rename flow to conversation

code_boost/src/cxx/statistics.cpp

@@ -302,33 +302,36 @@ void statistics::addIPEntropy(std::string filePath){
  * @param dport The destination port.
  * @param timestamp The timestamp of the packet.
  */
-void statistics::addFlowStat(std::string ipAddressSender,int sport,std::string ipAddressReceiver,int dport, std::chrono::microseconds timestamp){   
+void statistics::addFlowStat(std::string ipAddressSender,int sport,std::string ipAddressReceiver,int dport, std::chrono::microseconds timestamp){       
     
-    
-    flow f1 = {ipAddressReceiver, dport, ipAddressSender, sport};
-    flow f2 = {ipAddressSender, sport, ipAddressReceiver, dport};
+    conv f1 = {ipAddressReceiver, dport, ipAddressSender, sport};
+    conv f2 = {ipAddressSender, sport, ipAddressReceiver, dport};
     
     // if already exist A(ipAddressReceiver, dport), B(ipAddressSender, sport)
-    if (flow_statistics.count(f1)>0){
-        flow_statistics[f1].pkts_B_A++;
-        flow_statistics[f1].pkts_B_A_timestamp.push_back(timestamp);
-        if(flow_statistics[f1].pkts_A_B_timestamp.size()>0){
-            flow_statistics[f1].pkts_delay.push_back(std::chrono::duration_cast<std::chrono::microseconds> (timestamp - flow_statistics[f1].pkts_A_B_timestamp[flow_statistics[f1].pkts_A_B_timestamp.size()-1])); // TO-DO: use .back()
-        }
-        
+    if (conv_statistics.count(f1)>0){
+        conv_statistics[f1].pkts_B_A++; // increment packets number from B to A
+        conv_statistics[f1].pkts_B_A_timestamp.push_back(timestamp);
+    
+        // Calculate reply delay (consider only delay of first two reply packets - most likely TCP handshake)
+        if(conv_statistics[f1].pkts_A_B_timestamp.size()>0 && conv_statistics[f1].pkts_A_B_timestamp.size()<=2){
+            conv_statistics[f1].pkts_delay.push_back(std::chrono::duration_cast<std::chrono::microseconds> (timestamp - conv_statistics[f1].pkts_A_B_timestamp.back()));
+        }      
         //std::cout<<timestamp.count()<<"::"<<ipAddressReceiver<<":"<<dport<<","<<ipAddressSender<<":"<<sport<<"\n"; 
-        //std::cout<<flow_statistics[f1].pkts_A_B<<"\n";
-        //std::cout<<flow_statistics[f1].pkts_B_A<<"\n";
+        //std::cout<<conv_statistics[f1].pkts_A_B<<"\n";
+        //std::cout<<conv_statistics[f1].pkts_B_A<<"\n";
     }
     else{
-        flow_statistics[f2].pkts_A_B++;
-        flow_statistics[f2].pkts_A_B_timestamp.push_back(timestamp);
-         if(flow_statistics[f2].pkts_B_A_timestamp.size()>0){
-            flow_statistics[f2].pkts_delay.push_back(std::chrono::duration_cast<std::chrono::microseconds> (timestamp - flow_statistics[f2].pkts_B_A_timestamp[flow_statistics[f2].pkts_B_A_timestamp.size()-1])); // TO-DO: use .back()
-        }
+        conv_statistics[f2].pkts_A_B++; // increment packets number from A to B
+        conv_statistics[f2].pkts_A_B_timestamp.push_back(timestamp);
+        
+         /*
+         // Calculate delay
+         if(conv_statistics[f2].pkts_B_A_timestamp.size()>0){
+            conv_statistics[f2].pkts_delay.push_back(std::chrono::duration_cast<std::chrono::microseconds> (timestamp - conv_statistics[f2].pkts_B_A_timestamp.back())); 
+        }  */
         //std::cout<<timestamp.count()<<"::"<<ipAddressSender<<":"<<sport<<","<<ipAddressReceiver<<":"<<dport<<"\n"; 
-        //std::cout<<flow_statistics[f2].pkts_A_B<<"\n";
-        //std::cout<<flow_statistics[f2].pkts_B_A<<"\n";
+        //std::cout<<conv_statistics[f2].pkts_A_B<<"\n";
+        //std::cout<<conv_statistics[f2].pkts_B_A<<"\n";
     }        
 }
     
@@ -749,7 +752,7 @@ void statistics::writeToDatabase(std::string database_path) {
     // Aidmar
     db.writeStatisticsMss_dist(mss_distribution);
     db.writeStatisticsWin(win_distribution);
-    db.writeStatisticsFlow(flow_statistics);
+    db.writeStatisticsConv(conv_statistics);
     db.writeStatisticsInterval(interval_statistics);
 }
 

code_boost/src/cxx/statistics.h

@@ -42,19 +42,19 @@ struct ip_stats {
 
 // Aidmar
 /*
- * Struct used to represent a flow by:
+ * Struct used to represent a conv by:
  * - IP address A
  * - Port A
  * - IP address B
  * - Port B
  */
-struct flow{
+struct conv{
     std::string ipAddressA;
     int portA;
     std::string ipAddressB;
     int portB;
 
