clean comments

code/Attack/AttackParameters.py

@@ -20,13 +20,10 @@ class Parameter(Enum):
     # recommended type: Integer positive -------------------------
     PACKETS_LIMIT = 'packets.limit'
     NUMBER_ATTACKERS = 'attackers.count'
-
-    # Aidmar
-    # For DDoS
     ATTACK_DURATION = 'attack.duration' # in seconds
     VICTIM_BUFFER = 'victim.buffer' # in packets
-    # For Web app exploit
     TARGET_URI = 'target.uri'
+    # recommended type: domain -----------------------------------
     TARGET_HOST = 'target.host'
 
     # recommended type: Float ------------------------------------
@@ -54,6 +51,4 @@ class ParameterTypes(Enum):
     TYPE_BOOLEAN = 5
     TYPE_FLOAT = 6
     TYPE_PACKET_POSITION = 7  # used to derive timestamp from parameter INJECT_AFTER_PACKET
-
-    # Aidmar
     TYPE_DOMAIN = 8

code/Attack/BaseAttack.py

@@ -230,7 +230,6 @@ class BaseAttack(metaclass=ABCMeta):
         except ValueError:
             return False, value
 
-    # Aidmar
     @staticmethod
     def _is_domain(val: str):
         """
@@ -383,114 +382,6 @@ class BaseAttack(metaclass=ABCMeta):
 
         return destination
 
-    #########################################
-    # RANDOM IP/MAC ADDRESS GENERATORS
-    #########################################
-
-    @staticmethod
-    def generate_random_ipv4_address(ipClass, n: int = 1):
-        """
-        Generates n random IPv4 addresses.
-        :param n: The number of IP addresses to be generated
-        :return: A single IP address, or if n>1, a list of IP addresses
-        """
-
-        def is_invalid(ipAddress: ipaddress.IPv4Address):
-            return ipAddress.is_multicast or ipAddress.is_unspecified or ipAddress.is_loopback or \
-                   ipAddress.is_link_local or ipAddress.is_reserved or ipAddress.is_private
-
-        # Aidmar - generate a random IP from specific class
-        def generate_address(ipClass):
-            if ipClass == "Unknown":
-                return ipaddress.IPv4Address(random.randint(0, 2 ** 32 - 1))
-            else:
-                # For DDoS attack, we do not generate private IPs
-                if "private" in ipClass:
-                    ipClass = ipClass[0] # convert A-private to A
-                ipClassesByte1 = {"A": {1,126}, "B": {128,191}, "C":{192, 223}, "D":{224, 239}, "E":{240, 254}}
-                temp = list(ipClassesByte1[ipClass])
-                minB1 = temp[0]
-                maxB1 = temp[1]
-                b1 = random.randint(minB1, maxB1)
-                b2 = random.randint(1, 255)
-                b3 = random.randint(1, 255)
-                b4 = random.randint(1, 255)
-
-                ipAddress = ipaddress.IPv4Address(str(b1) +"."+ str(b2) + "." + str(b3) + "." + str(b4))
-
-            return ipAddress
-
-
-        ip_addresses = []
-        for i in range(0, n):
-            address = generate_address(ipClass)
-            while is_invalid(address):
-                address = generate_address(ipClass)
-            ip_addresses.append(str(address))
-
-        if n == 1:
-            return ip_addresses[0]
-        else:
-            return ip_addresses
-
-    @staticmethod
-    def generate_random_ipv6_address(n: int = 1):
-        """
-        Generates n random IPv6 addresses.
-        :param n: The number of IP addresses to be generated
-        :return: A single IP address, or if n>1, a list of IP addresses
-        """
-
-        def is_invalid(ipAddress: ipaddress.IPv6Address):
-            return ipAddress.is_multicast or ipAddress.is_unspecified or ipAddress.is_loopback or \
-                   ipAddress.is_link_local or ipAddress.is_private or ipAddress.is_reserved
-
-        def generate_address():
-            return ipaddress.IPv6Address(random.randint(0, 2 ** 128 - 1))
-
-        ip_addresses = []
-        for i in range(0, n):
-            address = generate_address()
-            while is_invalid(address):
-                address = generate_address()
-            ip_addresses.append(str(address))
-
-        if n == 1:
-            return ip_addresses[0]
-        else:
-            return ip_addresses
-
-    @staticmethod
-    def generate_random_mac_address(n: int = 1):
-        """
-        Generates n random MAC addresses.
-        :param n: The number of MAC addresses to be generated.
-        :return: A single MAC addres, or if n>1, a list of MAC addresses
-        """
-
-        def is_invalid(address: str):
-            first_octet = int(address[0:2], 16)
-            is_multicast_address = bool(first_octet & 0b01)
-            is_locally_administered = bool(first_octet & 0b10)
-            return is_multicast_address or is_locally_administered
-
-        def generate_address():
-            mac = [random.randint(0x00, 0xff) for i in range(0, 6)]
-            return ':'.join(map(lambda x: "%02x" % x, mac))
-
-        mac_addresses = []
-        for i in range(0, n):
-            address = generate_address()
-            while is_invalid(address):
-                address = generate_address()
-            mac_addresses.append(address)
-
-        if n == 1:
-            return mac_addresses[0]
-        else:
-            return mac_addresses
-
-    # Aidmar
     def get_reply_delay(self, ip_dst):
         """
            Gets the minimum and the maximum reply delay for all the connections of a specific IP.
@@ -513,7 +404,6 @@ class BaseAttack(metaclass=ABCMeta):
         maxDelay = int(maxDelay) * 10 ** -6
         return minDelay, maxDelay
 
