|
@@ -4,6 +4,9 @@ import java.util.LinkedList;
|
|
|
import de.tu_darmstadt.tk.SmartHomeNetworkSim.core.Link;
|
|
|
import de.tu_darmstadt.tk.SmartHomeNetworkSim.core.Packet;
|
|
|
import de.tu_darmstadt.tk.SmartHomeNetworkSim.core.PacketSniffer;
|
|
|
+import weka.clusterers.SimpleKMeans;
|
|
|
+import weka.core.Instance;
|
|
|
+import weka.core.Instances;
|
|
|
|
|
|
/**
|
|
|
* Unsupervised Example - maybe Clustering
|
|
@@ -12,9 +15,65 @@ import de.tu_darmstadt.tk.SmartHomeNetworkSim.core.PacketSniffer;
|
|
|
*/
|
|
|
public class UnsupervisedAnomalyDetectionExample implements PacketSniffer {
|
|
|
|
|
|
+ /**
|
|
|
+ * Clusterer
|
|
|
+ */
|
|
|
+ private SimpleKMeans clusterer;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * True, if instances should be used for training
|
|
|
+ */
|
|
|
+ private boolean training = true;
|
|
|
+
|
|
|
+ /**
|
|
|
+ *
|
|
|
+ */
|
|
|
+ public UnsupervisedAnomalyDetectionExample() {
|
|
|
+ clusterer = new SimpleKMeans();
|
|
|
+ clusterer.setSeed(42);
|
|
|
+ try {
|
|
|
+ clusterer.setNumClusters(20);
|
|
|
+ } catch (Exception e) {
|
|
|
+ System.out.println("Error while building cluster");
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+ }
|
|
|
@Override
|
|
|
public void processPackets(HashMap<Link, LinkedList<Packet>> packets) {
|
|
|
- //TODO: feature encoding, clustering weka?
|
|
|
+ if(!packets.entrySet().isEmpty() && packets.entrySet().iterator().next().getValue().getFirst().getTimestamp()>10000)
|
|
|
+ training = false;
|
|
|
+
|
|
|
+ Instances processed = preProcess(packets);
|
|
|
+ if(training)
|
|
|
+ try {
|
|
|
+ training(processed);
|
|
|
+ } catch (Exception e) {
|
|
|
+ // TODO Auto-generated catch block
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+ else
|
|
|
+ classify(processed);
|
|
|
+ }
|
|
|
+
|
|
|
+ private Instances preProcess(HashMap<Link, LinkedList<Packet>> packets) {
|
|
|
+
|
|
|
+
|
|
|
+ return null;
|
|
|
+
|
|
|
+ }
|
|
|
+
|
|
|
+ private void training(Instances processed) throws Exception {
|
|
|
+ clusterer.buildClusterer(processed);
|
|
|
+ }
|
|
|
+
|
|
|
+ private void classify(Instances processed) {
|
|
|
+ for(Instance i:processed)
|
|
|
+ try {
|
|
|
+ clusterer.clusterInstance(i);
|
|
|
+ } catch (Exception e) {
|
|
|
+ System.out.println("Anomaly "+i);
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
}
|