Attempting to add router's MAC address as a reference for packet direction in layer...

diff --git a/Code/Projects/PacketLevelSignatureExtractor/execute_layer2_unb_all_detection.sh b/Code/Projects/PacketLevelSignatureExtractor/execute_layer2_unb_all_detection.sh
index 9186dd3847823b9287bedf13d21b5345b8fcc4cb..5fd18d0fa0eccffe28a34d1e2da5141d5c3ed0d0 100755 (executable)
--- a/Code/Projects/PacketLevelSignatureExtractor/execute_layer2_unb_all_detection.sh
+++ b/Code/Projects/PacketLevelSignatureExtractor/execute_layer2_unb_all_detection.sh
@@ -52,7 +52,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # PHONE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/blossom-sprinkler/analyses/blossom-sprinkler-onClusters-phone-side.cls"
 
 # PHONE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/blossom-sprinkler/analyses/blossom-sprinkler-onClusters-phone-side.cls"


@@ -89,7 +89,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # PHONE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/dlink-plug/analyses/dlink-plug-onClusters-phone-side.cls"
 
 # PHONE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/dlink-plug/analyses/dlink-plug-onClusters-phone-side.cls"


@@ -106,7 +106,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 
 # ======================================================================================================================
 
 


@@ -126,7 +126,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 
 # ======================================================================================================================
 
 


@@ -193,7 +193,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 
 # ======================================================================================================================
 
 


@@ -257,7 +257,7 @@ ON_SKIPPED_PACKETS="-1"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 OFF_SKIPPED_PACKETS="-1"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # DEVICE SIDE OUTBOUND (contains only those packets that go through the WAN port, i.e., only the 556, 1293 sequence)
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/tplink-plug/analyses/tplink-plug-onClusters-device-side.cls"
 
 # DEVICE SIDE OUTBOUND (contains only those packets that go through the WAN port, i.e., only the 556, 1293 sequence)
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/tplink-plug/analyses/tplink-plug-onClusters-device-side.cls"


@@ -377,7 +377,7 @@ SIGNATURE_DURATION="1977"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 # ==================================================== AMAZON PLUG =====================================================
 # ======================================================================================================================
 
 # ==================================================== AMAZON PLUG =====================================================


@@ -407,7 +407,7 @@ SIGNATURE_DURATION="10045"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 
 # DEVICE SIDE
 
 
 # DEVICE SIDE


@@ -435,7 +435,7 @@ SIGNATURE_DURATION="7888"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # DEVICE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/sengled-bulb-intensity/analyses/sengled-bulb-intensity-onClusters-device-side.cls"
 
 # DEVICE SIDE
 ON_ANALYSIS="$SIGNATURES_BASE_DIR/sengled-bulb-intensity/analyses/sengled-bulb-intensity-onClusters-device-side.cls"


@@ -462,7 +462,7 @@ SIGNATURE_DURATION="733"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # ======================================================================================================================
 
 
 # ======================================================================================================================
 


@@ -478,7 +478,7 @@ SIGNATURE_DURATION="1953"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 
 # ======================================================================================================================
 
 
 # ======================================================================================================================
 


@@ -494,7 +494,7 @@ SIGNATURE_DURATION="2695"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 # =============================================== RACHIO SPRINKLER STANDBY =============================================
 # ======================================================================================================================
 
 # =============================================== RACHIO SPRINKLER STANDBY =============================================


@@ -509,7 +509,7 @@ SIGNATURE_DURATION="2791"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
 
 # ================================================= ROOMBA VACUUM ROBOT ================================================
 # ======================================================================================================================
 
 # ================================================= ROOMBA VACUUM ROBOT ================================================


@@ -537,5 +537,5 @@ SIGNATURE_DURATION="665"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"
 EPSILON="10.0"
 
 PROGRAM_ARGS="'$PCAP_FILE' '$ON_ANALYSIS' '$OFF_ANALYSIS' '$ON_SIGNATURE' '$OFF_SIGNATURE' '$RESULTS_FILE' '$SIGNATURE_DURATION' '$EPSILON' '$ON_SKIPPED_PACKETS' '$OFF_SKIPPED_PACKETS'"

