Merge branch 'test_improvements' of stefan.schmidt/ID2T-toolkit into master

code/Attack/MembersMgmtCommAttack.py

@@ -8,71 +8,13 @@ import os
 import sys
 
 import ID2TLib.Botnet.libbotnetcomm as lb
+import ID2TLib.Botnet.Message as Bmsg
 from Attack import BaseAttack
 from Attack.AttackParameters import Parameter as Param
 from Attack.AttackParameters import ParameterTypes
 from ID2TLib.Ports import PortSelectors
 import ID2TLib.Utility as Util
 
-class MessageType(Enum):
-    """
-    Defines possible botnet message types
-    """
-
-    TIMEOUT = 3
-    SALITY_NL_REQUEST = 101
-    SALITY_NL_REPLY = 102
-    SALITY_HELLO = 103
-    SALITY_HELLO_REPLY = 104
-
-    def is_request(mtype):
-        """
-        Checks whether the given message type is a request or not.
-        :param mtype: the message type to check
-        :return: True if it is a request, False otherwise
-        """
-        return mtype in {MessageType.SALITY_HELLO, MessageType.SALITY_NL_REQUEST}
-
-    def is_response(mtype):
-        """
-        Checks whether the given message type is a response or not.
-        :param mtype: the message type to check
-        :return: True if it is a response, False otherwise
-        """
-        return mtype in {MessageType.SALITY_HELLO_REPLY, MessageType.SALITY_NL_REPLY}
-
-class Message():
-    INVALID_LINENO = -1
-
-    """
-    Defines a compact message type that contains all necessary information.
-    """
-    def __init__(self, msg_id: int, src, dst, type_: MessageType, time: float, refer_msg_id: int=-1, line_no = -1):
-        """
-        Constructs a message with the given parameters.
-
-        :param msg_id: the ID of the message
-        :param src: something identifiying the source, e.g. ID or configuration
-        :param dst: something identifiying the destination, e.g. ID or configuration
-        :param type_: the type of the message
-        :param time: the timestamp of the message
-        :param refer_msg_id: the ID this message is a request for or reply to. -1 if there is no related message.
-        :param line_no: The line number this message appeared at in the original CSV file
-        """
-        self.msg_id = msg_id
-        self.src = src
-        self.dst = dst
-        self.type = type_
-        self.time = time
-        self.csv_time = time
-        self.refer_msg_id = refer_msg_id
-        self.line_no = line_no
-
-    def __str__(self):
-        str_ = "{0}. at {1}: {2}-->{3}, {4}, refer:{5} (line {6})".format(self.msg_id, self.time, self.src, self.dst, self.type, self.refer_msg_id, self.line_no)
-        return str_
-
-
 from ID2TLib import FileUtils, Generator
 from ID2TLib.IPv4 import IPAddress
 from ID2TLib.PcapAddressOperations import PcapAddressOperations
@@ -139,7 +81,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
 
         # create dict with MessageType values for fast name lookup
         self.msg_types = {}
-        for msg_type in MessageType:
+        for msg_type in Bmsg.MessageType:
             self.msg_types[msg_type.value] = msg_type
 
     def init_params(self):
@@ -151,7 +93,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
         :param statistics: Reference to a statistics object.
         """
         # set class constants
-        self.DEFAULT_XML_PATH = "resources/Botnet/MembersMgmtComm_example.xml"
+        self.DEFAULT_XML_PATH = Util.RESOURCE_DIR + "Botnet/MembersMgmtComm_example.xml"
 
         # PARAMETERS: initialize with default values
         # (values are overwritten if user specifies them)
@@ -188,7 +130,8 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
     def generate_attack_pcap(self):
         """
         Injects the packets of this attack into a PCAP and stores it as a temporary file.
-        :return: a tuple of the number packets injected and the path to the temporary attack PCAP
+        :return: a tuple of the number packets injected, the path to the temporary attack PCAP
+        and a list of additionally created files
         """
 
         # create the final messages that have to be sent, including all bot configurations
@@ -233,7 +176,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
 
             # if the type of the message is a NL reply, determine the number of entries
             nl_size = 0
-            if msg.type == MessageType.SALITY_NL_REPLY:
+            if msg.type == Bmsg.MessageType.SALITY_NL_REPLY:
                 nl_size = randint(1, 25)    # what is max NL entries?
 
             # create suitable IP/UDP packet and add to packets list
@@ -289,15 +232,14 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
 
         # write the mapping to a file
         current_ts = datetime.now().strftime("%Y%m%d-%H%M%S")
-        mapping_filename = "mapping_" + current_ts 
+        mapping_filename = "mapping_" + current_ts + ".xml"
         msg_packet_mapping.write_to_file(mapping_filename)
-        Util.MISC_OUT_FILES["mapping.xml"] = mapping_filename
 
         # Store timestamp of last packet
         self.attack_end_utime = last_packet.time
 
         # Return packets sorted by packet by timestamp and total number of packets (sent)
-        return total_pkts , path_attack_pcap
+        return total_pkts , path_attack_pcap, [mapping_filename]
 
 
     def generate_attack_packets(self):
@@ -505,7 +447,6 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
                 print("Writing corresponding XML file...", end=" ")
                 sys.stdout.flush()
             filepath_xml = cpp_comm_proc.write_xml(Util.OUT_DIR, filename)
-            Util.MISC_OUT_FILES[filepath_xml] = None
             if print_updates: print("done.")
         else:
             filesize = os.path.getsize(filepath_xml) / 2**20  # get filesize in MB
@@ -603,7 +544,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
         assign_realistic_timestamps(messages, external_ids, local_ids, avg_delay_local, avg_delay_external, zero_reference)
 
         portSelector = PortSelectors.LINUX
-        reserved_ports = set(int(line.strip()) for line in open("resources/reserved_ports.txt").readlines())
+        reserved_ports = set(int(line.strip()) for line in open(Util.RESOURCE_DIR + "reserved_ports.txt").readlines())
         def filter_reserved(get_port):
             port = get_port()
             while port in reserved_ports:

code/Core/AttackController.py

@@ -29,6 +29,7 @@ class AttackController:
         self.added_attacks = []
         self.seed = None
         self.total_packets = 0
+        self.additional_files = []
 
     def set_seed(self, seed: int) -> None:
         """
@@ -176,7 +177,12 @@ class AttackController:
         if time:
             self.current_attack.set_finish_time()
         duration = self.current_attack.get_packet_generation_time()
-        self.total_packets, temp_attack_pcap_path = self.current_attack.generate_attack_pcap()
+        attack_result = self.current_attack.generate_attack_pcap()
+        self.total_packets = attack_result[0]
+        temp_attack_pcap_path = attack_result[1]
+        if len(attack_result) == 3:
+            # Extract the list of additional files, if available
+            self.additional_files += attack_result[2]
         print("done. (total: " + str(self.total_packets) + " pkts", end="")
         if time:
             print(" in ", duration, " seconds", end="")

code/Core/Controller.py

@@ -32,6 +32,7 @@ class Controller:
         self.seed = None
         self.durations = []
         self.added_packets = 0
+        self.created_files = []
         self.debug = debug
 
         # Initialize class instances
@@ -136,17 +137,14 @@ class Controller:
 
             os.rename(self.pcap_dest_path, result_path)
             self.pcap_dest_path = result_path
-            created_files = [self.pcap_dest_path]
+            self.created_files = [self.pcap_dest_path]
 
             # process/move other created files
-            pcap_root = os.path.splitext(self.pcap_dest_path)[0]
-            for k, v in Util.MISC_OUT_FILES.items():
-                if v is None:
-                    created_files.append(k)
-                else:
-                    outpath = pcap_root + "_" + k
-                    os.rename(v, outpath)
-                    created_files.append(outpath)
+            pcap_basename = os.path.splitext(self.pcap_dest_path)[0]
+            for x in self.attack_controller.additional_files:
+                outpath = pcap_basename + "_" + x
+                os.rename(x, outpath)
+                self.created_files.append(outpath)
 
             print("done.")
 
