public static void main(String[] args) throws PcapNativeException, NotOpenException, IOException {
// Parse required parameters.
if (args.length < 8) {
- String errMsg = String.format("Usage: %s inputPcapFile onAnalysisFile offAnalysisFile onSignatureFile offSignatureFile resultsFile" +
+ String errMsg = String.format("SPECTO version 1.0\n" +
+ "Copyright (C) 2018-2019 Janus Varmarken and Rahmadi Trimananda.\n" +
+ "University of California, Irvine.\n" +
+ "All rights reserved.\n\n" +
+ "Usage: %s inputPcapFile onAnalysisFile offAnalysisFile onSignatureFile offSignatureFile resultsFile" +
"\n inputPcapFile: the target of the detection" +
"\n onAnalysisFile: the file that contains the ON clusters analysis" +
"\n offAnalysisFile: the file that contains the OFF clusters analysis" +
final int signatureDuration = Integer.parseInt(args[6]);
final double eps = Double.parseDouble(args[7]);
-// final String pcapFile = args[0];
-// final String onSignatureFile = args[1];
-// final String offSignatureFile = args[2];
-// final String resultsFile = args[3];
-// final int signatureDuration = Integer.parseInt(args[4]);
-
// Parse optional parameters.
List<Function<Layer2Flow, Boolean>> onSignatureMacFilters = null, offSignatureMacFilters = null;
final int optParamsStartIdx = 7;
// Parse the file
reader.readFromHandle();
- String resultOn = "Number of detected events of type " + UserAction.Type.TOGGLE_ON + ": " +
+ String resultOn = "# Number of detected events of type " + UserAction.Type.TOGGLE_ON + ": " +
detectedEvents.stream().filter(ua -> ua.getType() == UserAction.Type.TOGGLE_ON).count();
- String resultOff = "Number of detected events of type " + UserAction.Type.TOGGLE_OFF + ": " +
+ String resultOff = "# Number of detected events of type " + UserAction.Type.TOGGLE_OFF + ": " +
detectedEvents.stream().filter(ua -> ua.getType() == UserAction.Type.TOGGLE_OFF).count();
+ String onMaxSkippedPackets = "# Number of skipped packets in ON signature " +
+ Integer.toString(onDetector.getMaxSkippedPackets());
+ String offMaxSkippedPackets = "# Number of skipped packets in OFF signature " +
+ Integer.toString(offDetector.getMaxSkippedPackets());
PrintWriterUtils.println(resultOn, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
PrintWriterUtils.println(resultOff, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
+ PrintWriterUtils.println(onMaxSkippedPackets, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
+ PrintWriterUtils.println(offMaxSkippedPackets, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
// Flush output to results file and close it.
resultsWriter.flush();
private int mInclusionTimeMillis;
+ private int mMaxSkippedPackets;
+
public Layer2SignatureDetector(List<List<List<PcapPacket>>> searchedSignature, int signatureDuration, boolean isRangeBased, double eps) {
this(searchedSignature, null, signatureDuration, isRangeBased, eps);
}
mClusterMatchers.forEach(cm -> mFlowReassembler.addObserver(cm));
mInclusionTimeMillis =
inclusionTimeMillis == 0 ? TriggerTrafficExtractor.INCLUSION_WINDOW_MILLIS : inclusionTimeMillis;
+ mMaxSkippedPackets = 0;
+ }
+
+ public int getMaxSkippedPackets() {
+ return mMaxSkippedPackets;
}
@Override
}
@Override
- public void onMatch(AbstractClusterMatcher clusterMatcher, List<PcapPacket> match) {
+ public void onMatch(AbstractClusterMatcher clusterMatcher, List<PcapPacket> match, int maxSkippedPackets) {
+ // Update the number of skipped packets
+ if (mMaxSkippedPackets < maxSkippedPackets) {
+ mMaxSkippedPackets = maxSkippedPackets;
+ }
// TODO: a cluster matcher found a match
if (clusterMatcher instanceof Layer2ClusterMatcher) {
// Add the match at the corresponding index