:
- time_freq[time_str] = time_freq[time_str] + 1
- else: # If not, then put the value one there
- time_freq[time_str] = 1
- return time_freq
+ if incomingoutgoing:
+ if dst == macaddress:
+ # Check if timestamp already exists in the map
+ # If yes, then just increment the frequency value...
+ if timestr in timefreq:
+ timefreq[timestr] = timefreq[timestr] + 1
+ else: # If not, then put the value one there
+ timefreq[timestr] = 1
+ else:
+ if src == macaddress:
+ # Check if timestamp already exists in the map
+ # If yes, then just increment the frequency value...
+ if timestr in timefreq:
+ timefreq[timestr] = timefreq[timestr] + 1
+ else: # If not, then put the value one there
+ timefreq[timestr] = 1
+
+ return timefreq
if __name__ == '__main__':
# PER DEVICE SETUP #
# ***************** #
# WeMo switch
-#set output 'wemo_switch.ps'
-#set output 'wemo_switch.eps'
-set output '../result/wemo_switch.png'
-set title "WeMo Switch Time Series Plot of Packets"
-plot "../result/wemo_switch.dat" using 1:2 with lines
+#set output '../result/wemo_switch_incoming.ps'
+#set output '../result/wemo_switch_incoming.eps'
+set output '../result/wemo_switch_incoming.png'
+set title "WeMo Switch Incoming Traffic"
+plot "../result/wemo_switch_incoming.dat" using 1:2 with lines
+set output '../result/wemo_switch_outgoing.png'
+set title "WeMo Switch Outgoing Traffic"
+plot "../result/wemo_switch_outgoing.dat" using 1:2 with lines
-#set output 'wemo_switch2.ps'
-#plot "wemo_switch.dat" using 1:2
-
-# WeMo switch
-#set output '../result/wemo_switch.ps'
-#set output '../result/wemo_switch.eps'
-set output '../result/wemo_switch.png'
-set title "WeMo Switch"
-plot "../result/wemo_switch.dat" using 1:2 with lines
# WeMo Insight
-#set output '../result/wemo_insight.eps'
-set output '../result/wemo_insight.png'
-set title "WeMo Insight"
-plot "../result/wemo_insight.dat" using 1:2 with lines
+#set output '../result/wemo_insight_incoming.eps'
+set output '../result/wemo_insight_incoming.png'
+set title "WeMo Insight Incoming Traffic"
+plot "../result/wemo_insight_incoming.dat" using 1:2 with lines
+set output '../result/wemo_insight_outgoing.png'
+set title "WeMo Insight Outgoing Traffic"
+plot "../result/wemo_insight_outgoing.dat" using 1:2 with lines
# TP-Link switch
-#set output '../result/tplink_switch.eps'
-set output '../result/tplink_switch.png'
-set title "TP-Link Switch"
-plot "../result/tplink_switch.dat" using 1:2 with lines
+#set output '../result/tplink_switch_incoming.eps'
+set output '../result/tplink_switch_incoming.png'
+set title "TP-Link Switch Incoming Traffic"
+plot "../result/tplink_switch_incoming.dat" using 1:2 with lines
+set output '../result/tplink_switch_outgoing.png'
+set title "TP-Link Switch Outgoing Traffic"
+plot "../result/tplink_switch_outgoing.dat" using 1:2 with lines
# D-Link switch
-#set output '../result/dlink_switch.eps'
-set output '../result/dlink_switch.png'
-set title "D-Link Switch"
-plot "../result/dlink_switch.dat" using 1:2 with lines
+#set output '../result/dlink_switch_incoming.eps'
+set output '../result/dlink_switch_incoming.png'
+set title "D-Link Switch Incoming Traffic"
+plot "../result/dlink_switch_incoming.dat" using 1:2 with lines
+set output '../result/dlink_switch_outgoing.png'
+set title "D-Link Switch Outgoing Traffic"
+plot "../result/dlink_switch_outgoing.dat" using 1:2 with lines
+
# Amcrest camera
-#set output '../result/amcrest_camera.eps'
-set output '../result/amcrest_camera.png'
-set title "Amcrest Camera"
-plot "../result/amcrest_camera.dat" using 1:2 with lines
+#set output '../result/amcrest_camera_incoming.eps'
+set output '../result/amcrest_camera_incoming.png'
+set title "Amcrest Camera Incoming Traffic"
+plot "../result/amcrest_camera_incoming.dat" using 1:2 with lines