@@ -161,11 +159,11 @@ class Controller:
 
             # write label file with attacks
             self.label_manager.write_label_file(self.pcap_dest_path)
-            created_files.insert(1, self.label_manager.label_file_path)
+            self.created_files.insert(1, self.label_manager.label_file_path)
 
             # print status message
             print('\nOutput files created:')
-            for filepath in created_files:
+            for filepath in self.created_files:
                 print(filepath)
         else:
             print("done.")

code/ID2TLib/Botnet/CommunicationProcessor.py

@@ -1,7 +1,7 @@
 from lea import Lea
 from random import randrange
-from Attack.MembersMgmtCommAttack import MessageType
-from Attack.MembersMgmtCommAttack import Message
+from ID2TLib.Botnet.Message import Message
+from ID2TLib.Botnet.Message import MessageType
 
 
 class CommunicationProcessor:

code/ID2TLib/Botnet/Message.py

@@ -0,0 +1,61 @@
+from enum import Enum
+
+
+class MessageType(Enum):
+    """
+    Defines possible botnet message types
+    """
+
+    TIMEOUT = 3
+    SALITY_NL_REQUEST = 101
+    SALITY_NL_REPLY = 102
+    SALITY_HELLO = 103
+    SALITY_HELLO_REPLY = 104
+
+    def is_request(self):
+        """
+        Checks whether the given message type is a request or not.
+        :return: True if it is a request, False otherwise
+        """
+        return self in [MessageType.SALITY_HELLO, MessageType.SALITY_NL_REQUEST]
+
+    def is_response(self):
+        """
+        Checks whether the given message type is a response or not.
+        :return: True if it is a response, False otherwise
+        """
+        return self in [MessageType.SALITY_HELLO_REPLY, MessageType.SALITY_NL_REPLY]
+
+
+class Message:
+    INVALID_LINENO = -1
+
+    """
+    Defines a compact message type that contains all necessary information.
+    """
+
+    def __init__(self, msg_id: int, src, dst, type_: MessageType, time: float, refer_msg_id: int = -1, line_no=-1):
+        """
+        Constructs a message with the given parameters.
+
+        :param msg_id: the ID of the message
+        :param src: something identifying the source, e.g. ID or configuration
+        :param dst: something identifying the destination, e.g. ID or configuration
+        :param type_: the type of the message
+        :param time: the timestamp of the message
+        :param refer_msg_id: the ID this message is a request for or reply to. -1 if there is no related message.
+        :param line_no: The line number this message appeared at in the original CSV file
+        """
+        self.msg_id = msg_id
+        self.src = src
+        self.dst = dst
+        self.type = type_
+        self.time = time
+        self.csv_time = time
+        self.refer_msg_id = refer_msg_id
+        self.line_no = line_no
+
+    def __str__(self):
+        str_ = "{0}. at {1}: {2}-->{3}, {4}, refer:{5} (line {6})".format(self.msg_id, self.time, self.src, self.dst,
+                                                                          self.type, self.refer_msg_id, self.line_no)
+        return str_

code/ID2TLib/Generator.py

@@ -8,7 +8,7 @@ from numpy.random import bytes
 from random import getrandbits
 from scapy.layers.inet import IP, Ether, UDP, TCP
 from scapy.packet import Raw
-from Attack.MembersMgmtCommAttack import MessageType
+from ID2TLib.Botnet.Message import MessageType
 from . import IPv4 as ip
 
 

code/ID2TLib/TestLibrary.py

@@ -41,8 +41,8 @@ def clean_up(controller):
 
     :param controller: controller which created output files
     """
-    os.remove(controller.pcap_dest_path)
-    os.remove(controller.label_manager.label_file_path)
+    for file in controller.created_files:
+        os.remove(file)
 
 
 def rename_test_result_files(controller, caller_function: str, attack_sub_dir=False, test_sub_dir=False):

code/ID2TLib/Utility.py

@@ -18,7 +18,6 @@ ROOT_DIR = CODE_DIR + "../"
 RESOURCE_DIR = ROOT_DIR + "resources/"
 TEST_DIR = RESOURCE_DIR + "test/"
 OUT_DIR = None
-MISC_OUT_FILES = {}
 
 # List of common operation systems
 platforms = {"win7", "win10", "winxp", "win8.1", "macos", "linux", "win8", "winvista", "winnt", "win2000"}

code/Test/TestUtil.py

@@ -1,187 +0,0 @@
-#!/usr/bin/python3
-
-import scapy.main
-
-# This import is needed, otherwise scapy throws warnings. When reading a pcap scapy will not
-# find the layer-type 1 (ethernet) because it has not been loaded at the time. To circumvent
-# this we explicitely load the ethernet-type here.
-# For the curious guys and gals, the exact error message is:
-# "RawPcapReader: unknown LL type [%i]/[%#x]. Using Raw packets" % the_missing_ll_number
-# If the same problems happens with other ll-types feel free to load ALL imaginable layers
-# with the following line.
-# import scapy.layers.all
-import scapy.layers.l2
-
-import scapy.packet
-import scapy.utils
-import shlex
-import subprocess
-import os
-
-
-# You could compare pcaps by byte or by hash too, but this class tells you
-# where exactly pcaps differ
-class PcapComparator:
-    def compare_files(self, file: str, other_file: str):
-        self.compare_captures(scapy.utils.rdpcap(file), scapy.utils.rdpcap(other_file))
-
-    def compare_captures(self, packetsA, packetsB):
-        if len(packetsA) != len(packetsB):
-            self.fail("Both pcaps have to have the same amount of packets")
-
-        for i in range(len(packetsA)):
-            p, p2 = packetsA[i], packetsB[i]
-
-            if abs(p.time - p2.time) > (10 ** -7):
-                self.fail("Packets no %i in the pcaps don't appear at the same time" % (i + 1))
-            self.compare_packets(p, p2, i + 1)
-
-    def compare_packets(self, p: scapy.packet.BasePacket, p2: scapy.packet.BasePacket, packet_number: int):
-        if p == p2:
-            return
-
-        while type(p) != scapy.packet.NoPayload or type(p2) != scapy.packet.NoPayload:
-            if type(p) != type(p2):
-                self.fail("Packets %i are of incompatible types: %s and %s" % (packet_number, type(p).__name__, type(p2).__name__))
-
-            for field in p.fields:
-                if p.fields[field] != p2.fields[field]:
-                    packet_type = type(p).__name__
-                    v, v2 = p.fields[field], p2.fields[field]
-
-                    self.fail("Packets %i differ in field %s.%s: %s != %s" %
-                                (packet_number, packet_type, field, v, v2))
-
-            p = p.payload
-            p2 = p2.payload
-
-    def fail(self, message: str):
-        raise AssertionError(message)
-
-
-class ID2TExecution:
-    ID2T_PATH = ".."
-    ID2T_LOCATION = ID2T_PATH + "/" + "id2t"
-
-    OUTPUT_FILES_PREFIX_LINE = "Output files created:"
-
-    def __init__(self, input_filename, id2t_path=ID2T_LOCATION, seed=None):
-        self.input_file = input_filename
-        self.seed = str(seed)
-        self.id2t_path = id2t_path
-
-        self.generated_files = [] # files generated by id2t
-        self.keep_files = []
-        self.return_code = None
-        self.id2t_output = None
-
-    def has_run(self):
-        return self.return_code is not None
-
-    def run(self, parameters):
-        if self.has_run():
-            raise RuntimeError("This instance has already run and can't do it again")
-
-        command = self.get_run_command(parameters)
-        return_code, output = subprocess.getstatusoutput(command)
-        self.return_code = return_code
-        self.id2t_output = output
-
-        self.generated_files = self._parse_files(output)
-
-    def get_run_command(self, parameters):
-        command_args = [self.id2t_path, "-i", self.input_file]
-        if self.seed is not None:
-            command_args.extend(["-S", self.seed])
-        command_args.extend(["-a", "MembersMgmtCommAttack"])
-        command_args.extend(parameters)
-
-        return " ".join(map(shlex.quote, command_args))
-
-    def _parse_files(self, program_output: str) -> "list[str]":
-        lines = program_output.split(os.linesep)
-
-        if self.OUTPUT_FILES_PREFIX_LINE not in lines:
-            raise AssertionError("The magic string is not in the program output anymore, has the program output structure changed?")
-        index = lines.index(self.OUTPUT_FILES_PREFIX_LINE)
-        next_empty_line_index = lines.index("", index) if "" in lines[index:] else len(lines)
-
-        return lines[index + 1:next_empty_line_index]
-
-    def get_pcap_filename(self):
-        self._require_run()
-        return self._find_pcap()
-
-    def get_output(self):
-        self._require_run()
-        return self.id2t_output
-
-    def get_return_code(self):
-        self._require_run()
-        return self.return_code
-
-    def keep_file(self, file):
-        self._require_run()
-
-        if file not in self.generated_files:
-            raise ValueError("%s is not generated by id2t" % file)
-        if file not in self.keep_files:
-            self.keep_files.append(file)
-
-    def get_kept_files(self):
-        self._require_run()
-        return self.keep_files
-
-    def get_generated_files(self):
-        self._require_run()
-        return self.generated_files
-
-    def get_files_for_deletion(self):
-        self._require_run()
-        return [file for file in self.generated_files if file not in self.keep_files and not "No packets were injected." in file]
-
-    def _find_pcap(self) -> str:
-        for gen_file in self.generated_files:
-            if "No packets were injected." in gen_file:
-                return "No packets were injected."
-
-        return next(file for file in self.generated_files if file.endswith(".pcap"))
-
-    def _require_run(self):
-        if not self.has_run():
-            raise RuntimeError("You have to execute run() before you can call this method")
-
-    def cleanup(self):
-        if self.has_run():
-            id2t_relative = os.path.dirname(self.id2t_path)
-
-            for file in self.get_files_for_deletion():
-                if "No packets were injected." in file:
-                    pass
-
-                try:
-                    os.unlink(id2t_relative + "/" + file)
-                except: pass
-
-    def __del__(self):
-        self.cleanup()
-
-
-if __name__ == "__main__":
-    import sys
-
-    if len(sys.argv) < 3:
-        print("Usage: %s one.pcap other.pcap" % sys.argv[0])
-        exit(0)
-
-    try:
-        PcapComparator().compare_files(sys.argv[1], sys.argv[2])
-        print("The given pcaps are equal")
-    except AssertionError as e:
-        print("The given pcaps are not equal")
-        print("Error message:", *e.args)
-        exit(1)
-    except Exception as e:
-        print("During the comparison an unexpected error happened")
-        print(type(e).__name__ + ":", *e.args)
-        exit(1)

