From a29fc38a6cc73b14a1d3872301078db8b6b33ad7 Mon Sep 17 00:00:00 2001 From: rtrimana Date: Wed, 15 Nov 2017 10:28:10 -0800 Subject: [PATCH] Adding packet sizes and send/received bytes plots/analyses --- parser/parse_inter_arrival_time.py | 40 ++++--- parser/parse_packet_size.py | 128 ++++++++++++++++++++ parser/parse_packet_total_bytes.py | 184 +++++++++++++++++++++++++++++ plot_scripts/plot_ia_graph | 14 +-- plot_scripts/plot_ps_graph | 40 +++++++ plot_scripts/plot_tb_graph | 41 +++++++ plot_scripts/plot_ts_graph | 182 ++++++++++++++-------------- run_scripts/ia_analysis_run.sh | 3 +- run_scripts/ps_analysis_run.sh | 32 +++++ run_scripts/tb_analysis_run.sh | 32 +++++ run_scripts/ts_analysis_run.sh | 3 +- 11 files changed, 585 insertions(+), 114 deletions(-) create mode 100644 parser/parse_packet_size.py create mode 100644 parser/parse_packet_total_bytes.py create mode 100644 plot_scripts/plot_ps_graph create mode 100644 plot_scripts/plot_tb_graph create mode 100755 run_scripts/ps_analysis_run.sh create mode 100755 run_scripts/tb_analysis_run.sh diff --git a/parser/parse_inter_arrival_time.py b/parser/parse_inter_arrival_time.py index 798c7eb..7fe6b9c 100644 --- a/parser/parse_inter_arrival_time.py +++ b/parser/parse_inter_arrival_time.py @@ -62,19 +62,20 @@ def main(): print "Usage: python", sys.argv[0], " " return # Parse the file for the specified MAC address - timestamplist_incoming = parse_json(sys.argv[1], sys.argv[4]) + timestamplist_incoming = parse_json(sys.argv[1], sys.argv[4], True) + timestamplist_outgoing = parse_json(sys.argv[1], sys.argv[4], False) # Write statistics into file print "=====================================================================" print "==> Analyzing incoming traffic ..." save_to_file(sys.argv[3] + INCOMING_APPENDIX, timestamplist_incoming, sys.argv[2] + INCOMING_APPENDIX + FILE_APPENDIX) print "=====================================================================" - #print "==> Analyzing outgoing traffic ..." - #save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timestamplist_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX) - #print "=====================================================================" + print "==> Analyzing outgoing traffic ..." + save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timestamplist_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX) + print "=====================================================================" # Convert JSON file containing DNS traffic to a map in which a hostname points to its set of associated IPs. -def parse_json(filepath, macaddress): +def parse_json(filepath, macaddress, incomingoutgoing): """ Show summary of statistics of PCAP file Args: filepath: path of the read file @@ -107,15 +108,26 @@ def parse_json(filepath, macaddress): src = eth.get(JSON_KEY_ETH_SRC, None) dst = eth.get(JSON_KEY_ETH_DST, None) # Get and count the traffic for the specified MAC address - if dst == macaddress: - # Check if timestamp already exists in the map - # If yes, then just increment the frequency value... - print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst) - curr = timestamp - if prev is not None: - inter_arrival_time = curr - prev - timestamplist.append(inter_arrival_time) - prev = curr + if incomingoutgoing: + if dst == macaddress: + # Check if timestamp already exists in the map + # If yes, then just increment the frequency value... + print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst) + curr = timestamp + if prev is not None: + inter_arrival_time = curr - prev + timestamplist.append(inter_arrival_time) + prev = curr + else: + if src == macaddress: + # Check if timestamp already exists in the map + # If yes, then just increment the frequency value... + print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst) + curr = timestamp + if prev is not None: + inter_arrival_time = curr - prev + timestamplist.append(inter_arrival_time) + prev = curr return timestamplist diff --git a/parser/parse_packet_size.py b/parser/parse_packet_size.py new file mode 100644 index 0000000..84cc107 --- /dev/null +++ b/parser/parse_packet_size.py @@ -0,0 +1,128 @@ +#!