-./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"
+#./gradlew run -DmainClass=edu.uci.iotproject.detection.layer2.Layer2SignatureDetector --args="$PROGRAM_ARGS"

 # ======================================================================================================================
\ No newline at end of file
 # ======================================================================================================================
\ No newline at end of file

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2AbstractMatcher.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2AbstractMatcher.java
index 1621c820525d8871d2b6dc770c3a2df1baddba50..36f1d9df87f46ea733d1f68e3e190af9cbf52b50 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2AbstractMatcher.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2AbstractMatcher.java
@@ -2,8 +2,13 @@ package edu.uci.iotproject.detection.layer2;
 
 import edu.uci.iotproject.util.PcapPacketUtils;
 import org.pcap4j.core.PcapPacket;
 
 import edu.uci.iotproject.util.PcapPacketUtils;
 import org.pcap4j.core.PcapPacket;

+import org.pcap4j.util.MacAddress;

 
 

+import javax.crypto.Mac;
+import java.net.InetAddress;
+import java.net.UnknownHostException;

 import java.util.ArrayList;
 import java.util.ArrayList;

+import java.util.Arrays;

 import java.util.List;
 
 /**
 import java.util.List;
 
 /**


@@ -27,12 +32,26 @@ abstract public class Layer2AbstractMatcher {
      */
     protected final boolean[] mPacketDirections;
 
      */
     protected final boolean[] mPacketDirections;
 

+    /**
+     * Router's WLAN MAC.
+     */
+    protected MacAddress mTrainingRouterWlanMac;
+    protected MacAddress mRouterWlanMac;
+

     /**
      * Create a {@code Layer2AbstractMatcher}.
      * @param sequence The sequence of the signature.
     /**
      * Create a {@code Layer2AbstractMatcher}.
      * @param sequence The sequence of the signature.

+     * @param routerWlanMac The router's WLAN MAC (used for determining the direction of packets).

      */
      */

-    public Layer2AbstractMatcher(List<PcapPacket> sequence) {
+    public Layer2AbstractMatcher(List<PcapPacket> sequence, String trainingRouterWlanMac, String routerWlanMac) {

         mPacketDirections = new boolean[sequence.size()];
         mPacketDirections = new boolean[sequence.size()];

+        if (mTrainingRouterWlanMac != null && mRouterWlanMac != null) {
+            mTrainingRouterWlanMac = MacAddress.getByName(trainingRouterWlanMac);
+            mRouterWlanMac = MacAddress.getByName(routerWlanMac);
+        } else {
+            mTrainingRouterWlanMac = null;
+            mRouterWlanMac = null;
+        }

         // Compute packet directions for sequence.
         for (int i = 0; i < sequence.size(); i++) {
             if (i == 0) {
         // Compute packet directions for sequence.
         for (int i = 0; i < sequence.size(); i++) {
             if (i == 0) {


@@ -56,16 +75,31 @@ abstract public class Layer2AbstractMatcher {
      * @return The direction of {@code currPkt}.
      */
     protected boolean getPacketDirection(PcapPacket prevPkt, boolean prevPktDirection, PcapPacket currPkt) {
      * @return The direction of {@code currPkt}.
      */
     protected boolean getPacketDirection(PcapPacket prevPkt, boolean prevPktDirection, PcapPacket currPkt) {

-        if (prevPkt == null) {
-            // By definition, use true as direction marker for first packet
-            return true;
-        }
-        if (PcapPacketUtils.getEthSrcAddr(prevPkt).equals(PcapPacketUtils.getEthSrcAddr(currPkt))) {
-            // Current packet goes in same direction as previous packet.
-            return prevPktDirection;
+
+        // No Router's WLAN MAC is given; no reference for direction
+        if (mTrainingRouterWlanMac == null && mRouterWlanMac == null) {
+            if (prevPkt == null) {
+                // By definition, use true as direction marker for first packet
+                return true;
+            }
+
+            if (PcapPacketUtils.getEthSrcAddr(prevPkt).equals(PcapPacketUtils.getEthSrcAddr(currPkt))) {
+                // Current packet goes in same direction as previous packet.
+                return prevPktDirection;
+            } else {
+                // Current packet goes in opposite direction of previous packet.
+                return !prevPktDirection;
+            }

