X-Git-Url: http://plrg.eecs.uci.edu/git/?a=blobdiff_plain;ds=sidebyside;f=Code%2FProjects%2FSmartPlugDetector%2Fsrc%2Fmain%2Fjava%2Fedu%2Fuci%2Fiotproject%2Fanalysis%2FTcpConversationUtils.java;h=a27e5fcbaa12eb2608c712110ac09943d10f7094;hb=b43149a6c6459c21ac1b5a5d243099f9d96b1a95;hp=9c9af7072fa35f5e7b51d3ad9621e98e90140027;hpb=789cf885cd0f1e8a6aff1680fd2bcd10f28997cd;p=pingpong.git diff --git a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/analysis/TcpConversationUtils.java b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/analysis/TcpConversationUtils.java index 9c9af70..a27e5fc 100644 --- a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/analysis/TcpConversationUtils.java +++ b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/analysis/TcpConversationUtils.java @@ -2,6 +2,7 @@ package edu.uci.iotproject.analysis; import edu.uci.iotproject.Conversation; import edu.uci.iotproject.DnsMap; +import edu.uci.iotproject.FinAckPair; import edu.uci.iotproject.util.PcapPacketUtils; import org.pcap4j.core.PcapPacket; import org.pcap4j.packet.IpV4Packet; @@ -17,7 +18,6 @@ import java.util.*; */ public class TcpConversationUtils { - /** *

* Given a {@link Conversation}, extract its set of "packet pairs", i.e., pairs of request-reply packets. @@ -157,12 +157,38 @@ public class TcpConversationUtils { continue; } StringBuilder sb = new StringBuilder(); - for (PcapPacket pp : conv.getPackets()) { - if (sb.length() != 0) { - // only add a space if there's preceding content - sb.append(" "); + // Add SYN and SYNACK at front of sequence to indicate if we saw the handshake or if recording started in + // the middle of the conversation. + for (PcapPacket syn : conv.getSynPackets()) { + TcpPacket.TcpHeader tcpHeader = syn.get(TcpPacket.class).getHeader(); + if (tcpHeader.getSyn() && tcpHeader.getAck()) { + // Only append a space if there's preceding content. + appendSpaceIfNotEmpty(sb); + sb.append("SYNACK"); + } else if (tcpHeader.getSyn()) { + if (sb.length() != 0) { + // If present in the trace, the client's SYN should be at the front of the list, so it should be + // appended as the first item. + throw new AssertionError("StringBuilder had content when appending SYN"); + } + sb.append("SYN"); } - sb.append(pp.length()); + } + // Then append the length of all application data packets. + for (PcapPacket pp : conv.getPackets()) { + // Only append a space if there's preceding content. + appendSpaceIfNotEmpty(sb); + sb.append("(" + conv.getDirection(pp).toCompactString() + "_" + pp.length() + ")"); + } + // Then append the logged FINs to indicate if conversation was terminated gracefully. + for (FinAckPair fap : conv.getFinAckPairs()) { + appendSpaceIfNotEmpty(sb); + sb.append(fap.isAcknowledged() ? "FINACK" : "FIN"); + } + // Then append the logged RSTs to indicate if conversation was terminated abruptly. + for (PcapPacket pp : conv.getRstPackets()) { + appendSpaceIfNotEmpty(sb); + sb.append("RST"); } List oneItemList = new ArrayList<>(); oneItemList.add(conv); @@ -228,4 +254,14 @@ public class TcpConversationUtils { } return result; } + + /** + * Appends a space to {@code sb} iff {@code sb} already contains some content. + * @param sb A {@link StringBuilder} that should have a space appended iff it is not empty. + */ + private static void appendSpaceIfNotEmpty(StringBuilder sb) { + if (sb.length() != 0) { + sb.append(" "); + } + } }