-    # Group the packets in conversations
     def packetsToConvs(self,exploit_raw_packets):
         """
            Classifies a bunch of packets to conversations groups. A conversation is a set of packets go between host A (IP,port)
@@ -588,6 +478,11 @@ class BaseAttack(metaclass=ABCMeta):
 
 
     def get_inter_arrival_time_dist(self, packets):
+        """
+        Gets the inter-arrival time distribution of a set of packets.
+
+        :param packets: the packets to extract their inter-arrival time.
+        """
         timeSteps = []
         prvsPktTime = 0
         for index, pkt in enumerate(packets):
@@ -607,17 +502,138 @@ class BaseAttack(metaclass=ABCMeta):
         return dict
 
     def clean_white_spaces(self, str):
+        """
+        Delete extra backslash from white spaces. This function is used to process the payload of packets.
+
+        :param str: the payload to be processed.
+        """
         str = str.replace("\\n", "\n")
         str = str.replace("\\r", "\r")
         str = str.replace("\\t", "\t")
         str = str.replace("\\\'", "\'")
         return str
 
-    def modify_payload(self,str_tcp_seg, orig_target_uri, target_uri, orig_ip_dst, target_host):
+    def modify_http_header(self,str_tcp_seg, orig_target_uri, target_uri, orig_ip_dst, target_host):
+        """
+        Substitute the URI and HOST in a HTTP header with new values.
+
+        :param str_tcp_seg: the payload to be processed.
+        :param orig_target_uri: old URI
+        :param target_uri: new URI
+        :param orig_ip_dst: old host
+        :param target_host: new host
+        """
         if len(str_tcp_seg) > 0:
             # convert payload bytes to str => str = "b'..\\r\\n..'"
             str_tcp_seg = str_tcp_seg[2:-1]
             str_tcp_seg = str_tcp_seg.replace(orig_target_uri, target_uri)
             str_tcp_seg = str_tcp_seg.replace(orig_ip_dst, target_host)
             str_tcp_seg = self.clean_white_spaces(str_tcp_seg)
-        return str_tcp_seg
+        return str_tcp_seg
+
+
+    #########################################
+    # RANDOM IP/MAC ADDRESS GENERATORS
+    #########################################
+
+    @staticmethod
+    def generate_random_ipv4_address(ipClass, n: int = 1):
+        """
+        Generates n random IPv4 addresses.
+        :param n: The number of IP addresses to be generated
+        :return: A single IP address, or if n>1, a list of IP addresses
+        """
+
+        def is_invalid(ipAddress: ipaddress.IPv4Address):
+            return ipAddress.is_multicast or ipAddress.is_unspecified or ipAddress.is_loopback or \
+                   ipAddress.is_link_local or ipAddress.is_reserved or ipAddress.is_private
+
+        # Generate a random IP from specific class
+        def generate_address(ipClass):
+            if ipClass == "Unknown":
+                return ipaddress.IPv4Address(random.randint(0, 2 ** 32 - 1))
+            else:
+                # For DDoS attack, we do not generate private IPs
+                if "private" in ipClass:
+                    ipClass = ipClass[0] # convert A-private to A