/usr/bin/python + +""" +Script that takes a file (output by wireshark/tshark, in JSON format) and analyze +the variety of packet sizes of a certain device at a certain time. +""" + +import sys +import json +import numpy as np +from collections import defaultdict +from dateutil import parser + +JSON_KEY_SOURCE = "_source" +JSON_KEY_LAYERS = "layers" + +JSON_KEY_ETH = "eth" +JSON_KEY_ETH_DST = "eth.dst" +JSON_KEY_ETH_SRC = "eth.src" +JSON_KEY_FRAME = "frame" +JSON_KEY_FRAME_TIME = "frame.time" +JSON_KEY_FRAME_LENGTH = "frame.len" +TABLE_HEADER_X = "Timestamp (hh:mm:ss)" +TABLE_HEADER_Y = "Packet sizes (bytes)" +INCOMING_APPENDIX = "_incoming" +OUTGOING_APPENDIX = "_outgoing" +FILE_APPENDIX = ".dat" + + +def save_to_file(tblheader, dictionary, filenameout): + """ Show summary of statistics of PCAP file + Args: + tblheader: header for the saved table + dictionary: dictionary to be saved + filename_out: file name to save + """ + # Appending, not overwriting! + f = open(filenameout, 'a') + # Write the table header + f.write("# " + tblheader + "\n") + f.write("# " + TABLE_HEADER_X + " " + TABLE_HEADER_Y + "\n") + # Write "0 0" if dictionary is empty + if not dictionary: + f.write("0 0") + f.close() + print "Writing zeroes to file: ", filenameout + return + + # Iterate over dictionary and write (key, value) pairs + for key in sorted(dictionary): + # Space separated + f.write(str(key) + " " + str(dictionary[key]) + "\n") + f.close() + print "Writing output to file: ", filenameout + + +def main(): + """ Main function + """ + if len(sys.argv) < 5: + print "Usage: python", sys.argv[0], " " + return + # Parse the file for the specified MAC address + timefreq_incoming = parse_json(sys.argv[1], sys.argv[4], True) + timefreq_outgoing = parse_json(sys.argv[1], sys.argv[4], False) + # Write statistics into file + print "=====================================================================" + print "==> Analyzing incoming traffic ..." + save_to_file(sys.argv[3] + INCOMING_APPENDIX, timefreq_incoming, sys.argv[2] + INCOMING_APPENDIX + FILE_APPENDIX) + print "=====================================================================" + print "==> Analyzing outgoing traffic ..." + save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timefreq_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX) + print "=====================================================================" + + +# Convert JSON file containing DNS traffic to a map in which a hostname points to its set of associated IPs. +def parse_json(filepath, macaddress, incomingoutgoing): + """ Show summary of statistics of PCAP file + Args: + filepath: path of the read file + macaddress: MAC address of a device to analyze + incomingoutgoing: boolean to define whether we collect incoming or outgoing traffic + True = incoming, False = outgoing + """ + # Maps timestamps to frequencies of packets + packetsize = dict() + with open(filepath) as jf: + # Read JSON. + # data becomes reference to root JSON object (or in our case json array) + data = json.load(jf) + # Loop through json objects in data + # Each entry is a pcap entry (request/response (packet) and associated metadata) + for p in data: + # p is a JSON object, not an index + layers = p[JSON_KEY_SOURCE][JSON_KEY_LAYERS] + # Get timestamp + frame = layers.get(JSON_KEY_FRAME, None) + datetime = frame.get(JSON_KEY_FRAME_TIME, None) + length = frame.get(JSON_KEY_FRAME_LENGTH, None) + # Get into the Ethernet address part + eth = layers.get(JSON_KEY_ETH, None) + # Skip any non DNS traffic + if eth is None: + print "[ WARNING: Packet has no ethernet address! ]" + continue + # Get source and destination MAC addresses + src = eth.get(JSON_KEY_ETH_SRC, None) + dst = eth.get(JSON_KEY_ETH_DST, None) + # Get just the time part + datetimeobj = parser.parse(datetime) + timestr = str(datetimeobj.time()) + print str(timestr) + " - src:" + str(src) + " - dest:" + str(dst) + # Get and count the traffic for the specified MAC address + if incomingoutgoing: + if dst == macaddress: + # Put the time frequency in the dictionary + packetsize[timestr] = length + else: + if src == macaddress: + # Put the time frequency in the dictionary + packetsize[timestr] = length + + return packetsize + + +if __name__ == '__main__': + main() + diff --git a/parser/parse_packet_total_bytes.py b/parser/parse_packet_total_bytes.py new file mode 100644 index 0000000..7acb21b --- /dev/null +++ b/parser/parse_packet_total_bytes.py @@ -0,0 +1,184 @@ +#!/usr/bin/python + +""" +Script that takes a file (output by wireshark/tshark, in JSON format) and analyze +the traffic total bytes of a certain device at a certain time. +""" + +import sys +import json +import numpy as np +from collections import defaultdict +from dateutil import parser +from decimal import * + +JSON_KEY_SOURCE = "_source" +JSON_KEY_LAYERS = "layers" + +JSON_KEY_ETH = "eth" +JSON_KEY_ETH_DST = "eth.dst" +JSON_KEY_ETH_SRC = "eth.src" +JSON_KEY_FRAME = "frame" +JSON_KEY_FRAME_TIME = "frame.time" +JSON_KEY_FRAME_LENGTH = "frame.len" +TABLE_HEADER_X = "Timestamp (hh:mm:ss)" +TABLE_HEADER_Y = "Total bytes (bytes)" +INCOMING_APPENDIX = "_incoming" +OUTGOING_APPENDIX = "_outgoing" +FILE_APPENDIX = ".dat" + +# Use this