add more artifacts_tests, organize interval statistics functions

code_boost/src/CMakeLists.txt

@@ -23,7 +23,7 @@ SET(CMAKE_CXX_STANDARD 11)
 SET(CMAKE_CXX_STANDARD_REQUIRED ON)
 
 # Add the library source files
-SET(SOURCE_FILES cxx/pcap_processor.cpp cxx/pcap_processor.h cxx/statistics.cpp cxx/statistics.h cxx/statistics_db.cpp cxx/statistics_db.h)
+SET(SOURCE_FILES cxx/pcap_processor.cpp cxx/pcap_processor.h cxx/statistics.cpp cxx/statistics.h cxx/statistics_db.cpp cxx/statistics_db.h cxx/artifacts_tests.h cxx/artifacts_tests.cpp cxx/utilities.h cxx/utilities.cpp)
 
 # Include SQLiteCpp library and build it
 option(SQLITECPP_RUN_CPPLINT OFF)

code_boost/src/cxx/artifacts_tests.cpp

@@ -11,6 +11,12 @@ using namespace Tins;
  * Creates a new artifacts_tests object.
  */
 artifacts_tests::artifacts_tests() {
+     correctChecksum = 0;
+     incorrectChecksum= 0;
+     checksumIncorrectRatio= 0;
+    
+     noPayloadCount= 0;
+     payloadCount= 0;
 }
 
 
@@ -120,7 +126,7 @@ void artifacts_tests::check_checksum(std::string ipAddressSender, std::string ip
 
     //tcp_sum_calc(unsigned short len_tcp, unsigned short src_addr[],unsigned short dest_addr[], bool padding, unsigned short buff[])
     bool padding = false; 
-    int dataSize = bufferArray_8.size() - headerSize; 
+    int dataSize = bufferArray_8.size() - headerSize;  // TO-DO: why don't you use pkt.size()
     if(dataSize != 0)
         if(dataSize % 2 != 0)
             padding = true; // padding if the data size is odd
@@ -149,9 +155,39 @@ float artifacts_tests::get_checksum_incorrect_ratio(){
         ratio = (float)incorrectChecksum/totalPktsNum;
     
     std::cout<<"Incorrect checksums: "<<incorrectChecksum<<"\n";
-    std::cout<<"Total TCP packets: "<<incorrectChecksum+correctChecksum<<"\n";
+    std::cout<<"Total TCP packets: "<<totalPktsNum<<"\n";
     std::cout<<"get_checksum_incorrect_ratio: "<<ratio<<"\n";
     
     return ratio;
 }
 
+void artifacts_tests::check_payload(const PDU *pkt){
+    int pktSize = pkt->size();
+    int headerSize = pkt->header_size();
+    int payloadSize = pktSize - headerSize;
+    if(payloadSize>0)
+        payloadCount++;
+    else
+        noPayloadCount++;
+}
+
+/**
+ * Gets the ratio of packets that have payload to total number of packets.
+ */
+float artifacts_tests::get_payload_ratio(){
+    int totalPktsNum = noPayloadCount+payloadCount;
+    float ratio = 0;
+    if(totalPktsNum!=0)
+        ratio = (float)payloadCount/totalPktsNum;
+    
+    std::cout<<"Payload packets: "<<payloadCount<<"\n";
+    std::cout<<"Total packets: "<<totalPktsNum<<"\n";
+    std::cout<<"get_payload_ratio: "<<ratio<<"\n";
+    
+    return ratio;
+}
+
+void artifacts_tests::check_tos(uint8_t ToS){
+    if((unsigned)ToS != 0)
+        std::cout<<(unsigned)ToS<<"\n";
+}

code_boost/src/cxx/artifacts_tests.h

@@ -35,6 +35,9 @@ public:
     int incorrectChecksum;
     float checksumIncorrectRatio;
     
+    int noPayloadCount;
+    int payloadCount;
+    
     //std::string timstampPrecision;
     
     //statistics stats;
@@ -45,7 +48,9 @@ public:
      */
     void check_checksum(std::string ipAddressSender, std::string ipAddressReceiver, TCP tcpPkt);
     float get_checksum_incorrect_ratio();
-    
+    void check_payload(const PDU *pkt);
+    float get_payload_ratio();
+    void check_tos(uint8_t ToS);
     //bool check_timestamp_precision(const Packet &pkt);
 