+                ipClassesByte1 = {"A": {1,126}, "B": {128,191}, "C":{192, 223}, "D":{224, 239}, "E":{240, 254}}
+                temp = list(ipClassesByte1[ipClass])
+                minB1 = temp[0]
+                maxB1 = temp[1]
+                b1 = random.randint(minB1, maxB1)
+                b2 = random.randint(1, 255)
+                b3 = random.randint(1, 255)
+                b4 = random.randint(1, 255)
+
+                ipAddress = ipaddress.IPv4Address(str(b1) +"."+ str(b2) + "." + str(b3) + "." + str(b4))
+
+            return ipAddress
+
+        ip_addresses = []
+        for i in range(0, n):
+            address = generate_address(ipClass)
+            while is_invalid(address):
+                address = generate_address(ipClass)
+            ip_addresses.append(str(address))
+
+        if n == 1:
+            return ip_addresses[0]
+        else:
+            return ip_addresses
+
+    @staticmethod
+    def generate_random_ipv6_address(n: int = 1):
+        """
+        Generates n random IPv6 addresses.
+        :param n: The number of IP addresses to be generated
+        :return: A single IP address, or if n>1, a list of IP addresses
+        """
+
+        def is_invalid(ipAddress: ipaddress.IPv6Address):
+            return ipAddress.is_multicast or ipAddress.is_unspecified or ipAddress.is_loopback or \
+                   ipAddress.is_link_local or ipAddress.is_private or ipAddress.is_reserved
+
+        def generate_address():
+            return ipaddress.IPv6Address(random.randint(0, 2 ** 128 - 1))
+
+        ip_addresses = []
+        for i in range(0, n):
+            address = generate_address()
+            while is_invalid(address):
+                address = generate_address()
+            ip_addresses.append(str(address))
+
+        if n == 1:
+            return ip_addresses[0]
+        else:
+            return ip_addresses
+
+    @staticmethod
+    def generate_random_mac_address(n: int = 1):
+        """
+        Generates n random MAC addresses.
+        :param n: The number of MAC addresses to be generated.
+        :return: A single MAC addres, or if n>1, a list of MAC addresses
+        """
+
+        def is_invalid(address: str):
+            first_octet = int(address[0:2], 16)
+            is_multicast_address = bool(first_octet & 0b01)
+            is_locally_administered = bool(first_octet & 0b10)
+            return is_multicast_address or is_locally_administered
+
+        def generate_address():
+            mac = [random.randint(0x00, 0xff) for i in range(0, 6)]
+            return ':'.join(map(lambda x: "%02x" % x, mac))
+
+        mac_addresses = []
+        for i in range(0, n):
+            address = generate_address()
+            while is_invalid(address):
+                address = generate_address()
+            mac_addresses.append(address)
+
+        if n == 1:
+            return mac_addresses[0]
+        else:
+            return mac_addresses

code/Attack/DDoSAttack.py

@@ -176,7 +176,6 @@ class DDoSAttack(BaseAttack.BaseAttack):
         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
         ip_destination = self.get_param_value(Param.IP_DESTINATION)
 