         } else {
         } else {

-            // Current packet goes in opposite direction of previous packet.
-            return !prevPktDirection;
+            // If we determine direction based on Router's WLAN MAC (only for traffic with
+            // 1) We assign true for the packet if the source is router (meaning S->C direction).
+            // 2) We assign false for the packet if the source is device (meaning C->S direction).
+            if (PcapPacketUtils.getEthSrcAddr(currPkt).equals(mTrainingRouterWlanMac) ||
+                PcapPacketUtils.getEthSrcAddr(currPkt).equals(mRouterWlanMac)) {
+                return true;
+            } else {
+                return false;
+            }

         }
     }
 
         }
     }
 

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2ClusterMatcher.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2ClusterMatcher.java
index 03733f44a6916e2b793c2558e7722e6d409b5658..0bfc6b2990d0b06852373b6e2ef6b3e1dcffe058 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2ClusterMatcher.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2ClusterMatcher.java
@@ -52,19 +52,28 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
 
     private int mLimitSkippedPackets;
 
 
     private int mLimitSkippedPackets;
 

+    /**
+     * Router's WLAN MAC.
+     */
+    private String mTrainingRouterWlanMac;
+    private String mRouterWlanMac;
+

     /**
      * Create a new {@link Layer2ClusterMatcher} that attempts to find occurrences of {@code cluster}'s members.
      * @param cluster The sequence mutations that the new {@link Layer2ClusterMatcher} should search for.
      */
     /**
      * Create a new {@link Layer2ClusterMatcher} that attempts to find occurrences of {@code cluster}'s members.
      * @param cluster The sequence mutations that the new {@link Layer2ClusterMatcher} should search for.
      */

-    public Layer2ClusterMatcher(List<List<PcapPacket>> cluster, int inclusionTimeMillis,
+    public Layer2ClusterMatcher(List<List<PcapPacket>> cluster, String trainingRouterWlanMac, String routerWlanMac, int inclusionTimeMillis,

                                 boolean isRangeBased, double eps, int limitSkippedPackets) {
         // Consider all flows if no flow filter specified.
                                 boolean isRangeBased, double eps, int limitSkippedPackets) {
         // Consider all flows if no flow filter specified.

-        this(cluster, flow -> true, inclusionTimeMillis, isRangeBased, eps, limitSkippedPackets);
+        this(cluster, trainingRouterWlanMac, routerWlanMac, flow -> true, inclusionTimeMillis, isRangeBased, eps,
+                limitSkippedPackets);

     }
 
     /**
      * Create a new {@link Layer2ClusterMatcher} that attempts to find occurrences of {@code cluster}'s members.
      * @param cluster The sequence mutations that the new {@link Layer2ClusterMatcher} should search for.
     }
 
     /**
      * Create a new {@link Layer2ClusterMatcher} that attempts to find occurrences of {@code cluster}'s members.
      * @param cluster The sequence mutations that the new {@link Layer2ClusterMatcher} should search for.

+     * @param trainingRouterWlanMac The training router's WLAN MAC (used for determining the direction of packets).
+     * @param routerWlanMac The target trace router's WLAN MAC (used for determining the direction of packets).

      * @param flowFilter A filter that defines what {@link Layer2Flow}s the new {@link Layer2ClusterMatcher} should
      *                   search for {@code cluster}'s members in. If {@code flowFilter} returns {@code true}, the flow
      *                   will be included (searched). Note that {@code flowFilter} is only queried once for each flow,
      * @param flowFilter A filter that defines what {@link Layer2Flow}s the new {@link Layer2ClusterMatcher} should
      *                   search for {@code cluster}'s members in. If {@code flowFilter} returns {@code true}, the flow
      *                   will be included (searched). Note that {@code flowFilter} is only queried once for each flow,


@@ -75,10 +84,13 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
      * @param isRangeBased The boolean that decides if it is range-based vs. strict matching.
      * @param eps The epsilon value used in the DBSCAN algorithm.
      */
      * @param isRangeBased The boolean that decides if it is range-based vs. strict matching.
      * @param eps The epsilon value used in the DBSCAN algorithm.
      */