+set output '../result/amcrest_camera_outgoing.png'
+set title "Amcrest Camera Outgoing Traffic"
+plot "../result/amcrest_camera_outgoing.dat" using 1:2 with lines
# Netgear Arlo camera
-#set output '../result/netgear_arlo_camera.eps'
-set output '../result/netgear_arlo_camera.png'
-set title "Netgear Arlo Camera"
-plot "../result/netgear_arlo_camera.dat" using 1:2 with lines
+#set output '../result/netgear_arlo_camera_incoming.eps'
+set output '../result/netgear_arlo_camera_incoming.png'
+set title "Netgear Arlo Camera Incoming Traffic"
+plot "../result/netgear_arlo_camera_incoming.dat" using 1:2 with lines
+set output '../result/netgear_arlo_camera_outgoing.png'
+set title "Netgear Arlo Camera Outgoing Traffic"
+plot "../result/netgear_arlo_camera_outgoing.dat" using 1:2 with lines
# LiFX light bulb
-#set output '../result/lifx_lightbulb_1.eps'
-set output '../result/lifx_lightbulb_1.png'
-set title "LiFX Light Bulb #1"
-plot "../result/lifx_lightbulb_1.dat" using 1:2 with lines
+#set output '../result/lifx_lightbulb_1_incoming.eps'
+set output '../result/lifx_lightbulb_1_incoming.png'
+set title "LiFX Light Bulb #1 Incoming Traffic"
+plot "../result/lifx_lightbulb_1_incoming.dat" using 1:2 with lines
+set output '../result/lifx_lightbulb_1_outgoing.png'
+set title "LiFX Light Bulb #1 Outgoing Traffic"
+plot "../result/lifx_lightbulb_1_outgoing.dat" using 1:2 with lines
# LiFX light bulb
-#set output '../result/lifx_lightbulb_2.eps'
-set output '../result/lifx_lightbulb_2.png'
-set title "LiFX Light Bulb #2"
-plot "../result/lifx_lightbulb_2.dat" using 1:2 with lines
+#set output '../result/lifx_lightbulb_2_incoming.eps'
+set output '../result/lifx_lightbulb_2_incoming.png'
+set title "LiFX Light Bulb #2 Incoming Traffic"
+plot "../result/lifx_lightbulb_2_incoming.dat" using 1:2 with lines
+set output '../result/lifx_lightbulb_2_outgoing.png'
+set title "LiFX Light Bulb #2 Outgoing Traffic"
+plot "../result/lifx_lightbulb_2_outgoing.dat" using 1:2 with lines
# Philips Hue
-#set output '../result/philips_hue.eps'
-set output '../result/philips_hue.png'
-set title "Philips Hue"
-plot "../result/philips_hue.dat" using 1:2 with lines
+#set output '../result/philips_hue_incoming.eps'
+set output '../result/philips_hue_incoming.png'
+set title "Philips Hue Incoming Traffic"
+plot "../result/philips_hue_incoming.dat" using 1:2 with lines
+set output '../result/philips_hue_outgoing.png'
+set title "Philips Hue Outgoing Traffic"
+plot "../result/philips_hue_outgoing.dat" using 1:2 with lines
# TP-Link Light Bulb
-#set output '../result/tplink_lightbulb.eps'
-set output '../result/tplink_lightbulb.png'
-set title "TP-Link Light Bulb"
-plot "../result/tplink_lightbulb.dat" using 1:2 with lines
+#set output '../result/tplink_lightbulb_incoming.eps'
+set output '../result/tplink_lightbulb_incoming.png'
+set title "TP-Link Light Bulb Incoming Traffic"
+plot "../result/tplink_lightbulb_incoming.dat" using 1:2 with lines
+set output '../result/tplink_lightbulb_outgoing.png'
+set title "TP-Link Light Bulb Outgoing Traffic"
+plot "../result/tplink_lightbulb_outgoing.dat" using 1:2 with lines
# Nxeco sprinkler
-#set output '../result/nxeco_sprinkler.eps'
-set output '../result/nxeco_sprinkler.png'
-set title "Nxeco Sprinkler"
-plot "../result/nxeco_sprinkler.dat" using 1:2 with lines
+#set output '../result/nxeco_sprinkler_incoming.eps'
+set output '../result/nxeco_sprinkler_incoming.png'
+set title "Nxeco Sprinkler Incoming Traffic"
+plot "../result/nxeco_sprinkler_incoming.dat" using 1:2 with lines
+set output '../result/nxeco_sprinkler_outgoing.png'
+set title "Nxeco Sprinkler Outgoing Traffic"
+plot "../result/nxeco_sprinkler_outgoing.dat" using 1:2 with lines
# Blossom sprinkler
-#set output '../result/blossom_sprinkler.eps'