constant as a flag +WINDOW_SIZE = 5 +USE_MOVING_AVERAGE = False + + +def moving_average(array, window=3): + """ Calculate moving average + Args: + array: array of numbers + window: window of moving average (default = 3) + Adapted from: + https://stackoverflow.com/questions/14313510/how-to-calculate-moving-average-using-numpy + """ + # Check if window > len(array) + if window > len(array): + window = len(array) + # Calculate cumulative sum of each array element + retarr = np.cumsum(array, dtype=float) + # Adjust cumulative sum of each array element + # based on window size + retarr[window:] = retarr[window:] - retarr[:-window] + # Pad the first array elements with zeroes + retarr[:window - 1] = np.zeros(window - 1) + # Calculate moving average starting from the element + # at window size, e.g. element 4 for window=5 + retarr[window - 1:] = retarr[window - 1:] / window + return retarr + + +def save_to_file(tblheader, dictionary, filenameout): + """ Show summary of statistics of PCAP file + Args: + tblheader: header for the saved table + dictionary: dictionary to be saved + filename_out: file name to save + """ + # Appending, not overwriting! + f = open(filenameout, 'a') + # Write the table header + f.write("# " + tblheader + "\n") + f.write("# " + TABLE_HEADER_X + " " + TABLE_HEADER_Y + "\n") + # Write "0 0" if dictionary is empty + if not dictionary: + f.write("0 0") + f.close() + print "Writing zeroes to file: ", filenameout + return + + if USE_MOVING_AVERAGE: + # Use moving average if this flag is true + sortedarr = [] + for key in sorted(dictionary): + sortedarr.append(dictionary[key]) + valarr = moving_average(sortedarr, WINDOW_SIZE) + #print vallist + # Iterate over dictionary and write (key, value) pairs + ind = 0 + for key in sorted(dictionary): + # Space separated + f.write(str(key) + " " + str(valarr[ind]) + "\n") + ind += 1 + else: + # Iterate over dictionary and write (key, value) pairs + for key in sorted(dictionary): + # Space separated + f.write(str(key) + " " + str(dictionary[key]) + "\n") + f.close() + print "Writing output to file: ", filenameout + + +def main(): + """ Main function + """ + if len(sys.argv) < 5: + print "Usage: python", sys.argv[0], " " + return + # Parse the file for the specified MAC address + timefreq_incoming = parse_json(sys.argv[1], sys.argv[4], True) + timefreq_outgoing = parse_json(sys.argv[1], sys.argv[4], False) + # Write statistics into file + print "=====================================================================" + print "==> Analyzing incoming traffic ..." + save_to_file(sys.argv[3] + INCOMING_APPENDIX, timefreq_incoming, sys.argv[2] + INCOMING_APPENDIX + FILE_APPENDIX) + print "=====================================================================" + print "==> Analyzing outgoing traffic ..." + save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timefreq_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX) + print "=====================================================================" + #for time in time_freq.keys(): + #for key in sorted(time_freq): + # print key, " => ", time_freq[key] + #print "=====================================================================" + + +# Convert JSON file containing DNS traffic to a map in which a hostname points to its set of associated IPs. +def parse_json(filepath, macaddress, incomingoutgoing): + """ Show summary of statistics of PCAP file + Args: + filepath: path of the read file + macaddress: MAC address of a device to analyze + incomingoutgoing: boolean to define whether we collect incoming or outgoing traffic + True = incoming, False = outgoing + """ + # Maps timestamps to frequencies of packets + packetbytes = dict() + with open(filepath) as jf: + # Read JSON. + # data becomes reference to root JSON object (or in our case json array) + data = json.load(jf) + # Loop through json objects in data + # Each entry is a pcap entry (request/response (packet) and associated metadata) + for p in data: + # p is a JSON object, not an index + layers = p[JSON_KEY_SOURCE][JSON_KEY_LAYERS] + # Get timestamp + frame = layers.get(JSON_KEY_FRAME, None) + datetime = frame.get(JSON_KEY_FRAME_TIME, None) + bytes = frame.get(JSON_KEY_FRAME_LENGTH, None) + # Get into the Ethernet address part + eth = layers.get(JSON_KEY_ETH, None) + # Skip any non DNS traffic + if eth is None: + print "[ WARNING: Packet has no ethernet address! ]" + continue + # Get source and destination MAC addresses + src = eth.get(JSON_KEY_ETH_SRC, None) + dst = eth.get(JSON_KEY_ETH_DST, None) + # Get just the time part + datetimeobj = parser.parse(datetime) + # Remove the microsecond part + timestr = str(datetimeobj.time())[:8] + print