-    bool operator==(const flow &other) const {
+    bool operator==(const conv &other) const {
         return ipAddressA == other.ipAddressA
                && portA == other.portA
                &&ipAddressB == other.ipAddressB
@@ -197,21 +197,21 @@ struct entry_intervalStat {
  * - Number of packets from A to B
  * - Number of packets from B to A
  */
-struct entry_flowStat {
+struct entry_convStat {
     long pkts_A_B;
     long pkts_B_A;
     std::vector<std::chrono::microseconds> pkts_A_B_timestamp;
     std::vector<std::chrono::microseconds> pkts_B_A_timestamp;
     std::vector<std::chrono::microseconds> pkts_delay;
     //std::chrono::duration<double, std::micro> median_delay;
-    std::chrono::microseconds median_delay;
+    std::chrono::microseconds avg_delay;
     
-    bool operator==(const entry_flowStat &other) const {
+    bool operator==(const entry_convStat &other) const {
         return pkts_A_B == other.pkts_A_B
                && pkts_A_B_timestamp == other.pkts_A_B_timestamp
                && pkts_B_A_timestamp == other.pkts_B_A_timestamp
                && pkts_delay == other.pkts_delay
-               && median_delay == other.median_delay;
+               && avg_delay == other.avg_delay;
     }
 };
 
@@ -275,8 +275,8 @@ namespace std {
     
     // Aidmar: TO-DO:??
     template<>
-    struct hash<flow> {
-        std::size_t operator()(const flow &k) const {
+    struct hash<conv> {
+        std::size_t operator()(const conv &k) const {
             using std::size_t;
             using std::hash;
             using std::string;
@@ -401,7 +401,7 @@ private:
     // {IP Address, Win size, count}
     std::unordered_map<ipAddress_win, int> win_distribution;
     // {IP Address A, Port A, IP Address B, Port B,   #packets_A_B, #packets_B_A}
-    std::unordered_map<flow, entry_flowStat> flow_statistics;
+    std::unordered_map<conv, entry_convStat> conv_statistics;
     std::unordered_map<std::string, entry_intervalStat> interval_statistics;
     
     // {IP Address, Protocol, count}

code_boost/src/cxx/statistics_db.cpp

@@ -313,39 +313,44 @@ void statistics_db::writeStatisticsWin(std::unordered_map<ipAddress_win, int> wi
 
 // Aidamr
 /**
- * Writes the flow statistics into the database.
- * @param flowStatistics The flow from class statistics.
+ * Writes the conversation statistics into the database.
+ * @param convStatistics The conversation from class statistics.
  */
-void statistics_db::writeStatisticsFlow(std::unordered_map<flow, entry_flowStat> flowStatistics){          
+void statistics_db::writeStatisticsConv(std::unordered_map<conv, entry_convStat> convStatistics){          
     try {
-        db->exec("DROP TABLE IF EXISTS flow_statistics");
+        db->exec("DROP TABLE IF EXISTS conv_statistics");
         SQLite::Transaction transaction(*db);
-        const char *createTable = "CREATE TABLE flow_statistics ("
+        const char *createTable = "CREATE TABLE conv_statistics ("
                 "ipAddressA TEXT,"
                 "portA INTEGER,"
                 "ipAddressB TEXT,"              
                 "portB INTEGER,"
                 "pkts_A_B INTEGER,"
                 "pkts_B_A INTEGER,"
-                "medianDelay INTEGER,"
+                "avgDelay INTEGER,"
                 //"medianDelay TEXT,"
                 "PRIMARY KEY(ipAddressA,portA,ipAddressB,portB));";
         db->exec(createTable);
-        SQLite::Statement query(*db, "INSERT INTO flow_statistics VALUES (?, ?, ?, ?, ?, ?, ?)");
-        for (auto it = flowStatistics.begin(); it != flowStatistics.end(); ++it) {
-            flow f = it->first;
-            entry_flowStat e = it->second;
+        SQLite::Statement query(*db, "INSERT INTO conv_statistics VALUES (?, ?, ?, ?, ?, ?, ?)");
+        for (auto it = convStatistics.begin(); it != convStatistics.end(); ++it) {
+            conv f = it->first;
+            entry_convStat e = it->second;
             
             // Compute the median delay
-            e.median_delay = e.pkts_delay[e.pkts_delay.size()/2];
-            
+            //e.median_delay = e.pkts_delay[e.pkts_delay.size()/2];
+            int sumDelay = 0;
+            for(int i=0; i<e.pkts_delay.size();i++){
+                sumDelay += e.pkts_delay[i].count();
+            }
+            e.avg_delay = (std::chrono::microseconds)sumDelay/e.pkts_delay.size(); // average
+
             query.bind(1, f.ipAddressA);
             query.bind(2, f.portA);
             query.bind(3, f.ipAddressB);
             query.bind(4, f.portB);
             query.bind(5, (int) e.pkts_A_B);
             query.bind(6, (int) e.pkts_B_A);
-            query.bind(7, (int) e.median_delay.count());
+            query.bind(7, (int) e.avg_delay.count());
             //query.bind(7,  std::to_string(e.median_delay.count()));            
             query.exec();
             query.reset();

code_boost/src/cxx/statistics_db.h

@@ -42,7 +42,7 @@ public:
     // Aidmar - new tables
     void writeStatisticsMss_dist(std::unordered_map<ipAddress_mss, int> mssDistribution);
     void writeStatisticsWin(std::unordered_map<ipAddress_win, int> winDistribution);
-    void writeStatisticsFlow(std::unordered_map<flow, entry_flowStat> flowStatistics);
+    void writeStatisticsConv(std::unordered_map<conv, entry_convStat> convStatistics);
     void writeStatisticsInterval(std::unordered_map<std::string, entry_intervalStat> intervalStatistics);
 
 private: