* 08/31/18: Added unconvetional TLS ports used by WeMo plugs and LiFX bulb.
* 09/20/18: Moved hardcoded ports to other class to allow other classes to query the set of TLS ports.
*/
-// return mServerPort == 443 || mServerPort == 8443 || mServerPort == 41143;
- return TcpConversationUtils.isTlsPort(mServerPort);
+ return TcpConversationUtils.isTlsPort(mServerPort) || TcpConversationUtils.isTlsPort(mClientPort);
}
/**
// final String triggerTimesFile = path + "/2018-07/dlink/dlink-july-26-2018.timestamps";
// final String deviceIp = "192.168.1.199"; // .246 == phone; .199 == dlink plug?
// Actual training
- final String inputPcapFile = path + "/2018-10/dlink-plug/dlink-plug.wlan1.local.pcap";
- final String outputPcapFile = path + "/2018-10/dlink-plug/dlink-plug-processed.pcap";
- final String triggerTimesFile = path + "/2018-10/dlink-plug/dlink-plug-oct-17-2018.timestamps";
- final String deviceIp = "192.168.1.199"; // .246 == phone; .199 == dlink plug?
+// final String inputPcapFile = path + "/2018-10/dlink-plug/dlink-plug.wlan1.local.pcap";
+// final String outputPcapFile = path + "/2018-10/dlink-plug/dlink-plug-processed.pcap";
+// final String triggerTimesFile = path + "/2018-10/dlink-plug/dlink-plug-oct-17-2018.timestamps";
+// final String deviceIp = "192.168.1.199"; // .246 == phone; .199 == dlink plug?
// 2) TP-Link July 25 experiment
// final String inputPcapFile = path + "/2018-07/tplink/tplink.wlan1.local.pcap";
// final String deviceIp = "192.168.1.246"; // .246 == phone; .235 == camera
// 11) Arlo Camera August 10 experiment
-// final String inputPcapFile = path + "/2018-08/arlo-camera/arlo-camera.wlan1.local.pcap";
-// final String outputPcapFile = path + "/2018-08/arlo-camera/arlo-camera-processed.pcap";
-// final String triggerTimesFile = path + "/2018-08/arlo-camera/arlo-camera-aug-10-2018.timestamps";
-// final String deviceIp = "192.168.1.140"; // .246 == phone; .140 == camera
+ final String inputPcapFile = path + "/2018-08/arlo-camera/arlo-camera.wlan1.local.pcap";
+ final String outputPcapFile = path + "/2018-08/arlo-camera/arlo-camera-processed.pcap";
+ final String triggerTimesFile = path + "/2018-08/arlo-camera/arlo-camera-aug-10-2018.timestamps";
+ final String deviceIp = "192.168.1.246"; // .246 == phone; .140 == camera
// 12) Blossom sprinkler August 13 experiment
// final String inputPcapFile = path + "/2018-08/blossom/blossom.wlan1.local.pcap";
// Skip empty conversations.
continue;
}
+ // TODO: DEBUG!!!
+ /*List<PcapPacket> listPP = c.getPackets();
+ if(listPP.size() > 1000) {
+ for (PcapPacket pp : listPP) {
+ if (pp.length() == 639) {
+ boolean test = c.isTls();
+ System.out.println("Sequence has 639! " + test);
+ }
+ }
+ }*/
for (List<PcapPacket> signatureSequence : mCluster) {
if (isTlsSequence(signatureSequence) != c.isTls()) {
// We consider it a mismatch if one is a TLS application data sequence and the other is not.