code/Test/test_MembersMgmtCommAttack.py

@@ -0,0 +1,10 @@
+import Test.ID2TAttackTest as Test
+import ID2TLib.Utility as Util
+
+sha_default = '116b6cb3f1be37e50333a4f1a2535d96b1b053a4c950655391826b43585cff2b'
+
+
+class UnitTestMembersMgmtCommAttack(Test.ID2TAttackTest):
+    def test_regression(self):
+        self.checksum_test([['MembersMgmtCommAttack', 'hidden_mark=True']], sha_default, seed=42,
+                           pcap=Util.TEST_DIR + "reference_telnet.pcap")

code/Test/test_determinism_mmcomm.py

@@ -1,189 +0,0 @@
-#!/usr/bin/python3
-
-import sys, os
-import subprocess, shlex
-import time
-import unittest
-import random
-
-from Test.TestUtil import PcapComparator, ID2TExecution
-
-# this dictionary holds the generators (functions) for the parameters
-# that will be passed to the MembershipMgmtCommAttack
-# items need the parameter-name as key and a function that will be called
-# without parameters and returns a valid value for that parameter as value
-# WARNING: parameters will be passed via command line, make sure your values
-# get converted to string correctly
-_random_bool = lambda: random.random() < 0.5
-ID2T_PARAMETER_GENERATORS = {
-    "bots.count": lambda: random.randint(1, 6),
-    "hidden_mark": _random_bool,
-    "interval.selection.end": lambda: random.randint(100, 1501),  # values are taken from default trace
-    "interval.selection.start": lambda: random.randint(0, 1401),
-    "interval.selection.strategy": lambda: random.choice(["optimal", "custom", "random"]),
-    "ip.reuse.external": lambda: random.uniform(0, 1),
-    "ip.reuse.local": lambda: random.uniform(0, 1),
-    "ip.reuse.total": lambda: random.uniform(0, 1),
-    "multiport": _random_bool,
-    "nat.present": _random_bool,
-    "packet.padding": lambda: random.randint(0, 100),
-    "packets.limit": lambda: random.randint(50, 250),
-    "ttl.from.caida": _random_bool,
-}
-
-
-class PcapComparison(unittest.TestCase):
-    ID2T_PATH = ".."
-    ID2T_LOCATION = ID2T_PATH + "/" + "id2t"
-
-    NUM_ITERATIONS_PER_PARAMS = 3
-    NUM_ITERATIONS = 4
-
-    PCAP_ENVIRONMENT_VALUE = "ID2T_SRC_PCAP"
-    SEED_ENVIRONMENT_VALUE = "ID2T_SEED"
-
-    DEFAULT_PCAP = "resources/test/Botnet/telnet-raw.pcap"
-    DEFAULT_SEED = "42"
-
-    VERBOSE = False
-
-    def __init__(self, *args, **kwargs):
-        unittest.TestCase.__init__(self, *args, **kwargs)
-
-        # params to call id2t with, as a list[list[str]]
-        # do a round of testing for each list[str] we get
-        # if none generate some params itself
-        self.id2t_params = None
-        self.printed_newline = False
-
-    def set_id2t_params(self, params: "list[list[str]]"):
-        self.id2t_params = params
-
-    def setUp(self):
-        self.executions = []
-
-    def test_determinism(self):
-        self.print_warning("Conducting test for determinism of Membership Management Communication Attack:\n")
-        input_pcap = os.environ.get(self.PCAP_ENVIRONMENT_VALUE, self.DEFAULT_PCAP)
-        seed = os.environ.get(self.SEED_ENVIRONMENT_VALUE, None)
-
-        if self.id2t_params is None:
-            self.id2t_params = self.random_id2t_params()
-
-        use_random_seeds = not bool(seed)
-
-        for i, params in enumerate(self.id2t_params):
-            self.print_warning("Test round %d:" % (i+1))
-            self.print_warning("=================================")
-            if use_random_seeds:
-                seed = random.randint(0, 0x7FFFFFFF)
-            self.do_test_round(input_pcap, seed, params)
-            self.print_warning()
-
-    def do_test_round(self, input_pcap, seed, additional_params):
-        generated_pcap = None
-        for i in range(self.NUM_ITERATIONS_PER_PARAMS):
-            execution = ID2TExecution(input_pcap, seed=seed)
-            self.print_warning("The command that gets executed is:", execution.get_run_command(additional_params))
-            self.executions.append(execution)
-
-            try:
-                execution.run(additional_params)
-            except AssertionError as e:
-                self.print_warning(execution.get_output())
-                self.assertEqual(execution.get_return_code(), 0, "For some reason id2t completed with an error")
-                raise e
-
-            self.print_warning(execution.get_output())
-
-            pcap = execution.get_pcap_filename()
-
-            if generated_pcap is not None:
-                if "No packets were injected." in pcap or "No packets were injected." in generated_pcap:
-                    self.assertEqual(pcap, generated_pcap)
-                else:
-                    try:
-                        self.compare_pcaps(generated_pcap, pcap)
-                    except AssertionError as e:
-                        execution.keep_file(pcap)
-                        for ex in self.executions:
-                            try:
-                                ex.keep_file(generated_pcap)
-                            except ValueError:
-                                pass
-
-                        e.args += tuple(("Command was: %s" % execution.get_run_command(additional_params),))
-                        e.args += tuple(("Files are: %s, %s" % (generated_pcap, pcap),))
-                        raise e
-            else:
-                generated_pcap = pcap
-
-            self.print_warning()
-            time.sleep(1)  # let some time pass between calls because files are based on the time
-
-    def tearDown(self):
-        self.print_warning("Cleaning up files generated by the test-calls...")
-        for id2t_run in self.executions:
-            for file in id2t_run.get_files_for_deletion():
-                self.print_warning(file)
-
-            id2t_run.cleanup()
-
-        self.print_warning("Done")
-
-        if any(e.get_kept_files() for e in self.executions):
-            self.print_warning("The following files have been kept:")
-            for e in self.executions:
-                for file in e.get_kept_files():
-                    self.print_warning(file)
-
-    def compare_pcaps(self, one: str, other: str):
-        PcapComparator().compare_files(self.ID2T_PATH + "/" + one, self.ID2T_PATH + "/" + other)
-
-    def print_warning(self, *text):
-        if self.VERBOSE:
-            if not self.printed_newline:
-                print("\n", file=sys.stderr)
-                self.printed_newline = True
-            print(*text, file=sys.stderr)
-
-    def random_id2t_params(self):
-        """
-        :return: A list of parameter-lists for id2t, useful if you want several
-        iterations
-        """
-        param_list = []
-        for i in range(self.NUM_ITERATIONS):
-            param_list.append(self.random_id2t_param_set())
-        return param_list
-
-    def random_id2t_param_set(self):
-        """
-        Create a list of parameters to call the membersmgmtcommattack with
-        :return: a list of command-line parameters
-        """
-        param = lambda key, val: "%s=%s" % (str(key), str(val))
-
-        number_of_keys = min(random.randint(2, 5), len(ID2T_PARAMETER_GENERATORS))
-        keys = random.sample(list(ID2T_PARAMETER_GENERATORS), number_of_keys)
-
-        params = []
-        for key in keys:
-            generator = ID2T_PARAMETER_GENERATORS[key]
-            params.append(param(key, generator()))
-
-        return params
-
-
-if __name__ == "__main__":
-    import sys
-
-    # parameters for this program are interpreted as id2t-parameters
-    id2t_args = sys.argv[1:]
-    comparison = PcapComparison("test_determinism")
-    if id2t_args: comparison.set_id2t_params([id2t_args])
-
-    suite = unittest.TestSuite()
-    suite.addTest(comparison)
-
-    unittest.TextTestRunner().run(suite)