     /*

code_boost/src/cxx/pcap_processor.cpp

@@ -152,6 +152,7 @@ void pcap_processor::collect_statistics() {
         
         // Aidmar
         tests.get_checksum_incorrect_ratio();
+        tests.get_payload_ratio();
     
     }
 }
@@ -200,6 +201,9 @@ void pcap_processor::process_packets(const Packet &pkt) {
         stats.assignMacAddress(ipAddressSender, macAddressSender);
         stats.assignMacAddress(ipAddressReceiver, macAddressReceiver);        
 
+        // Aidmar - Artifacts Tests: contemporary (ToS)
+        tests.check_tos(ipLayer.tos());
+        
     } // PDU is IPv6
     else if (pdu_l3_type == PDU::PDUType::IPv6) {
         const IPv6 &ipLayer = (const IPv6 &) *pdu_l3;
@@ -227,16 +231,23 @@ void pcap_processor::process_packets(const Packet &pkt) {
     const PDU *pdu_l4 = pdu_l3->inner_pdu();
     if (pdu_l4 != 0) {
         // Protocol distribution - layer 4
-        PDU::PDUType p = pdu_l4->pdu_type();        
+        PDU::PDUType p = pdu_l4->pdu_type();  
+        
+        // Aidmar - Artifacts Tests: payload
+        if (pdu_l3_type == PDU::PDUType::IP) {            
+            tests.check_payload(pdu_l4);
+          }
+          
         if (p == PDU::PDUType::TCP) {
             TCP tcpPkt = (const TCP &) *pdu_l4;
             
+          // Aidmar - Artifacts Tests: checksum
           if (pdu_l3_type == PDU::PDUType::IP) {            
             tests.check_checksum(ipAddressSender, ipAddressReceiver, tcpPkt);
           }
             
             stats.incrementProtocolCount(ipAddressSender, "TCP");                        
-            
+                    
             // Aidmar
             // Conversation statistics
             stats.addConvStat(ipAddressSender, tcpPkt.sport(), ipAddressReceiver, tcpPkt.dport(), pkt.timestamp());  
@@ -259,10 +270,14 @@ void pcap_processor::process_packets(const Packet &pkt) {
                 // Ignore MSS if option not set
             }
             stats.incrementPortCount(ipAddressSender, tcpPkt.sport(), ipAddressReceiver, tcpPkt.dport());
+            
+          // UDP Packet
         } else if (p == PDU::PDUType::UDP) {
+            
             const UDP udpPkt = (const UDP &) *pdu_l4;
-            stats.incrementProtocolCount(ipAddressSender, "UDP");
-            stats.incrementPortCount(ipAddressSender, udpPkt.sport(), ipAddressReceiver, udpPkt.dport());
+            stats.incrementProtocolCount(ipAddressSender, "UDP");            
+            stats.incrementPortCount(ipAddressSender, udpPkt.sport(), ipAddressReceiver, udpPkt.dport());                        
+          
         } else if (p == PDU::PDUType::ICMP) {
             stats.incrementProtocolCount(ipAddressSender, "ICMP");
         } else if (p == PDU::PDUType::ICMPv6) {

code_boost/src/cxx/statistics_db.cpp

@@ -376,9 +376,11 @@ void statistics_db::writeStatisticsInterval(std::unordered_map<std::string, entr
                 "pktsCount INTEGER,"
                 "ipSrcEntropy REAL,"      
                 "ipDstEntropy REAL,"  
+                "ipSrcCumEntropy REAL,"      
+                "ipDstCumEntropy REAL," 
                 "PRIMARY KEY(timestamp));";
         db->exec(createTable);
-        SQLite::Statement query(*db, "INSERT INTO interval_statistics VALUES (?, ?, ?, ?)");
+        SQLite::Statement query(*db, "INSERT INTO interval_statistics VALUES (?, ?, ?, ?, ?, ?)");
         for (auto it = intervalStatistics.begin(); it != intervalStatistics.end(); ++it) {
             std::string t = it->first;
             entry_intervalStat e = it->second;        
@@ -387,6 +389,8 @@ void statistics_db::writeStatisticsInterval(std::unordered_map<std::string, entr
             query.bind(2, (int)e.pkts_count);
             query.bind(3, e.ip_src_entropy);
             query.bind(4, e.ip_dst_entropy);
+            query.bind(5, e.ip_src_cum_entropy);
+            query.bind(6, e.ip_dst_cum_entropy);
 
             query.exec();
             query.reset();