// D-Link Siren experiment
// final String inputPcapFile = path + "/evaluation/dlink-siren/dlink-siren.data.wlan1.pcap";
+// final String inputPcapFile = path + "/evaluation/dlink-siren/dlink-siren.eth0.local.pcap";
// D-Link Siren DEVICE signatures
// final String onSignatureFile = path + "/2018-08/dlink-siren/onSignature-DLink-Siren-device.sig";
// final String offSignatureFile = path + "/2018-08/dlink-siren/offSignature-DLink-Siren-device.sig";
// Kwikset Doorlock Sep 12 experiment
// final String inputPcapFile = path + "/evaluation/kwikset-doorlock/kwikset-doorlock.data.wlan1.pcap";
-// // Kwikset Doorlock PHONE signatures
+// //final String inputPcapFile = path + "/evaluation/kwikset-doorlock/kwikset-doorlock.data.eth0.pcap";
+//// // Kwikset Doorlock PHONE signatures
// final String onSignatureFile = path + "/2018-08/kwikset-doorlock/onSignature-Kwikset-Doorlock-phone-new.sig";
// final String offSignatureFile = path + "/2018-08/kwikset-doorlock/offSignature-Kwikset-Doorlock-phone-new.sig";
// D-Link Plug experiment
//final String inputPcapFile = path + "/evaluation/dlink/dlink-plug.data.wlan1.pcap";
- /*
+// final String inputPcapFile = path + "/evaluation/dlink/dlink-plug.data.eth0.pcap";
+
// D-Link Plug DEVICE signatures
// final String onSignatureFile = path + "/2018-07/dlink/onSignature-DLink-Plug-device.sig";
// final String offSignatureFile = path + "/2018-07/dlink/offSignature-DLink-Plug-device.sig";
// D-Link Plug PHONE signatures
// final String onSignatureFile = path + "/2018-07/dlink/onSignature-DLink-Plug-phone.sig";
// final String offSignatureFile = path + "/2018-07/dlink/offSignature-DLink-Plug-phone.sig";
- */
- // TODO: The following are tests for signatures against training data
+ // TODO: The following are tests for signatures against training data
+ /*
// D-Link Plug experiment
final String inputPcapFile = path + "/training/dlink-plug/wlan1/dlink-plug.wlan1.local.pcap";
// D-Link Plug DEVICE signatures
// D-Link Plug PHONE signatures
//final String onSignatureFile = path + "/training/dlink-plug/signatures/dlink-plug-onSignature-phone-side.sig";
//final String offSignatureFile = path + "/training/dlink-plug/signatures/dlink-plug-offSignature-phone-side.sig";
+ */
+
+ /*
+ // TP-Link Plug experiment
+ final String inputPcapFile = path + "/training/tplink-plug/wlan1/tplink-plug.wlan1.local.pcap";
+ // TP-Link Plug DEVICE signatures
+ //final String onSignatureFile = path + "/training/tplink-plug/signatures/tplink-plug-onSignature-device-side.sig";
+ //final String offSignatureFile = path + "/training/tplink-plug/signatures/tplink-plug-offSignature-device-side.sig";
+ */
+
+ // TP-Link Plug experiment
+ final String inputPcapFile = path + "/training/arlo-camera/wlan1/arlo-camera.wlan1.local.pcap";
+ // TP-Link Plug DEVICE signatures
+ final String onSignatureFile = path + "/training/arlo-camera/signatures/arlo-camera-onSignature-phone-side.sig";
+ final String offSignatureFile = path + "/training/arlo-camera/signatures/arlo-camera-offSignature-phone-side.sig";
+
+ // SmartThings Plug experiment
+// final String inputPcapFile = path + "/training/st-plug/wlan1/st-plug.wlan1.local.pcap";
+ // TP-Link Plug DEVICE signatures
+ //final String onSignatureFile = path + "/training/st-plug/signatures/st-plug-onSignature-device-side.sig";
+ //final String offSignatureFile = path + "/training/st-plug/signatures/st-plug-offSignature-device-side.sig";
+ // TP-Link Plug PHONE signatures
+// final String onSignatureFile = path + "/training/st-plug/signatures/st-plug-onSignature-phone-side.sig";
+// final String offSignatureFile = path + "/training/st-plug/signatures/st-plug-offSignature-phone-side.sig";
/*
List<List<List<PcapPacket>>> onSignature = PrintUtils.deserializeSignatureFromFile(onSignatureFile);
List<List<List<PcapPacket>>> offSignature = PrintUtils.deserializeSignatureFromFile(offSignatureFile);
- SignatureDetector onDetector = new SignatureDetector(onSignature, null);
- SignatureDetector offDetector = new SignatureDetector(offSignature, null);
+ // LAN
+// SignatureDetector onDetector = new SignatureDetector(onSignature, null);
+// SignatureDetector offDetector = new SignatureDetector(offSignature, null);
+ // WAN
+ SignatureDetector onDetector = new SignatureDetector(onSignature, "128.195.205.105");
+ SignatureDetector offDetector = new SignatureDetector(offSignature, "128.195.205.105");
final DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofLocalizedDateTime(FormatStyle.MEDIUM).