code/Test/test_regression_mmcomm.py

@@ -1,63 +0,0 @@
-import unittest
-import xml.etree.ElementTree
-import os.path
-import sys
-
-from Test.TestUtil import PcapComparator, ID2TExecution
-
-
-class RegressionTest(unittest.TestCase):
-    REGRESSION_DIRECTORY = "../resources/test/Botnet/regression_files"
-    REGRESSION_DIRECTORY_ID2T_RELATIVE = "resources/test/Botnet/regression_files"
-    ID2T_RELATIVE_TO_LOCAL_PREFIX = "../"
-    VERBOSE = False
-    META_FILE = "fileinfo.xml"
-
-    def test_regression(self):
-        self.printed_newline = False
-        config_location = self.REGRESSION_DIRECTORY + os.sep + self.META_FILE
-        xml_root = xml.etree.ElementTree.parse(config_location).getroot()
-        comparator = PcapComparator()
-
-        for test in xml_root.getchildren():
-            self.assertXMLTagHasAttribute(test, "seed", "<test>s needs a seed-attribute")
-            self.assertXMLTagHasAttribute(test, "outfile", "<test>s needs a outfile-attribute")
-            self.assertXMLTagHasAttribute(test, "infile", "<test>s needs a infile-attribute")
-            self.assertXMLTagHasAttribute(test, "name", "<test>s needs a name-attribute")
-
-            params = []
-            for param in test.getchildren():
-                self.assertEqual(param.tag, "param", "<test>-children must be <params>s")
-                self.assertIsNotNone(param.get("key"), "<param> needs a key-attribute")
-                self.assertIsNotNone(param.get("value"), "<param> needs a value-attribute")
-
-                params.append("%s=%s" % (param.get("key"), param.get("value")))
-
-            infile = os.path.join(self.REGRESSION_DIRECTORY_ID2T_RELATIVE, test.get("infile"))
-            outfile = os.path.join(self.REGRESSION_DIRECTORY, test.get("outfile"))
-
-            execution = ID2TExecution(infile, seed=test.get("seed"))
-            self.print_warning("Running %s with command:" % test.get("name"))
-            self.print_warning(execution.get_run_command(params))
-            execution.run(params)
-
-            new_file = self.ID2T_RELATIVE_TO_LOCAL_PREFIX + os.sep + execution.get_pcap_filename()
-            old_file = outfile
-
-            try:
-                comparator.compare_files(new_file, old_file)
-            except AssertionError as e:
-                execution.cleanup()
-                raise AssertionError("Test failed") from e
-
-            self.print_warning("Test passed")
-
-    def assertXMLTagHasAttribute(self, tag, attribute, msg=None):
-        self.assertIsNotNone(tag.get(attribute), msg)
-
-    def print_warning(self, *text):
-        if self.VERBOSE:
-            if not self.printed_newline:
-                print("\n", file=sys.stderr)
-                self.printed_newline = True
-            print(*text, file=sys.stderr)

resources/test/Botnet/regression_files/fileinfo.xml

@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<!--
-This file contains the information on how to recreate the files used for
-regression testing. For every file there is a test that contains the file, the
-rng-seed, a name for the test and a list of parameters. The regression test
-will attempt to recreate all of these files via the parameters given and
-compare the newly created files to the existing ones.
-
-Paths are relative to this files location
--->
-<tests>
-    <test name="Membership Management Communication Regression Test on Telnet PCAP" infile="../telnet-raw.pcap" outfile="telnet_regression.pcap" seed="42">
-        <param key="hidden_mark" value="True"/>
-    </test>
-</tests>

resources/test/Botnet/regression_files/telnet_regression_labels.xml

@@ -1,15 +0,0 @@
-<?xml version="1.0" ?>
-<LABELS version_parser="0.2">
-	<attack>
-		<attack_name>MembersMgmtCommAttack</attack_name>
-		<attack_note></attack_note>
-		<timestamp_start>
-			<timestamp>944192097.1481651</timestamp>
-			<timestamp_hr>1999-12-03 04:34:57.148165</timestamp_hr>
-		</timestamp_start>
-		<timestamp_end>
-			<timestamp>944192103.4367249</timestamp>
-			<timestamp_hr>1999-12-03 04:35:03.436725</timestamp_hr>
-		</timestamp_end>
-	</attack>
-</LABELS>