-
         most_used_ip_address = self.statistics.get_most_used_ip_address()
         pps = self.get_param_value(Param.PACKETS_PER_SECOND)
         if pps == 0:
@@ -194,7 +193,6 @@ class DDoSAttack(BaseAttack.BaseAttack):
         # Check ip.src == ip.dst
         self.ip_src_dst_equal_check(ip_source_list, ip_destination)
 
-        # Aidmar
         port_destination = self.get_param_value(Param.PORT_DESTINATION)
         if not port_destination:  # user did not define port_dest
             port_destination = self.statistics.process_db_query(
@@ -214,12 +212,10 @@ class DDoSAttack(BaseAttack.BaseAttack):
 
         path_attack_pcap = None
 
-        # Aidmar
         timestamp_prv_reply, timestamp_confirm = 0, 0
         minDelay, maxDelay = self.get_reply_delay(ip_destination)
         victim_buffer = self.get_param_value(Param.VICTIM_BUFFER)
 
-        # Aidmar
         pkts_num = self.get_param_value(Param.PACKETS_LIMIT)
         if pkts_num == 0:
             attack_duration = self.get_param_value(Param.ATTACK_DURATION)
@@ -242,7 +238,7 @@ class DDoSAttack(BaseAttack.BaseAttack):
 
         replies_count = 0
 
-        # Aidmar
+        # For each attacker, generate his own packets, then merge all packets
         for attacker in range(num_attackers):
             # Timestamp
             timestamp_next_pkt = self.get_param_value(Param.INJECT_AT_TIMESTAMP)
@@ -256,8 +252,7 @@ class DDoSAttack(BaseAttack.BaseAttack):
                 (port_source, ttl_value) = get_attacker_config(ip_source)
                 request_ether = Ether(dst=mac_destination, src=mac_source)
                 request_ip = IP(src=ip_source, dst=ip_destination, ttl=ttl_value)
-                # Aidmar - random win size for each packet
-                # request_tcp = TCP(sport=port_source, dport=port_destination, flags='S', ack=0)
+                # Random win size for each packet
                 source_win_size = choice(source_win_sizes)
                 request_tcp = TCP(sport=port_source, dport=port_destination, flags='S', ack=0, window=source_win_size)
 
@@ -267,7 +262,6 @@ class DDoSAttack(BaseAttack.BaseAttack):
                 packets.append(request)
 
                 # Build reply package
-                # Aidmar
                 if replies_count <= victim_buffer:
                     reply_ether = Ether(src=mac_destination, dst=mac_source)
                     reply_ip = IP(src=ip_destination, dst=ip_source, flags='DF')
@@ -302,6 +296,6 @@ class DDoSAttack(BaseAttack.BaseAttack):
         # Store timestamp of last packet
         self.attack_end_utime = last_packet.time
 
-        # return packets sorted by packet time_sec_start
+        # Return packets sorted by packet time_sec_start
         # pkt_num+1: because pkt_num starts at 0
         return pkt_num + 1, path_attack_pcap

code/Attack/EternalBlueExploit.py

@@ -107,11 +107,10 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
         ip_destination = self.get_param_value(Param.IP_DESTINATION)
 
-        # check ip.src == ip.dst
+        # Check ip.src == ip.dst
         self.ip_src_dst_equal_check(ip_source, ip_destination)
 
         path_attack_pcap = None
-        minDelay, maxDelay = self.get_reply_delay(ip_destination)
 
         # Set TTL based on TTL distribution of IP address
         source_ttl_dist = self.statistics.get_ttl_distribution(ip_source)
@@ -214,8 +213,6 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                         if tcp_pkt.getfieldval("dport") == self.smb_port:
                             orig_ip_dst = ip_pkt.getfieldval("dst")
 
-                    # defining req/rep should be adapted to fit the last converstaion where
-                    # victim starts a connection with the attacker
                     # Request
                     if ip_pkt.getfieldval("dst") == orig_ip_dst: # victim IP
                         # Ether

code/Attack/JoomlaRegPrivExploit.py

@@ -65,8 +65,8 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
                              (self.statistics.get_pps_sent(most_used_ip_address) +
                               self.statistics.get_pps_received(most_used_ip_address)) / 2)
 
-        # victim configuration
-        # consider that the destination has port 80 opened
+        # Victim configuration
+        # Consider that the destination has port 80 opened
         random_ip_address = self.statistics.get_random_ip_address()
         self.add_param_value(Param.IP_DESTINATION, random_ip_address)
 
@@ -190,7 +190,7 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
                 # TCP
                 tcp_pkt.setfieldval("sport",port_source)
 
-                str_tcp_seg = self.modify_payload(str_tcp_seg, '/joomla360', target_uri, orig_ip_dst, target_host)
+                str_tcp_seg = self.modify_http_header(str_tcp_seg, '/joomla360', target_uri, orig_ip_dst, target_host)
 
                 # TCP Seq, Ack
                 if tcp_pkt.getfieldval("ack") != 0:
@@ -217,7 +217,7 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
                 # TCP
                 tcp_pkt.setfieldval("dport", port_source)
 
-                str_tcp_seg = self.modify_payload(str_tcp_seg, '/joomla360', target_uri, orig_ip_dst, target_host)
+                str_tcp_seg = self.modify_http_header(str_tcp_seg, '/joomla360', target_uri, orig_ip_dst, target_host)
 
                 # TCP Seq, ACK
                 tcp_pkt.setfieldval("ack", attacker_seq)

code/Attack/PortscanAttack.py

@@ -12,7 +12,6 @@ from Attack.AttackParameters import ParameterTypes
 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
 # noinspection PyPep8
 from scapy.layers.inet import IP, Ether, TCP
-import numpy as np
 
 class PortscanAttack(BaseAttack.BaseAttack):
 
@@ -72,7 +71,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
             destination_mac = self.generate_random_mac_address()
         self.add_param_value(Param.MAC_DESTINATION, destination_mac)
         self.add_param_value(Param.PORT_DESTINATION, self.get_ports_from_nmap_service_dst(1000))
-        # Temporal value to be changed later accordint to the destination host open ports
         self.add_param_value(Param.PORT_OPEN, '1')
         self.add_param_value(Param.PORT_DEST_SHUFFLE, 'False')
         self.add_param_value(Param.PORT_DEST_ORDER_DESC, 'False')
@@ -83,7 +81,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
                               self.statistics.get_pps_received(most_used_ip_address)) / 2)
         self.add_param_value(Param.INJECT_AFTER_PACKET, randint(0, self.statistics.get_packet_count()))
 
-    # Aidmar
     def get_ports_from_nmap_service_dst(self, ports_num):
         """
         Read the most ports_num frequently open ports from nmap-service-tcp file to be used in the port scan.
@@ -127,7 +124,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
                 randomdelay = Lea.fromValFreqsDict({2*delay: 70, 3*delay: 20, 5*delay: 7, 10*delay: 3})
                 return timestamp + uniform(1 / pps + delay,  1 / pps + randomdelay.random())
 
-        # Aidmar
         def getIntervalPPS(complement_interval_pps, timestamp):
             """
             Gets the packet rate (pps) for a specific time interval.
@@ -145,7 +141,7 @@ class PortscanAttack(BaseAttack.BaseAttack):
         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
         pps = self.get_param_value(Param.PACKETS_PER_SECOND)
 
-        # Aidmar - calculate complement packet rates of the background traffic for each interval
+        # Calculate complement packet rates of the background traffic for each interval
         complement_interval_pps = self.statistics.calculate_complement_packet_rates(pps)
 
