X-Git-Url: http://plrg.eecs.uci.edu/git/?p=pingpong.git;a=blobdiff_plain;f=Code%2FProjects%2FPacketLevelSignatureExtractor%2Fsrc%2Fmain%2Fjava%2Fedu%2Fuci%2Fiotproject%2Fdetection%2Flayer3%2FLayer3SignatureDetector.java;h=dbd904655a38add2ab69f7116a6d87bcab0bf56b;hp=4a5ecb90684c682b38ce702a590bcc50d64c2b5e;hb=39172356d48f5cd574ef15ec276a33de9146155a;hpb=e858f6e0e1b043e17b7a31138f3dc6b093553b1d

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer3/Layer3SignatureDetector.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer3/Layer3SignatureDetector.java
index 4a5ecb9..dbd9046 100644
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer3/Layer3SignatureDetector.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer3/Layer3SignatureDetector.java
@@ -47,7 +47,11 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
 
     public static void main(String[] args) throws PcapNativeException, NotOpenException, IOException {
         if (args.length < 8) {
-            String errMsg = String.format("Usage: %s inputPcapFile onAnalysisFile offAnalysisFile onSignatureFile offSignatureFile resultsFile" +
+            String errMsg = String.format("SPECTO version 1.0\n" +
+                            "Copyright (C) 2018-2019 Janus Varmarken and Rahmadi Trimananda.\n" +
+                            "University of California, Irvine.\n" +
+                            "All rights reserved.\n\n" +
+                            "Usage: %s inputPcapFile onAnalysisFile offAnalysisFile onSignatureFile offSignatureFile resultsFile" +
                             "\n  inputPcapFile: the target of the detection" +
                             "\n  onAnalysisFile: the file that contains the ON clusters analysis" +
                             "\n  offAnalysisFile: the file that contains the OFF clusters analysis" +
@@ -66,7 +70,11 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
         final String onSignatureFile = args[3];
         final String offSignatureFile = args[4];
         final String resultsFile = args[5];
-        final int signatureDuration = Integer.parseInt(args[6]);
+        // TODO: THIS IS TEMPORARILY SET TO DEFAULT SIGNATURE DURATION
+        // TODO: WE DO NOT WANT TO BE TOO STRICT AT THIS POINT SINCE LAYER 3 ALREADY APPLIES BACK-TO-BACK REQUIREMENT
+        // TODO: FOR PACKETS IN A SIGNATURE
+//        final int signatureDuration = Integer.parseInt(args[6]);
+        final int signatureDuration = TriggerTrafficExtractor.INCLUSION_WINDOW_MILLIS;
         final double eps = Double.parseDouble(args[7]);
 
         // Prepare file outputter.
@@ -95,27 +103,18 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
         // Check if we should use range-based matching
         boolean isRangeBasedForOn = PcapPacketUtils.isRangeBasedMatching(onSignature, eps, offSignature);
         boolean isRangeBasedForOff = PcapPacketUtils.isRangeBasedMatching(offSignature, eps, onSignature);
-//        boolean isRangeBasedForOn = false;
-//        boolean isRangeBasedForOff = false;
         // Update the signature with ranges if it is range-based
-        if (isRangeBasedForOn && isRangeBasedForOff) {
+        if (isRangeBasedForOn) {
             onSignature = PcapPacketUtils.useRangeBasedMatching(onSignature, onClusterAnalysis);
+        }
+        if (isRangeBasedForOff) {
             offSignature = PcapPacketUtils.useRangeBasedMatching(offSignature, offClusterAnalysis);
         }
         // WAN
-        double onEps = eps;
-        double offEps = eps;
-        // IFF the signature is just one pair of packets then we set EPS to 0 to make it tighter
-        if (onSignature.get(0).size() == 1 && onSignature.get(0).get(0).size() == 2) {
-            onEps = 0;
-        }
-        if (offSignature.get(0).size() == 1 && offSignature.get(0).get(0).size() == 2) {
-            offEps = 0;
-        }
         Layer3SignatureDetector onDetector = new Layer3SignatureDetector(onSignature, ROUTER_WAN_IP,
-                signatureDuration, isRangeBasedForOn, onEps);
+                signatureDuration, isRangeBasedForOn, eps);
         Layer3SignatureDetector offDetector = new Layer3SignatureDetector(offSignature, ROUTER_WAN_IP,
-                signatureDuration, isRangeBasedForOff, offEps);
+                signatureDuration, isRangeBasedForOff, eps);
 
         final DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofLocalizedDateTime(FormatStyle.MEDIUM).
                 withLocale(Locale.US).withZone(ZoneId.of("America/Los_Angeles"));
@@ -164,11 +163,14 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
         reader.readFromHandle();
 
         // TODO: need a better way of triggering detection than this...
-        if (isRangeBasedForOn && isRangeBasedForOff) {
+        if (isRangeBasedForOn) {
             onDetector.mClusterMatchers.forEach(cm -> cm.performDetectionRangeBased());
-            offDetector.mClusterMatchers.forEach(cm -> cm.performDetectionRangeBased());
         } else {
             onDetector.mClusterMatchers.forEach(cm -> cm.performDetectionConservative());
+        }
+        if (isRangeBasedForOff) {
+            offDetector.mClusterMatchers.forEach(cm -> cm.performDetectionRangeBased());
+        } else {
             offDetector.mClusterMatchers.forEach(cm -> cm.performDetectionConservative());
         }
 
@@ -179,15 +181,12 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
         // Output the detected events
         detectedEvents.forEach(outputter);
 
-        String resultOn = "Number of detected events of type " + UserAction.Type.TOGGLE_ON + ": " +
+        String resultOn = "# Number of detected events of type " + UserAction.Type.TOGGLE_ON + ": " +
                 detectedEvents.stream().filter(ua -> ua.getType() == UserAction.Type.TOGGLE_ON).count();
-        String resultOff = "Number of detected events of type " + UserAction.Type.TOGGLE_OFF + ": " +
+        String resultOff = "# Number of detected events of type " + UserAction.Type.TOGGLE_OFF + ": " +
                 detectedEvents.stream().filter(ua -> ua.getType() == UserAction.Type.TOGGLE_OFF).count();
         PrintWriterUtils.println(resultOn, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
         PrintWriterUtils.println(resultOff, resultsWriter, DUPLICATE_OUTPUT_TO_STD_OUT);
-        System.out.println(resultOn);
-        System.out.println(resultOff);
-
 
         // Flush output to results file and close it.
         resultsWriter.flush();
@@ -257,7 +256,8 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
         // Generate corresponding/appropriate ClusterMatchers based on the provided signature
         List<Layer3ClusterMatcher> clusterMatchers = new ArrayList<>();
         for (List<List<PcapPacket>> cluster : mSignature) {
-            clusterMatchers.add(new Layer3ClusterMatcher(cluster, routerWanIp, isRangeBased, eps, this));
+            clusterMatchers.add(new Layer3ClusterMatcher(cluster, routerWanIp, inclusionTimeMillis,
+                    isRangeBased, eps, this));
         }
         mClusterMatchers = Collections.unmodifiableList(clusterMatchers);
 
@@ -290,7 +290,7 @@ public class Layer3SignatureDetector implements PacketListener, ClusterMatcherOb
     }
 
     @Override
-    public void onMatch(AbstractClusterMatcher clusterMatcher, List<PcapPacket> match) {
+    public void onMatch(AbstractClusterMatcher clusterMatcher, List<PcapPacket> match, int maxSkippedPackets) {
         // Add the match at the corresponding index
         pendingMatches[mClusterMatcherIds.get(clusterMatcher)].add(match);
         checkSignatureMatch();