-    public Layer2ClusterMatcher(List<List<PcapPacket>> cluster, Function<Layer2Flow, Boolean> flowFilter,
-                                int inclusionTimeMillis, boolean isRangeBased, double eps, int limitSkippedPackets) {
+    public Layer2ClusterMatcher(List<List<PcapPacket>> cluster, String trainingRouterWlanMac, String routerWlanMac,
+                                Function<Layer2Flow, Boolean> flowFilter, int inclusionTimeMillis, boolean isRangeBased,
+                                double eps, int limitSkippedPackets) {

         super(cluster, isRangeBased);
         mFlowFilter = flowFilter;
         super(cluster, isRangeBased);
         mFlowFilter = flowFilter;

+        mTrainingRouterWlanMac = trainingRouterWlanMac;
+        mRouterWlanMac = routerWlanMac;

         mRangeBased = isRangeBased;
         mEps = eps;
         mInclusionTimeMillis =
         mRangeBased = isRangeBased;
         mEps = eps;
         mInclusionTimeMillis =


@@ -108,7 +120,8 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
             Layer2SequenceMatcher[][] matchers = new Layer2SequenceMatcher[mCluster.size()][mCluster.get(0).size()];
             // Prepare a "state 0" sequence matcher for each sequence variation in the cluster.
             for (int i = 0; i < matchers.length; i++) {
             Layer2SequenceMatcher[][] matchers = new Layer2SequenceMatcher[mCluster.size()][mCluster.get(0).size()];
             // Prepare a "state 0" sequence matcher for each sequence variation in the cluster.
             for (int i = 0; i < matchers.length; i++) {

-                matchers[i][0] = new Layer2SequenceMatcher(mCluster.get(i), mInclusionTimeMillis);
+                matchers[i][0] = new Layer2SequenceMatcher(mCluster.get(i), mInclusionTimeMillis, mTrainingRouterWlanMac,
+                        mRouterWlanMac);

             }
             // Associate the new sequence matcher table with the new flow
             mPerFlowSeqMatchers.put(flow, matchers);
             }
             // Associate the new sequence matcher table with the new flow
             mPerFlowSeqMatchers.put(flow, matchers);


@@ -152,7 +165,8 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
                     // We always want to have a sequence matcher in state 0, regardless of if the one that advanced
                     // from state zero completed its matching or if it replaced a different one in state 1 or not.
                     if (sm.getMatchedPacketsCount() == 1) {
                     // We always want to have a sequence matcher in state 0, regardless of if the one that advanced
                     // from state zero completed its matching or if it replaced a different one in state 1 or not.
                     if (sm.getMatchedPacketsCount() == 1) {

-                        matchers[i][j] = new Layer2SequenceMatcher(sm.getTargetSequence(), mInclusionTimeMillis);
+                        matchers[i][j] = new Layer2SequenceMatcher(sm.getTargetSequence(), mInclusionTimeMillis,
+                                mTrainingRouterWlanMac, mRouterWlanMac);

                     }
                 }
             }
                     }
                 }
             }


@@ -187,7 +201,7 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
             List<Layer2RangeMatcher> listMatchers = new ArrayList<>();
             // Prepare a "state 0" sequence matcher.
             Layer2RangeMatcher matcher = new Layer2RangeMatcher(mCluster.get(0), mCluster.get(1),
             List<Layer2RangeMatcher> listMatchers = new ArrayList<>();
             // Prepare a "state 0" sequence matcher.
             Layer2RangeMatcher matcher = new Layer2RangeMatcher(mCluster.get(0), mCluster.get(1),

-                    mInclusionTimeMillis, mEps);
+                    mInclusionTimeMillis, mEps, mTrainingRouterWlanMac, mRouterWlanMac);

             listMatchers.add(matcher);
             // Associate the new sequence matcher table with the new flow.
             mPerFlowRangeMatcher.put(flow, listMatchers);
             listMatchers.add(matcher);
             // Associate the new sequence matcher table with the new flow.
             mPerFlowRangeMatcher.put(flow, listMatchers);


@@ -205,7 +219,7 @@ public class Layer2ClusterMatcher extends AbstractClusterMatcher implements Laye
         // Add the new matcher into the list
         if (addOneArray) {
             Layer2RangeMatcher newMatcher = new Layer2RangeMatcher(mCluster.get(0), mCluster.get(1),
         // Add the new matcher into the list
         if (addOneArray) {
             Layer2RangeMatcher newMatcher = new Layer2RangeMatcher(mCluster.get(0), mCluster.get(1),

-                    mInclusionTimeMillis, mEps);
+                    mInclusionTimeMillis, mEps, mTrainingRouterWlanMac, mRouterWlanMac);

             listMatchers.add(newMatcher);
         }
         // Present packet to the sequence matchers.
             listMatchers.add(newMatcher);
         }
         // Present packet to the sequence matchers.