resources/test/Botnet/regression_files/telnet_regression_mapping.xml

@@ -1,101 +0,0 @@
-<?xml version="1.0" ?>
-<mappings>
-	<mapping CSV_XML_Time="3712.30121813772" Dst="239" PCAP_Time-Datetime="1999-12-03 04:34:57.148165" PCAP_Time-Relative="8.892634" PCAP_Time-Timestamp="944192097.1481651" Src="53" Type="103" id="0" line_number="-1" mapped="true" packet_time="944192097.1481651"/>
-	<mapping CSV_XML_Time="3712.30121813772" Dst="285" PCAP_Time-Datetime="1999-12-03 04:34:57.186668" PCAP_Time-Relative="8.931137" PCAP_Time-Timestamp="944192097.1866676" Src="53" Type="103" id="1" line_number="-1" mapped="true" packet_time="944192097.1866676"/>
-	<mapping CSV_XML_Time="3712.30121813772" Dst="175" PCAP_Time-Datetime="1999-12-03 04:34:57.240449" PCAP_Time-Relative="8.984918" PCAP_Time-Timestamp="944192097.2404487" Src="53" Type="103" id="2" line_number="-1" mapped="true" packet_time="944192097.2404487"/>
-	<mapping CSV_XML_Time="3712.30121813772" Dst="32" PCAP_Time-Datetime="1999-12-03 04:34:57.240685" PCAP_Time-Relative="8.985154" PCAP_Time-Timestamp="944192097.2406845" Src="53" Type="103" id="3" line_number="-1" mapped="true" packet_time="944192097.2406845"/>
-	<mapping CSV_XML_Time="3712.50121813772" Dst="142" PCAP_Time-Datetime="1999-12-03 04:34:57.362154" PCAP_Time-Relative="9.106623" PCAP_Time-Timestamp="944192097.3621544" Src="53" Type="103" id="4" line_number="-1" mapped="true" packet_time="944192097.3621544"/>
-	<mapping CSV_XML_Time="3712.50121813772" Dst="2" PCAP_Time-Datetime="1999-12-03 04:34:57.367359" PCAP_Time-Relative="9.111828" PCAP_Time-Timestamp="944192097.367359" Src="53" Type="103" id="5" line_number="-1" mapped="true" packet_time="944192097.367359"/>
-	<mapping CSV_XML_Time="3712.50121813772" Dst="33" PCAP_Time-Datetime="1999-12-03 04:34:57.428766" PCAP_Time-Relative="9.173235" PCAP_Time-Timestamp="944192097.428766" Src="53" Type="103" id="6" line_number="-1" mapped="true" packet_time="944192097.428766"/>
-	<mapping CSV_XML_Time="3712.50121813772" Dst="195" PCAP_Time-Datetime="1999-12-03 04:34:57.428925" PCAP_Time-Relative="9.173394" PCAP_Time-Timestamp="944192097.4289254" Src="53" Type="103" id="7" line_number="-1" mapped="true" packet_time="944192097.4289254"/>
-	<mapping CSV_XML_Time="3712.70121813772" Dst="292" PCAP_Time-Datetime="1999-12-03 04:34:57.577792" PCAP_Time-Relative="9.322261" PCAP_Time-Timestamp="944192097.5777917" Src="53" Type="103" id="8" line_number="-1" mapped="true" packet_time="944192097.5777917"/>
-	<mapping CSV_XML_Time="3712.70121813772" Dst="50" PCAP_Time-Datetime="1999-12-03 04:34:57.602007" PCAP_Time-Relative="9.346476" PCAP_Time-Timestamp="944192097.6020068" Src="53" Type="103" id="9" line_number="-1" mapped="true" packet_time="944192097.6020068"/>
-	<mapping CSV_XML_Time="3712.70121813772" Dst="128" PCAP_Time-Datetime="1999-12-03 04:34:57.611193" PCAP_Time-Relative="9.355662" PCAP_Time-Timestamp="944192097.6111931" Src="53" Type="103" id="10" line_number="-1" mapped="true" packet_time="944192097.6111931"/>
-	<mapping CSV_XML_Time="3712.90121813772" Dst="271" PCAP_Time-Datetime="1999-12-03 04:34:57.741621" PCAP_Time-Relative="9.486090" PCAP_Time-Timestamp="944192097.7416214" Src="53" Type="103" id="11" line_number="-1" mapped="true" packet_time="944192097.7416214"/>
-	<mapping CSV_XML_Time="3712.90121813772" Dst="268" PCAP_Time-Datetime="1999-12-03 04:34:57.806237" PCAP_Time-Relative="9.550706" PCAP_Time-Timestamp="944192097.8062367" Src="53" Type="103" id="12" line_number="-1" mapped="true" packet_time="944192097.8062367"/>
-	<mapping CSV_XML_Time="3712.90121813772" Dst="184" PCAP_Time-Datetime="1999-12-03 04:34:57.822549" PCAP_Time-Relative="9.567018" PCAP_Time-Timestamp="944192097.8225495" Src="53" Type="103" id="13" line_number="-1" mapped="true" packet_time="944192097.8225495"/>
-	<mapping CSV_XML_Time="3712.90121813772" Dst="294" PCAP_Time-Datetime="1999-12-03 04:34:57.839562" PCAP_Time-Relative="9.584031" PCAP_Time-Timestamp="944192097.8395624" Src="53" Type="103" id="14" line_number="-1" mapped="true" packet_time="944192097.8395624"/>
-	<mapping CSV_XML_Time="3713.10121813772" Dst="71" PCAP_Time-Datetime="1999-12-03 04:34:57.954268" PCAP_Time-Relative="9.698737" PCAP_Time-Timestamp="944192097.9542681" Src="53" Type="103" id="15" line_number="-1" mapped="true" packet_time="944192097.9542681"/>
-	<mapping CSV_XML_Time="3713.10121813772" Dst="161" PCAP_Time-Datetime="1999-12-03 04:34:57.970777" PCAP_Time-Relative="9.715246" PCAP_Time-Timestamp="944192097.9707769" Src="53" Type="103" id="16" line_number="-1" mapped="true" packet_time="944192097.9707769"/>
-	<mapping CSV_XML_Time="3713.10121813772" Dst="246" PCAP_Time-Datetime="1999-12-03 04:34:58.7178" PCAP_Time-Relative="9.751647" PCAP_Time-Timestamp="944192098.0071778" Src="53" Type="103" id="17" line_number="-1" mapped="true" packet_time="944192098.0071778"/>
-	<mapping CSV_XML_Time="3713.10121813772" Dst="58" PCAP_Time-Datetime="1999-12-03 04:34:58.34732" PCAP_Time-Relative="9.779201" PCAP_Time-Timestamp="944192098.034732" Src="53" Type="103" id="18" line_number="-1" mapped="true" packet_time="944192098.034732"/>
-	<mapping CSV_XML_Time="3713.30121813772" Dst="148" PCAP_Time-Datetime="1999-12-03 04:34:58.151543" PCAP_Time-Relative="9.896012" PCAP_Time-Timestamp="944192098.1515427" Src="53" Type="103" id="19" line_number="-1" mapped="true" packet_time="944192098.1515427"/>
-	<mapping CSV_XML_Time="3713.30121813772" Dst="57" PCAP_Time-Datetime="1999-12-03 04:34:58.152382" PCAP_Time-Relative="9.896851" PCAP_Time-Timestamp="944192098.1523819" Src="53" Type="103" id="20" line_number="-1" mapped="true" packet_time="944192098.1523819"/>
-	<mapping CSV_XML_Time="3713.30121813772" Dst="10" PCAP_Time-Datetime="1999-12-03 04:34:58.168074" PCAP_Time-Relative="9.912543" PCAP_Time-Timestamp="944192098.1680739" Src="53" Type="103" id="21" line_number="-1" mapped="true" packet_time="944192098.1680739"/>
-	<mapping CSV_XML_Time="3713.30121813772" Dst="60" PCAP_Time-Datetime="1999-12-03 04:34:58.196161" PCAP_Time-Relative="9.940630" PCAP_Time-Timestamp="944192098.1961614" Src="53" Type="103" id="22" line_number="-1" mapped="true" packet_time="944192098.1961614"/>
-	<mapping CSV_XML_Time="3713.50121813772" Dst="256" PCAP_Time-Datetime="1999-12-03 04:34:58.361199" PCAP_Time-Relative="10.105668" PCAP_Time-Timestamp="944192098.3611987" Src="53" Type="103" id="23" line_number="-1" mapped="true" packet_time="944192098.3611987"/>