withLocale(Locale.US).withZone(ZoneId.of("America/Los_Angeles"));
* If after a merging the number of members of a signature falls below this threshold, then we can boldly
* get rid of that signature.
*/
- private static final int SIGNATURE_MERGE_THRESHOLD = 5;
+ private static final int SIGNATURE_MERGE_THRESHOLD = 15;
/**
* Determines if a given {@link PcapPacket} wraps a {@link TcpPacket}.
if (secondList.size() < SIGNATURE_MERGE_THRESHOLD) {
// Prune the unsuccessfully merged signatures (i.e., these will have size() < maxSignatureEl).
final int maxNumOfEl = maxSignatureEl;
- firstList.removeIf(el -> el.size() < maxNumOfEl);
+ // TODO: DOUBLE CHECK IF WE REALLY NEED TO PRUNE FAILED BINDINGS
+ // TODO: SOMETIMES THE SEQUENCES ARE JUST INCOMPLETE
+ // TODO: AND BOTH THE COMPLETE AND INCOMPLETE SEQUENCES ARE VALID SIGNATURES!
+ // firstList.removeIf(el -> el.size() < maxNumOfEl);
// Remove the merged set of signatures when successful.
signatures.remove(secondList);
} else if (secondList.size() < initialSecondListMembers) {
public static void printSignatures(List<List<List<PcapPacket>>> signatures) {
// Iterate over the list of all clusters/sequences
- int sequenceCounter = 0;
+ int sequenceCounter = 1;
for(List<List<PcapPacket>> listListPcapPacket : signatures) {
// Iterate over every member of a cluster/sequence
System.out.print("====== SEQUENCE " + sequenceCounter++);
path = "/scratch/July-2018/training/"
-device = "dlink-plug/self-test"
-#fileExperiment = "dlink-plug-8hr-data-oct-8-2018.timestamps"
-#fileDetection = "dlink-plug.detection.timestamps"
-#fileExperiment = "dlink-siren-aug-14-2018.timestamps"
-#fileDetection = "dlink-siren.2018-08-14_experiment.phone_signature_detected_events.txt"
-fileExperiment = "dlink-plug-oct-17-2018.timestamps"
-fileDetection = "detection-on-training-device-side"
+# D-Link plug
+#device = "dlink-plug/self-test"
+#fileExperiment = "dlink-plug-oct-17-2018.timestamps"
+#fileDetection = "detection-on-training-device-side"
+#fileDetection = "detection-on-training-phone-side"
+# TP-Link plug
+device = "arlo-camera/self-test"
+fileExperiment = "arlo-camera-aug-10-2018.timestamps"
+fileDetection = "detection-on-training-phone-side"
+#fileDetection = "detection-on-training-phone-side"
TIME_WINDOW = 15 # detection/signature window of 15 seconds
#NEG_TIME_WINDOW = -15 # detection/signature window of 15 seconds
tsE = tsExperimentList[i]
tsD = tsDetectionList[j]
# Detection is always a bit later than training trigger
- delta = tsD - tsE
+ delta1 = tsD - tsE
+ delta2 = tsE - tsD
+ #print("tsE: " + str(tsE) + " - tsD: " + str(tsD) + " - delta1: " + str(delta1.seconds) + " - delta2: " + str(delta2.seconds))
# The following happens when we could detect less triggers than the experiment
- if (delta.seconds > TIME_WINDOW):
+ if (delta1.seconds > TIME_WINDOW and delta2.seconds > TIME_WINDOW):
print("Missing trigger at line: " + str(i) + ", t_experiment: " + str(tsE) + " and t_detection: " + str(tsD))
i = i + 1
# The following should not happen (we have more detected triggers than the experiment)