         # Determine ports
@@ -170,10 +166,9 @@ class PortscanAttack(BaseAttack.BaseAttack):
         ip_source = self.get_param_value(Param.IP_SOURCE)
         ip_destination = self.get_param_value(Param.IP_DESTINATION)
 
-        # Aidmar - check ip.src == ip.dst
+        # Check ip.src == ip.dst
         self.ip_src_dst_equal_check(ip_source, ip_destination)
 
-        # Aidmar
         # Select open ports
         ports_open = self.get_param_value(Param.PORT_OPEN)
         if ports_open == 1:  # user did not specify open ports
@@ -189,7 +184,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
         if not isinstance(ports_open, list):
             ports_open = [ports_open]
 
-        # Aidmar
         # Set MSS (Maximum Segment Size) based on MSS distribution of IP address
         source_mss_dist = self.statistics.get_mss_distribution(ip_source)
         if len(source_mss_dist) > 0:
@@ -218,7 +212,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
         else:
             destination_ttl_value = self.statistics.process_db_query("most_used(ttlValue)")
 
-        # Aidmar
         # Set Window Size based on Window Size distribution of IP address
         source_win_dist = self.statistics.get_win_distribution(ip_source)
         if len(source_win_dist) > 0:
@@ -233,7 +226,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
         else:
             destination_win_value = self.statistics.process_db_query("most_used(winSize)")
 
-        # Aidmar
         minDelay,maxDelay = self.get_reply_delay(ip_destination)
 
         for dport in dest_ports:
@@ -245,7 +237,7 @@ class PortscanAttack(BaseAttack.BaseAttack):
             request_ether = Ether(src=mac_source, dst=mac_destination)
             request_ip = IP(src=ip_source, dst=ip_destination, ttl=source_ttl_value)
 
-            # Aidmar - random src port for each packet
+            # Random src port for each packet
             sport = randint(1, 65535)
 
             request_tcp = TCP(sport=sport, dport=dport,  window= source_win_value, flags='S', options=[('MSS', source_mss_value)])
@@ -284,7 +276,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
                 # else: destination port is NOT OPEN -> no reply is sent by target
 
-            # Aidmar
             pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt),10)
             timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps)
 

code/Attack/SQLiAttack.py

@@ -86,7 +86,6 @@ class SQLiAttack(BaseAttack.BaseAttack):
             randomdelay = Lea.fromValFreqsDict({1 / pps: 70, 2 / pps: 20, 5 / pps: 7, 10 / pps: 3})
             return timestamp + uniform(1 / pps, randomdelay.random())
 
-        # Aidmar
         def getIntervalPPS(complement_interval_pps, timestamp):
             """
             Gets the packet rate (pps) in specific time interval.
@@ -190,7 +189,7 @@ class SQLiAttack(BaseAttack.BaseAttack):
                     # TCP
                     tcp_pkt.setfieldval("sport",port_source)
 
-                    str_tcp_seg = self.modify_payload(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
+                    str_tcp_seg = self.modify_http_header(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
 
                     # TCP Seq, Ack
                     if tcp_pkt.getfieldval("ack") != 0:
@@ -217,7 +216,7 @@ class SQLiAttack(BaseAttack.BaseAttack):
                     # TCP
                     tcp_pkt.setfieldval("dport", port_source)
 
-                    str_tcp_seg = self.modify_payload(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
+                    str_tcp_seg = self.modify_http_header(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
 
                     # TCP Seq, ACK
                     tcp_pkt.setfieldval("ack", attacker_seq)
@@ -251,7 +250,7 @@ class SQLiAttack(BaseAttack.BaseAttack):
                     # TCP
                     #tcp_pkt.setfieldval("sport", port_source)
 
-                    str_tcp_seg = self.modify_payload(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
+                    str_tcp_seg = self.modify_http_header(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
 
                     # TCP Seq, Ack
                     if tcp_pkt.getfieldval("ack") != 0:
@@ -278,7 +277,7 @@ class SQLiAttack(BaseAttack.BaseAttack):
                     # TCP
                     #tcp_pkt.setfieldval("dport", port_source)
 