str(timestr) + " - src:" + str(src) + " - dest:" + str(dst) + # Get and count the traffic for the specified MAC address + if incomingoutgoing: + if dst == macaddress: + # Check if timestamp already exists in the map + # If yes, then just accumulate the value + if timestr in packetbytes: + packetbytes[timestr] = packetbytes[timestr] + Decimal(bytes) + else: # If not, then put the value there + packetbytes[timestr] = Decimal(bytes) + else: + if src == macaddress: + # Check if timestamp already exists in the map + # If yes, then just accumulate the value + if timestr in packetbytes: + packetbytes[timestr] = packetbytes[timestr] + Decimal(bytes) + else: # If not, then put the value there + packetbytes[timestr] = Decimal(bytes) + + return packetbytes + + +if __name__ == '__main__': + main() + diff --git a/plot_scripts/plot_ia_graph b/plot_scripts/plot_ia_graph index ced074e..848f242 100644 --- a/plot_scripts/plot_ia_graph +++ b/plot_scripts/plot_ia_graph @@ -25,12 +25,12 @@ set yrange [0:] # PER DEVICE SETUP # # ***************** # # WeMo switch -#set output '../result/wemo_switch_incoming.ps' -#set output '../result/wemo_switch_incoming.eps' -set output '../result/wemo_switch_inter_arrival_incoming.png' +#set output '../result_ia/wemo_switch_incoming.ps' +#set output '../result_ia/wemo_switch_incoming.eps' +set output '../result_ia/wemo_switch_inter_arrival_incoming.png' set title "WeMo Switch Inter-Arrival Incoming Traffic" -plot "../result/test_incoming.dat" using 1:2 with lines -#set output '../result/wemo_switch_outgoing.png' -#set title "WeMo Switch Inter-Arrival Outgoing Traffic" -#plot "../result/wemo_switch_outgoing.dat" using 1:2 with lines +plot "../result_ia/wemo_switch_incoming.dat" using 1:2 with lines +set output '../result_ia/wemo_switch_inter_arrival_outgoing.png' +set title "WeMo Switch Inter-Arrival Outgoing Traffic" +plot "../result_ia/wemo_switch_outgoing.dat" using 1:2 with lines diff --git a/plot_scripts/plot_ps_graph b/plot_scripts/plot_ps_graph new file mode 100644 index 0000000..600cc50 --- /dev/null +++ b/plot_scripts/plot_ps_graph @@ -0,0 +1,40 @@ +# Script to plot packet size graphs for network traffic analysis +# +# by Rahmadi Trimananda (rahmadi.trimananda@uci.edu) +# Programming Language Research Group @ University of California, Irvine +# Fall 2017 + +# ************ # +# BASIC SETUP # +# ************ # +#set terminal postscript landscape "Arial, 18" +#set terminal postscript eps font 'Helvetica,20' enhanced color +set terminal pngcairo enhanced font 'Verdana,10' +set autoscale +unset key +unset log +unset label +set xtics 600 +set ytics auto +set xlabel "Packet Timestamp (hh:mm:ss)" +set ylabel "Packet Size (bytes)" +set xdata time +set timefmt "%H:%M:%S" +#set xrange ["06:00:00":"10:00:00"] +#set yrange [0:200] +set xrange [:] +set yrange [0:] + +# ***************** # +# PER DEVICE SETUP # +# ***************** # +# WeMo switch +#set output '../result_ps/wemo_switch_incoming.ps' +#set output '../result_ps/wemo_switch_incoming.eps' +set output '../result_ps/wemo_switch_packet_size_incoming.png' +set title "WeMo Switch Packet Size Incoming Traffic" +plot "../result_ps/wemo_switch_incoming.dat" using 1:2 +set output '../result_ps/wemo_switch_packet_size_outgoing.png' +set title "WeMo Switch Packet Size Outgoing Traffic" +plot "../result_ps/wemo_switch_outgoing.dat" using 1:2 + diff --git a/plot_scripts/plot_tb_graph b/plot_scripts/plot_tb_graph new file mode 100644 index 0000000..0d3e155 --- /dev/null +++ b/plot_scripts/plot_tb_graph @@ -0,0 +1,41 @@ +# Script to plot total bytes graphs for network traffic analysis +# +# by Rahmadi Trimananda (rahmadi.trimananda@uci.edu) +# Programming Language Research Group @ University of California, Irvine +# Fall 2017 + +# ************ # +# BASIC SETUP # +# ************ # +#set terminal postscript landscape "Arial, 18" +#set terminal postscript eps font 'Helvetica,20' enhanced color +set terminal pngcairo enhanced font 'Verdana,10' +set autoscale +unset key +unset log +unset label +set logscale y 2 +set xtics 600 +set ytics auto +set xlabel "Packet Timestamp (hh:mm:ss)" +set ylabel "Packet Bytes (bytes)" +set xdata time +set timefmt "%H:%M:%S" +#set xrange ["06:00:00":"10:00:00"] +#set yrange [0:200] +set xrange [:] +set yrange [1:] + +# ***************** # +# PER DEVICE SETUP # +# ***************** # +# WeMo switch +#set output '../result_tb/wemo_switch_incoming.ps' +#set output '../result_tb/wemo_switch_incoming.eps' +set output '../result_tb/wemo_switch_packet_size_incoming.png' +set title "WeMo Switch Total Bytes Incoming Traffic" +plot "../result_tb/wemo_switch_incoming.dat" using 1:2 with lines +set output '../result_tb/wemo_switch_packet_size_outgoing.png' +set title "WeMo Switch Total Bytes Outgoing Traffic" +plot "../result_tb/wemo_switch_outgoing.dat" using 1:2 with lines + diff --git a/plot_scripts/plot_ts_graph b/plot_scripts/plot_ts_graph index 86020f8..bd5e31f 100644 --- a/plot_scripts/plot_ts_graph +++ b/plot_scripts/plot_ts_graph @@ -29,167 +29,167 @@ set yrange [0:] # PER DEVICE SETUP # # ***************** # # WeMo switch -#set output '../result/wemo_switch_incoming.ps' -#set output '../result/wemo_switch_incoming.eps' -set output '../result/wemo_switch_incoming.png' +#set output '../result_ts/wemo_switch_incoming.ps' +#set output '../result_ts/wemo_switch_incoming.eps' +set output '../result_ts/wemo_switch_timestamp_incoming.png' set title "WeMo Switch Incoming Traffic" -plot "../result/wemo_switch_incoming.dat" using 1:2 with lines -set output '../result/wemo_switch_outgoing.png' +plot "../result_ts/wemo_switch_incoming.dat" using 1:2 with lines +set output '../result_ts/wemo_switch_timestamp_outgoing.png' set title "WeMo Switch Outgoing Traffic" -plot "../result/wemo_switch_outgoing.dat" using 1:2 with lines +plot "../result_ts/wemo_switch_outgoing.dat" using 1:2 with lines # WeMo Insight -#set output '../result/wemo_insight_incoming.eps' -set output '../result/wemo_insight_incoming.png' +#set output '../result_ts/wemo_insight_incoming.eps' +set output '../result_ts/wemo_insight_timestamp_incoming.png' set title "WeMo Insight Incoming Traffic" -plot "../result/wemo_insight_incoming.dat" using 1:2 with lines -set output '../result/wemo_insight_outgoing.png' +plot "../result_ts/wemo_insight_incoming.dat" using 1:2 with lines +set output '../result_ts/wemo_insight_timestamp_outgoing.png' set title "WeMo Insight Outgoing Traffic" -plot "../result/wemo_insight_outgoing.dat" using 1:2 with lines +plot "../result_ts/wemo_insight_outgoing.dat" using 1:2 with lines # TP-Link switch -#set output '../result/tplink_switch_incoming.eps' -set output '../result/tplink_switch_incoming.png' +#set output '../result_ts/tplink_switch_incoming.eps' +set output '../result_ts/tplink_switch_timestamp_incoming.png' set title "TP-Link Switch Incoming Traffic" -plot "../result/tplink_switch_incoming.dat" using 1:2 with lines -set output '../result/tplink_switch_outgoing.png' +plot "../result_ts/tplink_switch_incoming.dat" using 1:2 with lines +set output '../result_ts/tplink_switch_timestamp_outgoing.png' set title "TP-Link Switch Outgoing Traffic" -plot "../result/tplink_switch_outgoing.dat" using 1:2 with lines +plot "../result_ts/tplink_switch_outgoing.dat" using 1:2 with lines # D-Link switch -#set output '../result/dlink_switch_incoming.eps' -set output '../result/dlink_switch_incoming.png' +#set output '../result_ts/dlink_switch_incoming.eps' +set output '../result_ts/dlink_switch_timestamp_incoming.png' set title "D-Link Switch Incoming Traffic" -plot "../result/dlink_switch_incoming.dat" using 1:2 with lines -set output '../result/dlink_switch_outgoing.png' +plot "../result_ts/dlink_switch_incoming.dat" using 1:2 with lines +set output '../result_ts/dlink_switch_timestamp_outgoing.png' set title "D-Link Switch Outgoing Traffic" -plot "../result/dlink_switch_outgoing.dat" using 1:2 with lines +plot "../result_ts/dlink_switch_outgoing.dat" using 1:2 with lines # Amcrest camera -#set output '../result/amcrest_camera_incoming.eps' -set output '../result/amcrest_camera_incoming.png' +#set output '../result_ts/amcrest_camera_incoming.eps' +set output '../result_ts/amcrest_camera_timestamp_incoming.png' set title "Amcrest Camera Incoming Traffic" -plot "../result/amcrest_camera_incoming.dat" using 1:2 with lines -set output '../result/amcrest_camera_outgoing.png' +plot "../result_ts/amcrest_camera_incoming.dat" using 1:2 with lines +set output '../result_ts/amcrest_camera_timestamp_outgoing.png' set title "Amcrest Camera Outgoing Traffic" -plot "../result/amcrest_camera_outgoing.dat" using 1:2 with lines +plot "../result_ts/amcrest_camera_outgoing.dat" using 1:2 with lines # Netgear Arlo camera -#set output '../result/netgear_arlo_camera_incoming.eps' -set output '../result/netgear_arlo_camera_incoming.png' +#set output '../result_ts/netgear_arlo_camera_incoming.eps' +set output '../result_ts/netgear_arlo_camera_timestamp_incoming.png' set title "Netgear Arlo Camera Incoming Traffic" -plot "../result/netgear_arlo_camera_incoming.dat" using 1:2 with lines -set output '../result/netgear_arlo_camera_outgoing.png' +plot "../result_ts/netgear_arlo_camera_incoming.dat" using 1:2 with lines +set output '../result_ts/netgear_arlo_camera_timestamp_outgoing.png' set title "Netgear Arlo Camera Outgoing Traffic" -plot "../result/netgear_arlo_camera_outgoing.dat" using 1:2 with lines +plot "../result_ts/netgear_arlo_camera_outgoing.dat" using 1:2 with lines # LiFX light bulb -#set output '../result/lifx_lightbulb_1_incoming.eps' -set output '../result/lifx_lightbulb_1_incoming.png' +#set output '../result_ts/lifx_lightbulb_1_incoming.eps' +set output '../result_ts/lifx_lightbulb_1_timestamp_incoming.png' set title "LiFX Light Bulb #1 Incoming Traffic" -plot "../result/lifx_lightbulb_1_incoming.dat" using 1:2 with lines -set output '../result/lifx_lightbulb_1_outgoing.png' +plot "../result_ts/lifx_lightbulb_1_incoming.dat" using 1:2 with lines +set output '../result_ts/lifx_lightbulb_1_timestamp_outgoing.png' set title "LiFX Light Bulb #1 Outgoing Traffic" -plot "../result/lifx_lightbulb_1_outgoing.dat" using 1:2 with lines +plot "../result_ts/lifx_lightbulb_1_outgoing.dat" using 1:2 with lines # LiFX light bulb -#set output '../result/lifx_lightbulb_2_incoming.eps' -set output '../result/lifx_lightbulb_2_incoming.png' +#set output '../result_ts/lifx_lightbulb_2_incoming.eps' +set output '../result_ts/lifx_lightbulb_2_timestamp_incoming.png' set title "LiFX Light Bulb #2 Incoming Traffic" -plot "../result/lifx_lightbulb_2_incoming.dat" using 1:2 with lines -set output '../result/lifx_lightbulb_2_outgoing.png' +plot "../result_ts/lifx_lightbulb_2_incoming.dat" using 1:2 with lines +set output '../result_ts/lifx_lightbulb_2_timestamp_outgoing.png' set title "LiFX Light Bulb #2 Outgoing Traffic" -plot "../result/lifx_lightbulb_2_outgoing.dat" using 1:2 with lines +plot "../result_ts/lifx_lightbulb_2_outgoing.dat" using 1:2 with lines # Philips Hue -#set output '../result/philips_hue_incoming.eps' -set output '../result/philips_hue_incoming.png' +#set output '../result_ts/philips_hue_incoming.eps' +set output '../result_ts/philips_hue_timestamp_incoming.png' set title "Philips Hue Incoming Traffic" -plot "../result/philips_hue_incoming.dat" using 1:2 with lines -set output '../result/philips_hue_outgoing.png' +plot "../result_ts/philips_hue_incoming.dat" using 1:2 with lines +set output '../result_ts/philips_hue_timestamp_outgoing.png' set title "Philips Hue Outgoing Traffic" -plot "../result/philips_hue_outgoing.dat" using 1:2 with lines +plot "../result_ts/philips_hue_outgoing.dat" using 1:2 with lines # TP-Link Light Bulb -#set output '../result/tplink_lightbulb_incoming.eps' -set output '../result/tplink_lightbulb_incoming.png' +#set output '../result_ts/tplink_lightbulb_incoming.eps' +set output '../result_ts/tplink_lightbulb_timestamp_incoming.png' set title "TP-Link Light Bulb Incoming Traffic" -plot "../result/tplink_lightbulb_incoming.dat" using 1:2 with lines -set output '../result/tplink_lightbulb_outgoing.png' +plot "../result_ts/tplink_lightbulb_incoming.dat" using 1:2 with lines +set output '../result_ts/tplink_lightbulb_timestamp_outgoing.png' set title "TP-Link Light Bulb Outgoing Traffic" -plot "../result/tplink_lightbulb_outgoing.dat" using 1:2 with lines +plot "../result_ts/tplink_lightbulb_outgoing.dat" using 1:2 with lines # Nxeco sprinkler -#set output '../result/nxeco_sprinkler_incoming.eps' -set output '../result/nxeco_sprinkler_incoming.png' +#set output '../result_ts/nxeco_sprinkler_incoming.eps' +set output '../result_ts/nxeco_sprinkler_timestamp_incoming.png' set title "Nxeco Sprinkler Incoming Traffic" -plot "../result/nxeco_sprinkler_incoming.dat" using 1:2 with lines -set output '../result/nxeco_sprinkler_outgoing.png' +plot "../result_ts/nxeco_sprinkler_incoming.dat" using 1:2 with lines +set output '../result_ts/nxeco_sprinkler_timestamp_outgoing.png' set title "Nxeco Sprinkler Outgoing Traffic" -plot "../result/nxeco_sprinkler_outgoing.dat" using 1:2 with lines +plot "../result_ts/nxeco_sprinkler_outgoing.dat" using 1:2 with lines # Blossom sprinkler -#set output '../result/blossom_sprinkler_incoming.eps' -set output '../result/blossom_sprinkler_incoming.png' +#set output '../result_ts/blossom_sprinkler_incoming.eps' +set output '../result_ts/blossom_sprinkler_timestamp_incoming.png' set title "Blossom Sprinkler Incoming Traffic" -plot "../result/blossom_sprinkler_incoming.dat" using 1:2 with lines -set output '../result/blossom_sprinkler_outgoing.png' +plot "../result_ts/blossom_sprinkler_incoming.dat" using 1:2 with lines +set output '../result_ts/blossom_sprinkler_timestamp_outgoing.png' set title "Blossom Sprinkler Outgoing Traffic" -plot "../result/blossom_sprinkler_outgoing.dat" using 1:2 with lines +plot "../result_ts/blossom_sprinkler_outgoing.dat" using 1:2 with lines # D-Link alarm -#set output '../result/dlink_alarm_incoming.eps' -set output '../result/dlink_alarm_incoming.png' +#set