-set output '../result/blossom_sprinkler.png'
-set title "Blossom Sprinkler"
-plot "../result/blossom_sprinkler.dat" using 1:2 with lines
+#set output '../result/blossom_sprinkler_incoming.eps'
+set output '../result/blossom_sprinkler_incoming.png'
+set title "Blossom Sprinkler Incoming Traffic"
+plot "../result/blossom_sprinkler_incoming.dat" using 1:2 with lines
+set output '../result/blossom_sprinkler_outgoing.png'
+set title "Blossom Sprinkler Outgoing Traffic"
+plot "../result/blossom_sprinkler_outgoing.dat" using 1:2 with lines
# D-Link alarm
-#set output '../result/dlink_alarm.eps'
-set output '../result/dlink_alarm.png'
-set title "D-Link Alarm"
-plot "../result/dlink_alarm.dat" using 1:2 with lines
+#set output '../result/dlink_alarm_incoming.eps'
+set output '../result/dlink_alarm_incoming.png'
+set title "D-Link Alarm Incoming Traffic"
+plot "../result/dlink_alarm_incoming.dat" using 1:2 with lines
+set output '../result/dlink_alarm_outgoing.png'
+set title "D-Link Alarm Outgoing Traffic"
+plot "../result/dlink_alarm_outgoing.dat" using 1:2 with lines
# D-Link alarm
-#set output '../result/dlink_alarm.eps'
-set output '../result/dlink_alarm.png'
-set title "D-Link Alarm"
-plot "../result/dlink_alarm.dat" using 1:2 with lines
+#set output '../result/dlink_alarm_incoming.eps'
+set output '../result/dlink_alarm_incoming.png'
+set title "D-Link Alarm Incoming Traffic"
+plot "../result/dlink_alarm_incoming.dat" using 1:2 with lines
+set output '../result/dlink_alarm_outgoing.png'
+set title "D-Link Alarm Outgoing Traffic"
+plot "../result/dlink_alarm_outgoing.dat" using 1:2 with lines
# D-Link motion sensor
-#set output '../result/dlink_motion_sensor.eps'
-set output '../result/dlink_motion_sensor.png'
-set title "D-Link Motion Sensor"
-plot "../result/dlink_motion_sensor.dat" using 1:2 with lines
+#set output '../result/dlink_motion_sensor_incoming.eps'
+set output '../result/dlink_motion_sensor_incoming.png'
+set title "D-Link Motion Sensor Incoming Traffic"
+plot "../result/dlink_motion_sensor_incoming.dat" using 1:2 with lines
+set output '../result/dlink_motion_sensor_outgoing.png'
+set title "D-Link Motion Sensor Outgoing"
+plot "../result/dlink_motion_sensor_outgoing.dat" using 1:2 with lines
# Nest Thermostat
-#set output '../result/nest_thermostat.eps'
-set output '../result/nest_thermostat.png'
-set title "Nest Thermostat"
-plot "../result/nest_thermostat.dat" using 1:2 with lines
+#set output '../result/nest_thermostat_incoming.eps'
+set output '../result/nest_thermostat_incoming.png'
+set title "Nest Thermostat Incoming Traffic"
+plot "../result/nest_thermostat_incoming.dat" using 1:2 with lines
+set output '../result/nest_thermostat_outgoing.png'
+set title "Nest Thermostat Outgoing Traffic"
+plot "../result/nest_thermostat_outgoing.dat" using 1:2 with lines
# Amazon Echo Dot
-#set output '../result/amazon_echo_dot.eps'
-set output '../result/amazon_echo_dot.png'
-set title "Amazon Ech Odit"
-plot "../result/amazon_echo_dot.dat" using 1:2 with lines
+#set output '../result/amazon_echo_dot_incoming.eps'
+set output '../result/amazon_echo_dot_incoming.png'
+set title "Amazon Echo Dot Incoming Traffic"
+plot "../result/amazon_echo_dot_incoming.dat" using 1:2 with lines
+set output '../result/amazon_echo_dot_outgoing.png'
+set title "Amazon Echo Dot Outgoing Traffic"
+plot "../result/amazon_echo_dot_outgoing.dat" using 1:2 with lines
# SmartThings hub
-#set output '../result/smartthings_hub.eps'
-set output '../result/smartthings_hub.png'
-set title "SmartThings Hub"
-plot "../result/smartthings_hub.dat" using 1:2 with lines
-
+#set output '../result/smartthings_hub_incoming.eps'
+set output '../result/smartthings_hub_incoming.png'
+set title "SmartThings Hub Incoming Traffic"