-                    str_tcp_seg = self.modify_payload(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
+                    str_tcp_seg = self.modify_http_header(str_tcp_seg, '/ATutor', target_uri, orig_ip_dst, target_host)
 
                     # TCP Seq, ACK
                     tcp_pkt.setfieldval("ack", attacker_seq)

code/ID2TLib/Statistics.py

@@ -718,7 +718,7 @@ class Statistics:
             plt.savefig(out, dpi=500)
             return out
 
-        # Aidmar - This distribution is not drawable for big datasets
+        # This distribution is not drawable for big datasets
         def plot_ip_dst(file_ending: str):
             plt.gcf().clear()
             result = self.stats_db._process_user_defined_query(
@@ -749,7 +749,6 @@ class Statistics:
             plt.savefig(out, dpi=500)
             return out
 
-        # Aidmar
         def plot_interval_pktCount(file_ending: str):
             plt.gcf().clear()
             result = self.stats_db._process_user_defined_query(
@@ -780,8 +779,6 @@ class Statistics:
             plt.savefig(out, dpi=500)
             return out
 
-
-        # Aidmar
         def plot_interval_ip_src_ent(file_ending: str):
             plt.gcf().clear()
             result = self.stats_db._process_user_defined_query(

code/ID2TLib/StatsDatabase.py

@@ -173,12 +173,10 @@ class StatsDatabase:
             "most_used.macaddress": "SELECT * FROM (SELECT macAddress, COUNT(*) as occ from ip_mac GROUP BY macAddress ORDER BY occ DESC) WHERE occ=(SELECT COUNT(*) as occ from ip_mac GROUP BY macAddress ORDER BY occ DESC LIMIT 1)",
             "most_used.portnumber": "SELECT portNumber, COUNT(portNumber) as cntPort FROM ip_ports GROUP BY portNumber HAVING cntPort=(SELECT MAX(cntPort) from (SELECT portNumber, COUNT(portNumber) as cntPort FROM ip_ports GROUP BY portNumber))",
             "most_used.protocolname": "SELECT protocolName, COUNT(protocolCount) as countProtocols FROM ip_protocols GROUP BY protocolName HAVING countProtocols=(SELECT COUNT(protocolCount) as cnt FROM ip_protocols GROUP BY protocolName ORDER BY cnt DESC LIMIT 1)",
-            # Aidmar
             "most_used.ttlvalue": "SELECT ttlValue FROM ip_ttl GROUP BY ttlValue ORDER BY SUM(ttlCount) DESC LIMIT 1",
             "most_used.mssvalue": "SELECT mssValue FROM tcp_mss GROUP BY mssValue ORDER BY SUM(mssCount) DESC LIMIT 1",
             "most_used.winsize": "SELECT winSize FROM tcp_win GROUP BY winSize ORDER BY SUM(winCount) DESC LIMIT 1",
             "most_used.ipclass": "SELECT ipClass FROM ip_statistics GROUP BY ipClass ORDER BY COUNT(*) DESC LIMIT 1",
-
             "least_used.ipaddress": "SELECT ipAddress FROM ip_statistics WHERE (pktsSent+pktsReceived) == (SELECT MIN(pktsSent+pktsReceived) from ip_statistics)",
             "least_used.macaddress": "SELECT * FROM (SELECT macAddress, COUNT(*) as occ from ip_mac GROUP BY macAddress ORDER BY occ ASC) WHERE occ=(SELECT COUNT(*) as occ from ip_mac GROUP BY macAddress ORDER BY occ ASC LIMIT 1)",
             "least_used.portnumber": "SELECT portNumber, COUNT(portNumber) as cntPort FROM ip_ports GROUP BY portNumber HAVING cntPort=(SELECT MIN(cntPort) from (SELECT portNumber, COUNT(portNumber) as cntPort FROM ip_ports GROUP BY portNumber))",