output '../result_ts/dlink_alarm_incoming.eps' +set output '../result_ts/dlink_alarm_timestamp_incoming.png' set title "D-Link Alarm Incoming Traffic" -plot "../result/dlink_alarm_incoming.dat" using 1:2 with lines -set output '../result/dlink_alarm_outgoing.png' +plot "../result_ts/dlink_alarm_incoming.dat" using 1:2 with lines +set output '../result_ts/dlink_alarm_timestamp_outgoing.png' set title "D-Link Alarm Outgoing Traffic" -plot "../result/dlink_alarm_outgoing.dat" using 1:2 with lines +plot "../result_ts/dlink_alarm_outgoing.dat" using 1:2 with lines # D-Link alarm -#set output '../result/dlink_alarm_incoming.eps' -set output '../result/dlink_alarm_incoming.png' +#set output '../result_ts/dlink_alarm_incoming.eps' +set output '../result_ts/dlink_alarm_timestamp_incoming.png' set title "D-Link Alarm Incoming Traffic" -plot "../result/dlink_alarm_incoming.dat" using 1:2 with lines -set output '../result/dlink_alarm_outgoing.png' +plot "../result_ts/dlink_alarm_incoming.dat" using 1:2 with lines +set output '../result_ts/dlink_alarm_timestamp_outgoing.png' set title "D-Link Alarm Outgoing Traffic" -plot "../result/dlink_alarm_outgoing.dat" using 1:2 with lines +plot "../result_ts/dlink_alarm_outgoing.dat" using 1:2 with lines # D-Link motion sensor -#set output '../result/dlink_motion_sensor_incoming.eps' -set output '../result/dlink_motion_sensor_incoming.png' +#set output '../result_ts/dlink_motion_sensor_incoming.eps' +set output '../result_ts/dlink_motion_sensor_timestamp_incoming.png' set title "D-Link Motion Sensor Incoming Traffic" -plot "../result/dlink_motion_sensor_incoming.dat" using 1:2 with lines -set output '../result/dlink_motion_sensor_outgoing.png' +plot "../result_ts/dlink_motion_sensor_incoming.dat" using 1:2 with lines +set output '../result_ts/dlink_motion_sensor_timestamp_outgoing.png' set title "D-Link Motion Sensor Outgoing" -plot "../result/dlink_motion_sensor_outgoing.dat" using 1:2 with lines +plot "../result_ts/dlink_motion_sensor_outgoing.dat" using 1:2 with lines # Nest Thermostat -#set output '../result/nest_thermostat_incoming.eps' -set output '../result/nest_thermostat_incoming.png' +#set output '../result_ts/nest_thermostat_incoming.eps' +set output '../result_ts/nest_thermostat_timestamp_incoming.png' set title "Nest Thermostat Incoming Traffic" -plot "../result/nest_thermostat_incoming.dat" using 1:2 with lines -set output '../result/nest_thermostat_outgoing.png' +plot "../result_ts/nest_thermostat_incoming.dat" using 1:2 with lines +set output '../result_ts/nest_thermostat_timestamp_outgoing.png' set title "Nest Thermostat Outgoing Traffic" -plot "../result/nest_thermostat_outgoing.dat" using 1:2 with lines +plot "../result_ts/nest_thermostat_outgoing.dat" using 1:2 with lines # Amazon Echo Dot -#set output '../result/amazon_echo_dot_incoming.eps' -set output '../result/amazon_echo_dot_incoming.png' +#set output '../result_ts/amazon_echo_dot_incoming.eps' +set output '../result_ts/amazon_echo_dot_timestamp_incoming.png' set title "Amazon Echo Dot Incoming Traffic" -plot "../result/amazon_echo_dot_incoming.dat" using 1:2 with lines -set output '../result/amazon_echo_dot_outgoing.png' +plot "../result_ts/amazon_echo_dot_incoming.dat" using 1:2 with lines +set output '../result_ts/amazon_echo_dot_timestamp_outgoing.png' set title "Amazon Echo Dot Outgoing Traffic" -plot "../result/amazon_echo_dot_outgoing.dat" using 1:2 with lines +plot "../result_ts/amazon_echo_dot_outgoing.dat" using 1:2 with lines # SmartThings hub -#set output '../result/smartthings_hub_incoming.eps' -set output '../result/smartthings_hub_incoming.png' +#set output '../result_ts/smartthings_hub_incoming.eps' +set output '../result_ts/smartthings_hub_timestamp_incoming.png' set title "SmartThings Hub Incoming Traffic" -plot "../result/smartthings_hub_incoming.dat" using 1:2 with lines -set output '../result/smartthings_hub_outgoing.png' +plot "../result_ts/smartthings_hub_incoming.dat" using 1:2 with lines +set output '../result_ts/smartthings_hub_timestamp_outgoing.png' set title "SmartThings Hub Outgoing Traffic" -plot "../result/smartthings_hub_outgoing.dat" using 1:2 with lines +plot "../result_ts/smartthings_hub_outgoing.dat" using 1:2 with lines diff --git a/run_scripts/ia_analysis_run.sh b/run_scripts/ia_analysis_run.sh index cc7ffc9..c40e40e 100755 --- a/run_scripts/ia_analysis_run.sh +++ b/run_scripts/ia_analysis_run.sh @@ -1,9 +1,10 @@ #!/bin/sh +# ia_analysis = inter-arrival time analysis # Check input arguments - we need 2 arguments if [ $# -ne 2 ] then - echo "Usage: ia_analysis_run.sh " + echo "Usage: ia_analysis_run.sh " exit 1 fi diff --git a/run_scripts/ps_analysis_run.sh b/run_scripts/ps_analysis_run.sh new file mode 100755 index 0000000..6aca3cc --- /dev/null +++ b/run_scripts/ps_analysis_run.