+plot "../result/smartthings_hub_incoming.dat" using 1:2 with lines
+set output '../result/smartthings_hub_outgoing.png'
+set title "SmartThings Hub Outgoing Traffic"
+plot "../result/smartthings_hub_outgoing.dat" using 1:2 with lines
[ -d $2 ] || mkdir $2
# Run the analysis
-python ../parser/parse_packet_frequency.py $1 $2/wemo_switch.dat WeMo_Switch 94:10:3e:36:60:09
-python ../parser/parse_packet_frequency.py $1 $2/wemo_insight.dat WeMo_Insight 14:91:82:25:10:77
-python ../parser/parse_packet_frequency.py $1 $2/tplink_switch.dat TPLink_Switch 50:c7:bf:33:1f:09
-python ../parser/parse_packet_frequency.py $1 $2/dlink_switch.dat DLink_Switch 90:8d:78:e3:81:0c
-python ../parser/parse_packet_frequency.py $1 $2/amcrest_camera.dat Amcrest_Camera 3c:ef:8c:6f:79:5a
-python ../parser/parse_packet_frequency.py $1 $2/netgear_arlo_camera.dat Netgear_Arlo_Camera 40:5d:82:2f:50:2a
-python ../parser/parse_packet_frequency.py $1 $2/lifx_lightbulb_1.dat Lifx_LightBulb_1 d0:73:d5:12:8e:30
-python ../parser/parse_packet_frequency.py $1 $2/lifx_lightbulb_2.dat Lifx_LightBulb_2 d0:73:d5:02:41:da
-python ../parser/parse_packet_frequency.py $1 $2/philips_hue.dat Philips_Hue 00:17:88:69:ee:e4
-python ../parser/parse_packet_frequency.py $1 $2/tplink_lightbulb.dat TPLink_LightBulb 50:c7:bf:59:d5:84
-python ../parser/parse_packet_frequency.py $1 $2/nxeco_sprinkler.dat Nxeco_Sprinkler ac:cf:23:5a:9c:e2
-python ../parser/parse_packet_frequency.py $1 $2/blossom_sprinkler.dat Blossom_Sprinkler e4:95:6e:b0:20:39
-python ../parser/parse_packet_frequency.py $1 $2/dlink_alarm.dat DLink_Alarm c4:12:f5:de:38:20
-python ../parser/parse_packet_frequency.py $1 $2/dlink_motion_sensor.dat DLink_Motion_Sensor c4:12:f5:e3:dc:17
-python ../parser/parse_packet_frequency.py $1 $2/nest_thermostat.dat Nest_Thermostat 18:b4:30:bf:34:7e
-python ../parser/parse_packet_frequency.py $1 $2/amazon_echo_dot.dat Amazon_Echo_Dot 68:37:e9:d2:26:0d
-python ../parser/parse_packet_frequency.py $1 $2/smartthings_hub.dat SmartThings_Hub d0:52:a8:a3:60:0f
+python ../parser/parse_packet_frequency.py $1 $2/wemo_switch WeMo_Switch 94:10:3e:36:60:09
+python ../parser/parse_packet_frequency.py $1 $2/wemo_insight WeMo_Insight 14:91:82:25:10:77
+python ../parser/parse_packet_frequency.py $1 $2/tplink_switch TPLink_Switch 50:c7:bf:33:1f:09
+python ../parser/parse_packet_frequency.py $1 $2/dlink_switch DLink_Switch 90:8d:78:e3:81:0c
+python ../parser/parse_packet_frequency.py $1 $2/amcrest_camera Amcrest_Camera 3c:ef:8c:6f:79:5a
+python ../parser/parse_packet_frequency.py $1 $2/netgear_arlo_camera Netgear_Arlo_Camera 40:5d:82:2f:50:2a
+python ../parser/parse_packet_frequency.py $1 $2/lifx_lightbulb_1 Lifx_LightBulb_1 d0:73:d5:12:8e:30
+python ../parser/parse_packet_frequency.py $1 $2/lifx_lightbulb_2 Lifx_LightBulb_2 d0:73:d5:02:41:da
+python ../parser/parse_packet_frequency.py $1 $2/philips_hue Philips_Hue 00:17:88:69:ee:e4
+python ../parser/parse_packet_frequency.py $1 $2/tplink_lightbulb TPLink_LightBulb 50:c7:bf:59:d5:84
+python ../parser/parse_packet_frequency.py $1 $2/nxeco_sprinkler Nxeco_Sprinkler ac:cf:23:5a:9c:e2
+python ../parser/parse_packet_frequency.py $1 $2/blossom_sprinkler Blossom_Sprinkler e4:95:6e:b0:20:39
+python ../parser/parse_packet_frequency.py $1 $2/dlink_alarm DLink_Alarm c4:12:f5:de:38:20
+python ../parser/parse_packet_frequency.py $1 $2/dlink_motion_sensor DLink_Motion_Sensor c4:12:f5:e3:dc:17
+python ../parser/parse_packet_frequency.py $1 $2/nest_thermostat Nest_Thermostat 18:b4:30:bf:34:7e
+python ../parser/parse_packet_frequency.py $1 $2/amazon_echo_dot Amazon_Echo_Dot 68:37:e9:d2:26:0d
+python ../parser/parse_packet_frequency.py $1 $2/smartthings_hub SmartThings_Hub d0:52:a8:a3:60:0f
projects / pingpong.git / commitdiff