-	<mapping CSV_XML_Time="3713.50121813772" Dst="51" PCAP_Time-Datetime="1999-12-03 04:34:58.401322" PCAP_Time-Relative="10.145791" PCAP_Time-Timestamp="944192098.401322" Src="53" Type="103" id="24" line_number="-1" mapped="true" packet_time="944192098.401322"/>
-	<mapping CSV_XML_Time="3713.50121813772" Dst="70" PCAP_Time-Datetime="1999-12-03 04:34:58.404263" PCAP_Time-Relative="10.148732" PCAP_Time-Timestamp="944192098.4042628" Src="53" Type="103" id="25" line_number="-1" mapped="true" packet_time="944192098.4042628"/>
-	<mapping CSV_XML_Time="3713.50121813772" Dst="216" PCAP_Time-Datetime="1999-12-03 04:34:58.412600" PCAP_Time-Relative="10.157069" PCAP_Time-Timestamp="944192098.4126002" Src="53" Type="103" id="26" line_number="-1" mapped="true" packet_time="944192098.4126002"/>
-	<mapping CSV_XML_Time="3712.60121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:34:58.501824" PCAP_Time-Relative="10.246293" PCAP_Time-Timestamp="944192098.5018237" Src="2" Type="104" id="27" line_number="-1" mapped="true" packet_time="944192098.5018237"/>
-	<mapping CSV_XML_Time="3712.70121813772" Dst="2" PCAP_Time-Datetime="1999-12-03 04:34:58.527598" PCAP_Time-Relative="10.272067" PCAP_Time-Timestamp="944192098.5275983" Src="53" Type="101" id="28" line_number="-1" mapped="true" packet_time="944192098.5275983"/>
-	<mapping CSV_XML_Time="3713.70121813772" Dst="269" PCAP_Time-Datetime="1999-12-03 04:34:58.567237" PCAP_Time-Relative="10.311706" PCAP_Time-Timestamp="944192098.5672374" Src="53" Type="103" id="29" line_number="-1" mapped="true" packet_time="944192098.5672374"/>
-	<mapping CSV_XML_Time="3713.70121813772" Dst="230" PCAP_Time-Datetime="1999-12-03 04:34:58.589692" PCAP_Time-Relative="10.334161" PCAP_Time-Timestamp="944192098.5896922" Src="53" Type="103" id="30" line_number="-1" mapped="true" packet_time="944192098.5896922"/>
-	<mapping CSV_XML_Time="3713.70121813772" Dst="105" PCAP_Time-Datetime="1999-12-03 04:34:58.625449" PCAP_Time-Relative="10.369918" PCAP_Time-Timestamp="944192098.6254494" Src="53" Type="103" id="31" line_number="-1" mapped="true" packet_time="944192098.6254494"/>
-	<mapping CSV_XML_Time="3713.70121813772" Dst="91" PCAP_Time-Datetime="1999-12-03 04:34:58.631373" PCAP_Time-Relative="10.375842" PCAP_Time-Timestamp="944192098.6313727" Src="53" Type="103" id="32" line_number="-1" mapped="true" packet_time="944192098.6313727"/>
-	<mapping CSV_XML_Time="3713.90121813772" Dst="66" PCAP_Time-Datetime="1999-12-03 04:34:58.741194" PCAP_Time-Relative="10.485663" PCAP_Time-Timestamp="944192098.7411937" Src="53" Type="103" id="33" line_number="-1" mapped="true" packet_time="944192098.7411937"/>
-	<mapping CSV_XML_Time="3713.90121813772" Dst="23" PCAP_Time-Datetime="1999-12-03 04:34:58.750069" PCAP_Time-Relative="10.494538" PCAP_Time-Timestamp="944192098.7500689" Src="53" Type="103" id="34" line_number="-1" mapped="true" packet_time="944192098.7500689"/>
-	<mapping CSV_XML_Time="3713.90121813772" Dst="13" PCAP_Time-Datetime="1999-12-03 04:34:58.768507" PCAP_Time-Relative="10.512976" PCAP_Time-Timestamp="944192098.7685071" Src="53" Type="103" id="35" line_number="-1" mapped="true" packet_time="944192098.7685071"/>
-	<mapping CSV_XML_Time="3713.90121813772" Dst="277" PCAP_Time-Datetime="1999-12-03 04:34:58.783197" PCAP_Time-Relative="10.527666" PCAP_Time-Timestamp="944192098.7831967" Src="53" Type="103" id="36" line_number="-1" mapped="true" packet_time="944192098.7831967"/>
-	<mapping CSV_XML_Time="3714.10121813772" Dst="52" PCAP_Time-Datetime="1999-12-03 04:34:58.967035" PCAP_Time-Relative="10.711504" PCAP_Time-Timestamp="944192098.9670346" Src="53" Type="103" id="37" line_number="-1" mapped="true" packet_time="944192098.9670346"/>
-	<mapping CSV_XML_Time="3714.10121813772" Dst="129" PCAP_Time-Datetime="1999-12-03 04:34:59.4550" PCAP_Time-Relative="10.749019" PCAP_Time-Timestamp="944192099.0045503" Src="53" Type="103" id="38" line_number="-1" mapped="true" packet_time="944192099.0045503"/>
-	<mapping CSV_XML_Time="3714.10121813772" Dst="14" PCAP_Time-Datetime="1999-12-03 04:34:59.14962" PCAP_Time-Relative="10.759431" PCAP_Time-Timestamp="944192099.0149621" Src="53" Type="103" id="39" line_number="-1" mapped="true" packet_time="944192099.0149621"/>
-	<mapping CSV_XML_Time="3714.10121813772" Dst="169" PCAP_Time-Datetime="1999-12-03 04:34:59.17951" PCAP_Time-Relative="10.762420" PCAP_Time-Timestamp="944192099.0179509" Src="53" Type="103" id="40" line_number="-1" mapped="true" packet_time="944192099.0179509"/>
-	<mapping CSV_XML_Time="3714.30121813772" Dst="108" PCAP_Time-Datetime="1999-12-03 04:34:59.141806" PCAP_Time-Relative="10.886275" PCAP_Time-Timestamp="944192099.141806" Src="53" Type="103" id="41" line_number="-1" mapped="true" packet_time="944192099.141806"/>
-	<mapping CSV_XML_Time="3714.30121813772" Dst="49" PCAP_Time-Datetime="1999-12-03 04:34:59.148363" PCAP_Time-Relative="10.892832" PCAP_Time-Timestamp="944192099.1483635" Src="53" Type="103" id="42" line_number="-1" mapped="true" packet_time="944192099.1483635"/>
-	<mapping CSV_XML_Time="3714.30121813772" Dst="73" PCAP_Time-Datetime="1999-12-03 04:34:59.183608" PCAP_Time-Relative="10.928077" PCAP_Time-Timestamp="944192099.1836077" Src="53" Type="103" id="43" line_number="-1" mapped="true" packet_time="944192099.1836077"/>
-	<mapping CSV_XML_Time="3714.30121813772" Dst="135" PCAP_Time-Datetime="1999-12-03 04:34:59.196007" PCAP_Time-Relative="10.940476" PCAP_Time-Timestamp="944192099.1960071" Src="53" Type="103" id="44" line_number="-1" mapped="true" packet_time="944192099.1960071"/>
-	<mapping CSV_XML_Time="3714.50121813772" Dst="16" PCAP_Time-Datetime="1999-12-03 04:34:59.395398" PCAP_Time-Relative="11.139867" PCAP_Time-Timestamp="944192099.395398" Src="53" Type="103" id="45" line_number="-1" mapped="true" packet_time="944192099.395398"/>
-	<mapping CSV_XML_Time="3714.50121813772" Dst="249" PCAP_Time-Datetime="1999-12-03 04:34:59.399090" PCAP_Time-Relative="11.143559" PCAP_Time-Timestamp="944192099.3990899" Src="53" Type="103" id="46" line_number="-1" mapped="true" packet_time="944192099.3990899"/>
-	<mapping CSV_XML_Time="3714.50121813772" Dst="144" PCAP_Time-Datetime="1999-12-03 04:34:59.424299" PCAP_Time-Relative="11.168768" PCAP_Time-Timestamp="944192099.4242985" Src="53" Type="103" id="47" line_number="-1" mapped="true" packet_time="944192099.4242985"/>
-	<mapping CSV_XML_Time="3714.50121813772" Dst="4" PCAP_Time-Datetime="1999-12-03 04:34:59.429150" PCAP_Time-Relative="11.173619" PCAP_Time-Timestamp="944192099.4291496" Src="53" Type="103" id="48" line_number="-1" mapped="true" packet_time="944192099.4291496"/>
-	<mapping CSV_XML_Time="3714.70121813772" Dst="182" PCAP_Time-Datetime="1999-12-03 04:34:59.571665" PCAP_Time-Relative="11.316134" PCAP_Time-Timestamp="944192099.5716648" Src="53" Type="103" id="49" line_number="-1" mapped="true" packet_time="944192099.5716648"/>
-	<mapping CSV_XML_Time="3714.70121813772" Dst="185" PCAP_Time-Datetime="1999-12-03 04:34:59.620451" PCAP_Time-Relative="11.364920" PCAP_Time-Timestamp="944192099.6204512" Src="53" Type="103" id="50" line_number="-1" mapped="true" packet_time="944192099.6204512"/>
-	<mapping CSV_XML_Time="3714.70121813772" Dst="258" PCAP_Time-Datetime="1999-12-03 04:34:59.630737" PCAP_Time-Relative="11.375206" PCAP_Time-Timestamp="944192099.6307372" Src="53" Type="103" id="51" line_number="-1" mapped="true" packet_time="944192099.6307372"/>
-	<mapping CSV_XML_Time="3712.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:34:59.641284" PCAP_Time-Relative="11.385753" PCAP_Time-Timestamp="944192099.6412842" Src="2" Type="102" id="52" line_number="-1" mapped="true" packet_time="944192099.6412842"/>
-	<mapping CSV_XML_Time="3714.90121813772" Dst="155" PCAP_Time-Datetime="1999-12-03 04:34:59.761847" PCAP_Time-Relative="11.506316" PCAP_Time-Timestamp="944192099.7618468" Src="53" Type="103" id="53" line_number="-1" mapped="true" packet_time="944192099.7618468"/>
-	<mapping CSV_XML_Time="3714.90121813772" Dst="177" PCAP_Time-Datetime="1999-12-03 04:34:59.765792" PCAP_Time-Relative="11.510261" PCAP_Time-Timestamp="944192099.765792" Src="53" Type="103" id="54" line_number="-1" mapped="true" packet_time="944192099.765792"/>
-	<mapping CSV_XML_Time="3714.90121813772" Dst="156" PCAP_Time-Datetime="1999-12-03 04:34:59.826909" PCAP_Time-Relative="11.571378" PCAP_Time-Timestamp="944192099.8269093" Src="53" Type="103" id="55" line_number="-1" mapped="true" packet_time="944192099.8269093"/>
-	<mapping CSV_XML_Time="3714.90121813772" Dst="278" PCAP_Time-Datetime="1999-12-03 04:34:59.830732" PCAP_Time-Relative="11.575201" PCAP_Time-Timestamp="944192099.8307315" Src="53" Type="103" id="56" line_number="-1" mapped="true" packet_time="944192099.8307315"/>
-	<mapping CSV_XML_Time="3715.10121813772" Dst="260" PCAP_Time-Datetime="1999-12-03 04:34:59.951118" PCAP_Time-Relative="11.695587" PCAP_Time-Timestamp="944192099.9511184" Src="53" Type="103" id="57" line_number="-1" mapped="true" packet_time="944192099.9511184"/>
-	<mapping CSV_XML_Time="3715.10121813772" Dst="202" PCAP_Time-Datetime="1999-12-03 04:34:59.956294" PCAP_Time-Relative="11.700763" PCAP_Time-Timestamp="944192099.9562943" Src="53" Type="103" id="58" line_number="-1" mapped="true" packet_time="944192099.9562943"/>
-	<mapping CSV_XML_Time="3715.10121813772" Dst="222" PCAP_Time-Datetime="1999-12-03 04:34:59.981477" PCAP_Time-Relative="11.725946" PCAP_Time-Timestamp="944192099.9814768" Src="53" Type="103" id="59" line_number="-1" mapped="true" packet_time="944192099.9814768"/>
-	<mapping CSV_XML_Time="3715.10121813772" Dst="217" PCAP_Time-Datetime="1999-12-03 04:35:00.29253" PCAP_Time-Relative="11.773722" PCAP_Time-Timestamp="944192100.0292525" Src="53" Type="103" id="60" line_number="-1" mapped="true" packet_time="944192100.0292525"/>
-	<mapping CSV_XML_Time="3715.30121813772" Dst="76" PCAP_Time-Datetime="1999-12-03 04:35:00.143318" PCAP_Time-Relative="11.887787" PCAP_Time-Timestamp="944192100.1433177" Src="53" Type="103" id="61" line_number="-1" mapped="true" packet_time="944192100.1433177"/>
-	<mapping CSV_XML_Time="3715.30121813772" Dst="194" PCAP_Time-Datetime="1999-12-03 04:35:00.238460" PCAP_Time-Relative="11.982929" PCAP_Time-Timestamp="944192100.2384597" Src="53" Type="103" id="62" line_number="-1" mapped="true" packet_time="944192100.2384597"/>
-	<mapping CSV_XML_Time="3715.50121813772" Dst="250" PCAP_Time-Datetime="1999-12-03 04:35:00.374058" PCAP_Time-Relative="12.118527" PCAP_Time-Timestamp="944192100.3740575" Src="53" Type="103" id="63" line_number="-1" mapped="true" packet_time="944192100.3740575"/>
-	<mapping CSV_XML_Time="3715.50121813772" Dst="137" PCAP_Time-Datetime="1999-12-03 04:35:00.414495" PCAP_Time-Relative="12.158964" PCAP_Time-Timestamp="944192100.4144955" Src="53" Type="103" id="64" line_number="-1" mapped="true" packet_time="944192100.4144955"/>
-	<mapping CSV_XML_Time="3715.50121813772" Dst="109" PCAP_Time-Datetime="1999-12-03 04:35:00.427245" PCAP_Time-Relative="12.171714" PCAP_Time-Timestamp="944192100.4272454" Src="53" Type="103" id="65" line_number="-1" mapped="true" packet_time="944192100.4272454"/>
-	<mapping CSV_XML_Time="3715.50121813772" Dst="178" PCAP_Time-Datetime="1999-12-03 04:35:00.433921" PCAP_Time-Relative="12.178390" PCAP_Time-Timestamp="944192100.4339206" Src="53" Type="103" id="66" line_number="-1" mapped="true" packet_time="944192100.4339206"/>
-	<mapping CSV_XML_Time="3715.70121813772" Dst="1" PCAP_Time-Datetime="1999-12-03 04:35:00.551649" PCAP_Time-Relative="12.296118" PCAP_Time-Timestamp="944192100.5516486" Src="53" Type="103" id="67" line_number="-1" mapped="true" packet_time="944192100.5516486"/>
-	<mapping CSV_XML_Time="3714.60121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:00.557490" PCAP_Time-Relative="12.301959" PCAP_Time-Timestamp="944192100.55749" Src="4" Type="104" id="68" line_number="-1" mapped="true" packet_time="944192100.55749"/>
-	<mapping CSV_XML_Time="3715.70121813772" Dst="225" PCAP_Time-Datetime="1999-12-03 04:35:00.567520" PCAP_Time-Relative="12.311989" PCAP_Time-Timestamp="944192100.5675195" Src="53" Type="103" id="69" line_number="-1" mapped="true" packet_time="944192100.5675195"/>
-	<mapping CSV_XML_Time="3714.70121813772" Dst="4" PCAP_Time-Datetime="1999-12-03 04:35:00.582299" PCAP_Time-Relative="12.326768" PCAP_Time-Timestamp="944192100.5822994" Src="53" Type="101" id="70" line_number="-1" mapped="true" packet_time="944192100.5822994"/>
-	<mapping CSV_XML_Time="3715.90121813772" Dst="3" PCAP_Time-Datetime="1999-12-03 04:35:00.760152" PCAP_Time-Relative="12.504621" PCAP_Time-Timestamp="944192100.7601521" Src="53" Type="103" id="71" line_number="-1" mapped="true" packet_time="944192100.7601521"/>
-	<mapping CSV_XML_Time="3715.20121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.50671" PCAP_Time-Relative="12.795140" PCAP_Time-Timestamp="944192101.050671" Src="222" Type="104" id="72" line_number="-1" mapped="true" packet_time="944192101.050671"/>