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +# ps_analysis = packet size analysis +# Check input arguments - we need 2 arguments +if [ $# -ne 2 ] + then + echo "Usage: ia_analysis_run.sh " + exit 1 +fi + +# Check result folder and create one if it does not exist yet +[ -d $2 ] || mkdir $2 + +# Run the analysis +python ../parser/parse_packet_size.py $1 $2/wemo_switch WeMo_Switch 94:10:3e:36:60:09 +python ../parser/parse_packet_size.py $1 $2/wemo_insight WeMo_Insight 14:91:82:25:10:77 +python ../parser/parse_packet_size.py $1 $2/tplink_switch TPLink_Switch 50:c7:bf:33:1f:09 +python ../parser/parse_packet_size.py $1 $2/dlink_switch DLink_Switch 90:8d:78:e3:81:0c +python ../parser/parse_packet_size.py $1 $2/amcrest_camera Amcrest_Camera 3c:ef:8c:6f:79:5a +python ../parser/parse_packet_size.py $1 $2/netgear_arlo_camera Netgear_Arlo_Camera 40:5d:82:2f:50:2a +python ../parser/parse_packet_size.py $1 $2/lifx_lightbulb_1 Lifx_LightBulb_1 d0:73:d5:12:8e:30 +python ../parser/parse_packet_size.py $1 $2/lifx_lightbulb_2 Lifx_LightBulb_2 d0:73:d5:02:41:da +python ../parser/parse_packet_size.py $1 $2/philips_hue Philips_Hue 00:17:88:69:ee:e4 +python ../parser/parse_packet_size.py $1 $2/tplink_lightbulb TPLink_LightBulb 50:c7:bf:59:d5:84 +python ../parser/parse_packet_size.py $1 $2/nxeco_sprinkler Nxeco_Sprinkler ac:cf:23:5a:9c:e2 +python ../parser/parse_packet_size.py $1 $2/blossom_sprinkler Blossom_Sprinkler e4:95:6e:b0:20:39 +python ../parser/parse_packet_size.py $1 $2/dlink_alarm DLink_Alarm c4:12:f5:de:38:20 +python ../parser/parse_packet_size.py $1 $2/dlink_motion_sensor DLink_Motion_Sensor c4:12:f5:e3:dc:17 +python ../parser/parse_packet_size.py $1 $2/nest_thermostat Nest_Thermostat 18:b4:30:bf:34:7e +python ../parser/parse_packet_size.py $1 $2/amazon_echo_dot Amazon_Echo_Dot 68:37:e9:d2:26:0d +python ../parser/parse_packet_size.py $1 $2/smartthings_hub SmartThings_Hub d0:52:a8:a3:60:0f + diff --git a/run_scripts/tb_analysis_run.sh b/run_scripts/tb_analysis_run.sh new file mode 100755 index 0000000..0a04a8b --- /dev/null +++ b/run_scripts/tb_analysis_run.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +# tb_analysis = total bytes analysis +# Check input arguments - we need 2 arguments +if [ $# -ne 2 ] + then + echo "Usage: ia_analysis_run.sh " + exit 1 +fi + +# Check result folder and create one if it does not exist yet +[ -d $2 ] || mkdir $2 + +# Run the analysis +python ../parser/parse_packet_total_bytes.py $1 $2/wemo_switch WeMo_Switch 94:10:3e:36:60:09 +python ../parser/parse_packet_total_bytes.py $1 $2/wemo_insight WeMo_Insight 14:91:82:25:10:77 +python ../parser/parse_packet_total_bytes.py $1 $2/tplink_switch TPLink_Switch 50:c7:bf:33:1f:09 +python ../parser/parse_packet_total_bytes.py $1 $2/dlink_switch DLink_Switch 90:8d:78:e3:81:0c +python ../parser/parse_packet_total_bytes.py $1 $2/amcrest_camera Amcrest_Camera 3c:ef:8c:6f:79:5a +python ../parser/parse_packet_total_bytes.py $1 $2/netgear_arlo_camera Netgear_Arlo_Camera 40:5d:82:2f:50:2a +python ../parser/parse_packet_total_bytes.py $1 $2/lifx_lightbulb_1 Lifx_LightBulb_1 d0:73:d5:12:8e:30 +python ../parser/parse_packet_total_bytes.py $1 $2/lifx_lightbulb_2 Lifx_LightBulb_2 d0:73:d5:02:41:da +python ../parser/parse_packet_total_bytes.py $1 $2/philips_hue Philips_Hue 00:17:88:69:ee:e4 +python ../parser/parse_packet_total_bytes.py $1 $2/tplink_lightbulb TPLink_LightBulb 50:c7:bf:59:d5:84 +python ../parser/parse_packet_total_bytes.py $1 $2/nxeco_sprinkler Nxeco_Sprinkler ac:cf:23:5a:9c:e2 +python ../parser/parse_packet_total_bytes.py $1 $2/blossom_sprinkler Blossom_Sprinkler e4:95:6e:b0:20:39 +python ../parser/parse_packet_total_bytes.py $1 $2/dlink_alarm DLink_Alarm c4:12:f5:de:38:20 +python ../parser/parse_packet_total_bytes.py $1 $2/dlink_motion_sensor DLink_Motion_Sensor c4:12:f5:e3:dc:17 +python ../parser/parse_packet_total_bytes.py $1 $2/nest_thermostat Nest_Thermostat 18:b4:30:bf:34:7e +python ../parser/parse_packet_total_bytes.py $1 $2/amazon_echo_dot Amazon_Echo_Dot 68:37:e9:d2:26:0d +python ../parser/parse_packet_total_bytes.py $1 $2/smartthings_hub SmartThings_Hub d0:52:a8:a3:60:0f + diff --git a/run_scripts/ts_analysis_run.sh b/run_scripts/ts_analysis_run.sh index 1a57d4d..c448e16 100755 --- a/run_scripts/ts_analysis_run.sh +++ b/run_scripts/ts_analysis_run.sh @@ -1,9 +1,10 @@ #!/bin/sh +# ts_analysis = timestamp analysis # Check input arguments - we need 2 arguments if [ $# -ne 2 ] then - echo "Usage: ts_analysis_run.sh " + echo "Usage: ts_analysis_run.sh " exit 1 fi -- 2.34.1