From e20eee2ac946a78a6880351ac4a26da120171f3e Mon Sep 17 00:00:00 2001 From: rtrimana Date: Thu, 30 Aug 2018 14:37:54 -0700 Subject: [PATCH] Adding more checks for Application Data; basically if a packet has the Application Data type (=23) and it exceeds the MTU size 1514, then the next packet should be Application Data packet as well. --- .../java/edu/uci/iotproject/Conversation.java | 30 +++++++++++++++++-- .../main/java/edu/uci/iotproject/Main.java | 22 +++++++------- python_ml/plotting.py | 5 ++-- 3 files changed, 42 insertions(+), 15 deletions(-) diff --git a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Conversation.java b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Conversation.java index da1f286..8beade2 100644 --- a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Conversation.java +++ b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Conversation.java @@ -82,6 +82,11 @@ public class Conversation { * List of RST packets associated with this conversation. */ private final List mRstPackets; + + /** + * Boolean to mark the packet as Application Data based on the previous packet that reaches MTU + */ + private boolean mApplicationData; /* End instance properties */ /** @@ -127,6 +132,7 @@ public class Conversation { this.mSynPackets = new ArrayList<>(); this.mFinPackets = new ArrayList<>(); this.mRstPackets = new ArrayList<>(); + this.mApplicationData = false; } /** @@ -169,8 +175,28 @@ public class Conversation { byte[] rawPayload = tcpPayload.getRawData(); // The SSL record header is at the front of the payload and is 5 bytes long. // The SSL record header type field (the first byte) is set to 23 if it is an Application Data packet. - if (rawPayload != null && rawPayload.length >= 5 && rawPayload[0] == 23) { - mTlsApplicationDataPackets.add(packet); + if (rawPayload != null && rawPayload.length >= 5) { + if (rawPayload[0] == 23) { + mTlsApplicationDataPackets.add(packet); + // Consider the following packet a data packet if this packet's size == MTU size 1448 + if (rawPayload.length >= 1448) + mApplicationData = true; + } else if (rawPayload[0] == 20) { + // Do nothing for now - CHANGE_CIPHER_SPEC + } else if (rawPayload[0] == 21) { + // Do nothing for now - ALERT + } else if (rawPayload[0] == 22) { + // Do nothing for now - HANDSHAKE + } else { + // If it is TLS with payload, but rawPayload[0] != 23 + if (mApplicationData == true) { + // It is a continuation of the previous packet if the previous packet reaches MTU size 1448 and + // it is not either type 20, 21, or 22 + mTlsApplicationDataPackets.add(packet); + if (rawPayload.length < 1448) + mApplicationData = false; + } + } } } } diff --git a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Main.java b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Main.java index d70c6ae..1976870 100644 --- a/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Main.java +++ b/Code/Projects/SmartPlugDetector/src/main/java/edu/uci/iotproject/Main.java @@ -46,10 +46,10 @@ public class Main { final String offPairsPath = "/scratch/July-2018/off.txt"; // 1) D-Link July 26 experiment - final String inputPcapFile = path + "/2018-07/dlink/dlink.wlan1.local.pcap"; - final String outputPcapFile = path + "/2018-07/dlink/dlink-processed.pcap"; - final String triggerTimesFile = path + "/2018-07/dlink/dlink-july-26-2018.timestamps"; - final String deviceIp = "192.168.1.246"; // .246 == phone; .199 == dlink plug? +// final String inputPcapFile = path + "/2018-07/dlink/dlink.wlan1.local.pcap"; +// final String outputPcapFile = path + "/2018-07/dlink/dlink-processed.pcap"; +// final String triggerTimesFile = path + "/2018-07/dlink/dlink-july-26-2018.timestamps"; +// final String deviceIp = "192.168.1.246"; // .246 == phone; .199 == dlink plug? // 2) TP-Link July 25 experiment // final String inputPcapFile = path + "/2018-07/tplink/tplink.wlan1.local.pcap"; @@ -87,7 +87,7 @@ public class Main { // final String inputPcapFile = path + "/2018-08/tplink-bulb/tplinkbulb.wlan1.local.pcap"; // final String outputPcapFile = path + "/2018-08/tplink-bulb/tplinkbulb-processed.pcap"; // final String triggerTimesFile = path + "/2018-08/tplink-bulb/tplink-bulb-aug-3-2018.timestamps"; -// final String deviceIp = "192.168.1.140"; +// final String deviceIp = "192.168.1.246"; // 7) Kwikset Doorlock August 6 experiment // final String inputPcapFile = path + "/2018-08/kwikset-doorlock/kwikset-doorlock.wlan1.local.pcap"; @@ -105,7 +105,7 @@ public class Main { // final String inputPcapFile = path + "/2018-08/lifx-bulb/lifx-bulb.wlan1.local.pcap"; // final String outputPcapFile = path + "/2018-08/lifx-bulb/lifx-bulb-processed.pcap"; // final String triggerTimesFile = path + "/2018-08/lifx-bulb/lifx-bulb-aug-8-2018.timestamps"; -// final String deviceIp = "192.168.1.246"; // .246 == phone; .231 == Lifx +// final String deviceIp = "192.168.1.231"; // .246 == phone; .231 == Lifx // 10) Amcrest Camera August 9 experiment // final String inputPcapFile = path + "/2018-08/amcrest-camera/amcrest-camera.wlan1.local.pcap"; @@ -123,7 +123,7 @@ public class Main { // final String inputPcapFile = path + "/2018-08/blossom/blossom.wlan1.local.pcap"; // final String outputPcapFile = path + "/2018-08/blossom/blossom-processed.pcap"; // final String triggerTimesFile = path + "/2018-08/blossom/blossom-aug-13-2018.timestamps"; -// final String deviceIp = "192.168.1.229"; // .246 == phone; .229 == sprinkler +// final String deviceIp = "192.168.1.246"; // .246 == phone; .229 == sprinkler // 13) DLink siren August 14 experiment // final String inputPcapFile = path + "/2018-08/dlink-siren/dlink-siren.wlan1.local.pcap"; @@ -138,10 +138,10 @@ public class Main { // final String deviceIp = "192.168.1.246"; // .246 == phone; .127 == Nest thermostat // 15) Alexa August 16 experiment -// final String inputPcapFile = path + "/2018-08/alexa/alexa.wlan1.local.pcap"; -// final String outputPcapFile = path + "/2018-08/alexa/alexa-processed.pcap"; -// final String triggerTimesFile = path + "/2018-08/alexa/alexa-aug-16-2018.timestamps"; -// final String deviceIp = "192.168.1.225"; // .246 == phone; .225 == Alexa + final String inputPcapFile = path + "/2018-08/alexa/alexa.wlan1.local.pcap"; + final String outputPcapFile = path + "/2018-08/alexa/alexa-processed.pcap"; + final String triggerTimesFile = path + "/2018-08/alexa/alexa-aug-16-2018.timestamps"; + final String deviceIp = "192.168.1.225"; // .246 == phone; .225 == Alexa // August 17 // final String inputPcapFile = path + "/2018-08/alexa/alexa2.wlan1.local.pcap"; // final String outputPcapFile = path + "/2018-08/alexa/alexa2-processed.pcap"; diff --git a/python_ml/plotting.py b/python_ml/plotting.py index 526bf8c..8218c80 100644 --- a/python_ml/plotting.py +++ b/python_ml/plotting.py @@ -12,7 +12,7 @@ fig.set_size_inches(7, 7) # TODO: Just change the following path and filename # when needed to read from a different file path = "/scratch/July-2018/Pairs/" -filename = "dlink-off.txt" +filename = "alexa-off.txt" # Read and create an array of pairs with open(path + filename, "r") as pairs: @@ -27,7 +27,7 @@ with open(path + filename, "r") as pairs: #print(pairsArr) X = np.array(pairsArr); -clusters = 9 +clusters = 25 # Plot the data points based on the clusters clusterer = KMeans(n_clusters=clusters, random_state=10) @@ -43,6 +43,7 @@ centers = clusterer.cluster_centers_ for i, c in enumerate(centers): mark = '[' + str(int(c[0])) + ', ' + str(int(c[1])) + ']' + ', ' + str(clusterer.labels_.tolist().count(i)) ax2.scatter(c[0], c[1], marker='$%s$' % mark, alpha=1, s=3000, edgecolor='k') + print('[' + str(int(c[0])) + ', ' + str(int(c[1])) + ']' + ', ' + str(clusterer.labels_.tolist().count(i))) ax2.set_title("The visualization of the clustered data.") ax2.set_xlabel("Feature space for the 1st feature") -- 2.34.1