Головна сторінка Огляд Довідка
Увійти
stefan.schmidt
/
ID2T-toolkit
відгалужено від SPIN/ID2T-toolkit
3
0
Відгалуження 0
Файли
Переглянути джерело

anomalyScore frm csv to DB

aidmar.wainakh 6 роки тому
батько
80d176ea95
коміт
a4df19ce95
3 змінених файлів з 29 додано та 23 видалено
Розділений вигляд Показати статистику Diff
  1. 22 20
      code_boost/src/cxx/statistics.cpp
  2. 2 2
      code_boost/src/cxx/statistics.h
  3. 5 1
      code_boost/src/cxx/statistics_db.cpp

+ 22 - 20
code_boost/src/cxx/statistics.cpp
Переглянути файл 

@@ -340,21 +340,22 @@ void statistics::addIpStat_packetSent(std::string filePath, std::string ipAddres
 
             ipSrc_Mahoney_score = (float)s_t*n/s_r;
 
         }
 
         
-            // Replace pcap filename with 'filename_ip_entropy'
 
-        std::string new_filepath = filePath;
 
-        const std::string &newExt = "_ip_src_anomaly_score.csv";
 
-        std::string::size_type h = new_filepath.rfind('.', new_filepath.length());
 
-        if (h != std::string::npos) {
 
-            new_filepath.replace(h, newExt.length(), newExt);
 
-        } else {
 
-            new_filepath.append(newExt);
 
-        }
 
+    // Replace pcap filename with 'filename_ip_entropy'
 
+    /*std::string new_filepath = filePath;
 
+    const std::string &newExt = "_ip_src_anomaly_score.csv";
 
+    std::string::size_type h = new_filepath.rfind('.', new_filepath.length());
 
+    if (h != std::string::npos) {
 
+        new_filepath.replace(h, newExt.length(), newExt);
 
+    } else {
 
+        new_filepath.append(newExt);
 
+    }
 
         
     // Write stats to file
 
     std::ofstream file;
 
     file.open (new_filepath,std::ios_base::app);
 
     file << ipAddressSender << ","<< s_t << "," << n << "," << s_r << "," << ipSrc_Mahoney_score << "\n";
 
     file.close();  
+    */
 
     
     ip_statistics[ipAddressSender].firstAppearAsSenderPktCount = packetCount;  
     ip_statistics[ipAddressSender].sourceAnomalyScore = ipSrc_Mahoney_score;    
@@ -390,21 +391,22 @@ void statistics::addIpStat_packetSent(std::string filePath, std::string ipAddres
 
             ipDst_Mahoney_score = (float)s_t*n/s_r;
 
         }
 
         
-        // Replace pcap filename with 'filename_ip_entropy'
 
-        std::string new_filepath = filePath;
 
-        const std::string &newExt = "_ip_dst_anomaly_score.csv";
 
-        std::string::size_type h = new_filepath.rfind('.', new_filepath.length());
 
-        if (h != std::string::npos) {
 
-            new_filepath.replace(h, newExt.length(), newExt);
 
-        } else {
 
-            new_filepath.append(newExt);
 
-        }
 
-        
+    // Replace pcap filename with 'filename_ip_entropy'
 
+    /*std::string new_filepath = filePath;
 
+    const std::string &newExt = "_ip_dst_anomaly_score.csv";
 
+    std::string::size_type h = new_filepath.rfind('.', new_filepath.length());
 
+    if (h != std::string::npos) {
 
+        new_filepath.replace(h, newExt.length(), newExt);
 
+    } else {
 
+        new_filepath.append(newExt);
 
+    }        
     // Write stats to file
 
     std::ofstream file;
 
     file.open (new_filepath,std::ios_base::app);
 
     file << ipAddressReceiver << ","<< s_t << "," << n << "," << s_r << "," << ipDst_Mahoney_score << "\n";
 
-    file.close();        
+    file.close();  
+    */
 
+    
     ip_statistics[ipAddressReceiver].firstAppearAsReceiverPktCount = packetCount;
 
     ip_statistics[ipAddressReceiver].destinationAnomalyScore = ipDst_Mahoney_score;
 
     }

+ 2 - 2
code_boost/src/cxx/statistics.h
Переглянути файл 

@@ -148,8 +148,8 @@ struct entry_ipStat {
 
     // Aidmar - to calculate Mahoney anomaly score
 
     long firstAppearAsSenderPktCount;
 
     long firstAppearAsReceiverPktCount;
 
-    long sourceAnomalyScore;
 
-    long destinationAnomalyScore;
 
+    float sourceAnomalyScore;
 
+    float destinationAnomalyScore;
 
     // Aidmar- To collect statstics over time interval
 
     std::vector<std::chrono::microseconds> pktsSentTimestamp;
 
     std::vector<std::chrono::microseconds> pktsReceivedTimestamp;

+ 5 - 1
code_boost/src/cxx/statistics_db.cpp
Переглянути файл 

@@ -33,9 +33,11 @@ void statistics_db::writeStatisticsIP(std::unordered_map<std::string, entry_ipSt
 
                 "maxPktRate REAL,"
 
                 "minPktRate REAL,"
 
                 "class TEXT, "
 
+                "srcAnomalyScore REAL, "
 
+                "dstAnomalyScore REAL, "
 
                 "PRIMARY KEY(ipAddress));";
 
         db->exec(createTable);
 
-        SQLite::Statement query(*db, "INSERT INTO ip_statistics VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
 
+        SQLite::Statement query(*db, "INSERT INTO ip_statistics VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
 
         for (auto it = ipStatistics.begin(); it != ipStatistics.end(); ++it) {
 
             entry_ipStat e = it->second;
 
             query.bind(1, it->first);
 
@@ -47,6 +49,8 @@ void statistics_db::writeStatisticsIP(std::unordered_map<std::string, entry_ipSt
 
             query.bind(6, e.max_pkt_rate);
 
             query.bind(7, e.min_pkt_rate);
 
             query.bind(8, e.ip_class);
 
+            query.bind(9, e.sourceAnomalyScore);
 
+            query.bind(10, e.destinationAnomalyScore);
 
             query.exec();
 
             query.reset();
 
         }