split ip novel count into src and dst

code_boost/src/cxx/statistics.cpp

@@ -130,6 +130,9 @@ std::vector<float> statistics::calculateLastIntervalIPsEntropy(std::chrono::micr
                 IPsDstNovelEntropy += -IPsDstNovelProb[i] * log2(IPsDstNovelProb[i]);
         }
 
+        this->ip_src_novel_count = IPsSrcNovelPktsCounts.size();
+        this->ip_dst_novel_count = IPsDstNovelPktsCounts.size();
+
         // FIXME: return doubles not floats
         std::vector<float> entropies = {static_cast<float>(IPsSrcEntropy), static_cast<float>(IPsDstEntropy), static_cast<float>(IPsSrcNovelEntropy), static_cast<float>(IPsDstNovelEntropy)};
         return entropies;
@@ -273,7 +276,8 @@ void statistics::addIntervalStat(std::chrono::duration<int, std::micro> interval
     interval_statistics[lastPktTimestamp_s].payload_count = payloadCount - intervalPayloadCount;
     interval_statistics[lastPktTimestamp_s].incorrect_tcp_checksum_count = incorrectTCPChecksumCount - intervalIncorrectTCPChecksumCount;
     interval_statistics[lastPktTimestamp_s].correct_tcp_checksum_count = correctTCPChecksumCount - intervalCorrectTCPChecksumCount;
-    interval_statistics[lastPktTimestamp_s].novel_ip_count = static_cast<int>(ip_statistics.size()) - intervalCumNovelIPCount;
+    interval_statistics[lastPktTimestamp_s].novel_ip_src_count = this->ip_src_novel_count;
+    interval_statistics[lastPktTimestamp_s].novel_ip_dst_count = this->ip_dst_novel_count;
     interval_statistics[lastPktTimestamp_s].novel_ttl_count = static_cast<int>(ttl_values.size()) - intervalCumNovelTTLCount;
     interval_statistics[lastPktTimestamp_s].novel_win_size_count = static_cast<int>(win_values.size()) - intervalCumNovelWinSizeCount;
     interval_statistics[lastPktTimestamp_s].novel_tos_count = static_cast<int>(tos_values.size()) - intervalCumNovelToSCount;

code_boost/src/cxx/statistics.h

@@ -256,7 +256,8 @@ struct entry_intervalStat {
     int payload_count;
     int incorrect_tcp_checksum_count;
     int correct_tcp_checksum_count;
-    int novel_ip_count;
+    size_t novel_ip_src_count;
+    size_t novel_ip_dst_count;
     int novel_ttl_count;
     int novel_win_size_count;
     int novel_tos_count;
@@ -277,7 +278,8 @@ struct entry_intervalStat {
                && ip_dst_cum_entropy == other.ip_dst_cum_entropy
                && payload_count == other.payload_count
                && incorrect_tcp_checksum_count == other.incorrect_tcp_checksum_count
-               && novel_ip_count == other.novel_ip_count
+               && novel_ip_src_count == other.novel_ip_src_count
+               && novel_ip_dst_count == other.novel_ip_dst_count
                && novel_ttl_count == other.novel_ttl_count
                && novel_win_size_count == other.novel_win_size_count
                && novel_tos_count == other.novel_tos_count
@@ -663,6 +665,8 @@ private:
     int intervalCorrectTCPChecksumCount = 0;
     int intervalCumPktCount = 0;
     float intervalCumSumPktSize = 0;
+    size_t ip_src_novel_count = 0;
+    size_t ip_dst_novel_count = 0;
     int intervalCumNovelIPCount = 0;
     int intervalCumNovelTTLCount = 0;
     int intervalCumNovelWinSizeCount = 0;

code_boost/src/cxx/statistics_db.cpp

@@ -676,7 +676,8 @@ void statistics_db::writeStatisticsInterval(const std::unordered_map<std::string
                     "payload_count INTEGER,"
                     "incorrect_tcp_checksum_count INTEGER,"
                     "correct_tcp_checksum_count INTEGER,"
-                    "ip_novel_Count INTEGER,"
+                    "ip_src_novel_Count INTEGER,"
+                    "ip_dst_novel_Count INTEGER,"
                     "port_novel_count INTEGER,"
                     "ttl_novel_count INTEGER,"
                     "win_size_novel_count INTEGER,"
@@ -780,7 +781,7 @@ void statistics_db::writeStatisticsInterval(const std::unordered_map<std::string
                 }
             }
 
-            SQLite::Statement query(*db, "INSERT INTO " + table_name + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
+            SQLite::Statement query(*db, "INSERT INTO " + table_name + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
             for (auto it = intervalStatistics.begin(); it != intervalStatistics.end(); ++it) {
                 const entry_intervalStat &e = it->second;
 
@@ -797,40 +798,41 @@ void statistics_db::writeStatisticsInterval(const std::unordered_map<std::string
                 query.bind(11, e.payload_count);
                 query.bind(12, e.incorrect_tcp_checksum_count);
                 query.bind(13, e.correct_tcp_checksum_count);
-                query.bind(14, e.novel_ip_count);
-                query.bind(15, e.novel_port_count);
-                query.bind(16, e.novel_ttl_count);
-                query.bind(17, e.novel_win_size_count);
-                query.bind(18, e.novel_tos_count);
-                query.bind(19, e.novel_mss_count);
-                query.bind(20, e.port_entropies[0]);
-                query.bind(21, e.ttl_entropies[0]);
-                query.bind(22, e.win_size_entropies[0]);
-                query.bind(23, e.tos_entropies[0]);
-                query.bind(24, e.mss_entropies[0]);
-                query.bind(25, e.port_entropies[1]);
-                query.bind(26, e.ttl_entropies[1]);
-                query.bind(27, e.win_size_entropies[1]);
-                query.bind(28, e.tos_entropies[1]);
-                query.bind(29, e.mss_entropies[1]);
-                query.bind(30, e.port_entropies[0]/port_entropy);
-                query.bind(31, e.ttl_entropies[0]/ttl_entropy);
-                query.bind(32, e.win_size_entropies[0]/win_size_entropy);
-                query.bind(33, e.tos_entropies[0]/tos_entropy);
-                query.bind(34, e.mss_entropies[0]/mss_entropy);
-                query.bind(35, e.port_entropies[1]/port_novel_entropy);
-                query.bind(36, e.ttl_entropies[1]/ttl_novel_entropy);
-                query.bind(37, e.win_size_entropies[1]/win_size_novel_entropy);
-                query.bind(38, e.tos_entropies[1]/tos_novel_entropy);
-                query.bind(39, e.mss_entropies[1]/mss_novel_entropy);
-                query.bind(40, e.ip_src_entropy/ip_src_entropy);
-                query.bind(41, e.ip_dst_entropy/ip_dst_entropy);
-                query.bind(42, e.ip_src_cum_entropy/ip_src_cum_entropy);
-                query.bind(43, e.ip_dst_cum_entropy/ip_dst_cum_entropy);
-                query.bind(44, e.ip_src_novel_entropy);
-                query.bind(45, e.ip_dst_novel_entropy);
-                query.bind(46, e.ip_src_novel_entropy/ip_src_novel_entropy);
-                query.bind(47, e.ip_dst_novel_entropy/ip_dst_novel_entropy);
+                query.bind(14, static_cast<long long>(e.novel_ip_src_count));
+                query.bind(15, static_cast<long long>(e.novel_ip_dst_count));
+                query.bind(16, e.novel_port_count);
+                query.bind(17, e.novel_ttl_count);
+                query.bind(18, e.novel_win_size_count);
+                query.bind(19, e.novel_tos_count);
+                query.bind(20, e.novel_mss_count);
+                query.bind(21, e.port_entropies[0]);
+                query.bind(22, e.ttl_entropies[0]);
+                query.bind(23, e.win_size_entropies[0]);
+                query.bind(24, e.tos_entropies[0]);
+                query.bind(25, e.mss_entropies[0]);
+                query.bind(26, e.port_entropies[1]);
+                query.bind(27, e.ttl_entropies[1]);
+                query.bind(28, e.win_size_entropies[1]);
+                query.bind(29, e.tos_entropies[1]);
+                query.bind(30, e.mss_entropies[1]);
+                query.bind(31, e.port_entropies[0]/port_entropy);
+                query.bind(32, e.ttl_entropies[0]/ttl_entropy);
+                query.bind(33, e.win_size_entropies[0]/win_size_entropy);
+                query.bind(34, e.tos_entropies[0]/tos_entropy);
+                query.bind(35, e.mss_entropies[0]/mss_entropy);
+                query.bind(36, e.port_entropies[1]/port_novel_entropy);
+                query.bind(37, e.ttl_entropies[1]/ttl_novel_entropy);
+                query.bind(38, e.win_size_entropies[1]/win_size_novel_entropy);
+                query.bind(39, e.tos_entropies[1]/tos_novel_entropy);
+                query.bind(40, e.mss_entropies[1]/mss_novel_entropy);
+                query.bind(41, e.ip_src_entropy/ip_src_entropy);
+                query.bind(42, e.ip_dst_entropy/ip_dst_entropy);
+                query.bind(43, e.ip_src_cum_entropy/ip_src_cum_entropy);
+                query.bind(44, e.ip_dst_cum_entropy/ip_dst_cum_entropy);
+                query.bind(45, e.ip_src_novel_entropy);
+                query.bind(46, e.ip_dst_novel_entropy);
+                query.bind(47, e.ip_src_novel_entropy/ip_src_novel_entropy);
+                query.bind(48, e.ip_dst_novel_entropy/ip_dst_novel_entropy);
                 query.exec();
                 query.reset();
 

code_boost/src/cxx/statistics_db.h

@@ -25,7 +25,7 @@ public:
     /*
      * Database version: Increment number on every change in the C++ code!
      */
-    static const int DB_VERSION = 25;
+    static const int DB_VERSION = 26;
 
     /*
      * Methods to read from database