-	<mapping CSV_XML_Time="3715.20121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.53607" PCAP_Time-Relative="12.798076" PCAP_Time-Timestamp="944192101.0536066" Src="260" Type="104" id="73" line_number="-1" mapped="true" packet_time="944192101.0536066"/>
-	<mapping CSV_XML_Time="3715.30121813772" Dst="222" PCAP_Time-Datetime="1999-12-03 04:35:01.141748" PCAP_Time-Relative="12.886217" PCAP_Time-Timestamp="944192101.1417481" Src="53" Type="101" id="74" line_number="-1" mapped="true" packet_time="944192101.1417481"/>
-	<mapping CSV_XML_Time="3715.30121813772" Dst="260" PCAP_Time-Datetime="1999-12-03 04:35:01.156595" PCAP_Time-Relative="12.901064" PCAP_Time-Timestamp="944192101.1565946" Src="53" Type="101" id="75" line_number="-1" mapped="true" packet_time="944192101.1565946"/>
-	<mapping CSV_XML_Time="3716.30121813772" Dst="95" PCAP_Time-Datetime="1999-12-03 04:35:01.168752" PCAP_Time-Relative="12.913221" PCAP_Time-Timestamp="944192101.1687516" Src="53" Type="103" id="76" line_number="-1" mapped="true" packet_time="944192101.1687516"/>
-	<mapping CSV_XML_Time="3715.60121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.536130" PCAP_Time-Relative="13.280599" PCAP_Time-Timestamp="944192101.5361298" Src="109" Type="104" id="77" line_number="-1" mapped="true" packet_time="944192101.5361298"/>
-	<mapping CSV_XML_Time="3715.60121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.541027" PCAP_Time-Relative="13.285496" PCAP_Time-Timestamp="944192101.5410273" Src="178" Type="104" id="78" line_number="-1" mapped="true" packet_time="944192101.5410273"/>
-	<mapping CSV_XML_Time="3714.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.548510" PCAP_Time-Relative="13.292979" PCAP_Time-Timestamp="944192101.54851" Src="4" Type="102" id="79" line_number="-1" mapped="true" packet_time="944192101.54851"/>
-	<mapping CSV_XML_Time="3715.70121813772" Dst="109" PCAP_Time-Datetime="1999-12-03 04:35:01.627788" PCAP_Time-Relative="13.372257" PCAP_Time-Timestamp="944192101.6277884" Src="53" Type="101" id="80" line_number="-1" mapped="true" packet_time="944192101.6277884"/>
-	<mapping CSV_XML_Time="3715.70121813772" Dst="178" PCAP_Time-Datetime="1999-12-03 04:35:01.636887" PCAP_Time-Relative="13.381356" PCAP_Time-Timestamp="944192101.6368866" Src="53" Type="101" id="81" line_number="-1" mapped="true" packet_time="944192101.6368866"/>
-	<mapping CSV_XML_Time="3715.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.671523" PCAP_Time-Relative="13.415992" PCAP_Time-Timestamp="944192101.6715233" Src="225" Type="104" id="82" line_number="-1" mapped="true" packet_time="944192101.6715233"/>
-	<mapping CSV_XML_Time="3715.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.673357" PCAP_Time-Relative="13.417826" PCAP_Time-Timestamp="944192101.6733571" Src="1" Type="104" id="83" line_number="-1" mapped="true" packet_time="944192101.6733571"/>
-	<mapping CSV_XML_Time="3715.90121813772" Dst="1" PCAP_Time-Datetime="1999-12-03 04:35:01.706117" PCAP_Time-Relative="13.450586" PCAP_Time-Timestamp="944192101.7061167" Src="53" Type="101" id="84" line_number="-1" mapped="true" packet_time="944192101.7061167"/>
-	<mapping CSV_XML_Time="3715.90121813772" Dst="225" PCAP_Time-Datetime="1999-12-03 04:35:01.712042" PCAP_Time-Relative="13.456511" PCAP_Time-Timestamp="944192101.7120423" Src="53" Type="101" id="85" line_number="-1" mapped="true" packet_time="944192101.7120423"/>
-	<mapping CSV_XML_Time="3716.00121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:01.768293" PCAP_Time-Relative="13.512762" PCAP_Time-Timestamp="944192101.7682933" Src="3" Type="104" id="86" line_number="-1" mapped="true" packet_time="944192101.7682933"/>
-	<mapping CSV_XML_Time="3716.10121813772" Dst="3" PCAP_Time-Datetime="1999-12-03 04:35:01.864728" PCAP_Time-Relative="13.609197" PCAP_Time-Timestamp="944192101.8647285" Src="53" Type="101" id="87" line_number="-1" mapped="true" packet_time="944192101.8647285"/>
-	<mapping CSV_XML_Time="3716.40121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.242293" PCAP_Time-Relative="13.986762" PCAP_Time-Timestamp="944192102.242293" Src="95" Type="104" id="88" line_number="-1" mapped="true" packet_time="944192102.242293"/>
-	<mapping CSV_XML_Time="3715.40121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.265388" PCAP_Time-Relative="14.009857" PCAP_Time-Timestamp="944192102.2653878" Src="222" Type="102" id="89" line_number="-1" mapped="true" packet_time="944192102.2653878"/>
-	<mapping CSV_XML_Time="3715.40121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.276724" PCAP_Time-Relative="14.021193" PCAP_Time-Timestamp="944192102.2767243" Src="260" Type="102" id="90" line_number="-1" mapped="true" packet_time="944192102.2767243"/>
-	<mapping CSV_XML_Time="3716.50121813772" Dst="95" PCAP_Time-Datetime="1999-12-03 04:35:02.292261" PCAP_Time-Relative="14.036730" PCAP_Time-Timestamp="944192102.2922608" Src="53" Type="101" id="91" line_number="-1" mapped="true" packet_time="944192102.2922608"/>
-	<mapping CSV_XML_Time="3715.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.622931" PCAP_Time-Relative="14.367400" PCAP_Time-Timestamp="944192102.6229308" Src="178" Type="102" id="92" line_number="-1" mapped="true" packet_time="944192102.6229308"/>
-	<mapping CSV_XML_Time="3716.00121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.650658" PCAP_Time-Relative="14.395127" PCAP_Time-Timestamp="944192102.6506579" Src="1" Type="102" id="93" line_number="-1" mapped="true" packet_time="944192102.6506579"/>
-	<mapping CSV_XML_Time="3715.80121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.663500" PCAP_Time-Relative="14.407969" PCAP_Time-Timestamp="944192102.6634997" Src="109" Type="102" id="94" line_number="-1" mapped="true" packet_time="944192102.6634997"/>
-	<mapping CSV_XML_Time="3716.00121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:02.817711" PCAP_Time-Relative="14.562180" PCAP_Time-Timestamp="944192102.8177105" Src="225" Type="102" id="95" line_number="-1" mapped="true" packet_time="944192102.8177105"/>
-	<mapping CSV_XML_Time="3716.20121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:03.6215" PCAP_Time-Relative="14.750684" PCAP_Time-Timestamp="944192103.006215" Src="3" Type="102" id="96" line_number="-1" mapped="true" packet_time="944192103.006215"/>
-	<mapping CSV_XML_Time="3716.60121813772" Dst="53" PCAP_Time-Datetime="1999-12-03 04:35:03.436725" PCAP_Time-Relative="15.181194" PCAP_Time-Timestamp="944192103.4367249" Src="95" Type="102" id="97" line_number="-1" mapped="true" packet_time="944192103.4367249"/>
-</mappings>