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2RangeMatcher.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2RangeMatcher.java
index 97fa072d313ae3490a2e9ead0f8eb948c0c640ae..298a0abdf31093f33650643a5da2a311bfe41f6d 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2RangeMatcher.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2RangeMatcher.java
@@ -31,12 +31,14 @@ public class Layer2RangeMatcher extends Layer2AbstractMatcher {
      * @param lowerBound The lower bound of the sequence to match against (search for).
      * @param upperBound The upper bound of the sequence to match against (search for).
      * @param eps The epsilon value used in the DBSCAN algorithm.
      * @param lowerBound The lower bound of the sequence to match against (search for).
      * @param upperBound The upper bound of the sequence to match against (search for).
      * @param eps The epsilon value used in the DBSCAN algorithm.

+     * @param trainingRouterWlanMac The training router's WLAN MAC (used for determining the direction of packets).
+     * @param routerWlanMac The target trace router's WLAN MAC (used for determining the direction of packets).

      */
     public Layer2RangeMatcher(List<PcapPacket> lowerBound, List<PcapPacket> upperBound,
      */
     public Layer2RangeMatcher(List<PcapPacket> lowerBound, List<PcapPacket> upperBound,

-                              int inclusionTimeMillis, double eps) {
+                              int inclusionTimeMillis, double eps, String trainingRouterWlanMac, String routerWlanMac) {

         // TODO: Just use the lower bound since both lower and upper bounds' packets essentially have the same direction
         // TODO: for the same position in the array. Both arrays also have the same length.
         // TODO: Just use the lower bound since both lower and upper bounds' packets essentially have the same direction
         // TODO: for the same position in the array. Both arrays also have the same length.

-        super(lowerBound);
+        super(lowerBound, trainingRouterWlanMac, routerWlanMac);

         mLowerBound = lowerBound;
         mUpperBound = upperBound;
         mEps = eps;
         mLowerBound = lowerBound;
         mUpperBound = upperBound;
         mEps = eps;

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SequenceMatcher.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SequenceMatcher.java
index 99aabf57386f9e9e9db7cb8422b9f3685948c24c..b5c3f663fc865bdce7c560be3b5ca575d72b9015 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SequenceMatcher.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SequenceMatcher.java
@@ -28,9 +28,12 @@ public class Layer2SequenceMatcher extends Layer2AbstractMatcher {
     /**
      * Create a {@code Layer2SequenceMatcher}.
      * @param sequence The sequence to match against (search for).
     /**
      * Create a {@code Layer2SequenceMatcher}.
      * @param sequence The sequence to match against (search for).

+     * @param trainingRouterWlanMac The training router's WLAN MAC (used for determining the direction of packets).
+     * @param routerWlanMac The target trace router's WLAN MAC (used for determining the direction of packets).

      */
      */

-    public Layer2SequenceMatcher(List<PcapPacket> sequence, int inclusionTimeMillis) {
-        super(sequence);
+    public Layer2SequenceMatcher(List<PcapPacket> sequence, int inclusionTimeMillis, String trainingRouterWlanMac,
+                                 String routerWlanMac) {
+        super(sequence, trainingRouterWlanMac, routerWlanMac);

         mSequence = sequence;
         // Compute packet directions for sequence.
         for (int i = 0; i < sequence.size(); i++) {
         mSequence = sequence;
         // Compute packet directions for sequence.
         for (int i = 0; i < sequence.size(); i++) {

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SignatureDetector.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SignatureDetector.java
index e640fffcb84816704ca6a1c4cff4e08da9fb60cd..cc3a128329a824f94f6fb105b6b79cc49059378f 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SignatureDetector.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/detection/layer2/Layer2SignatureDetector.java
@@ -39,6 +39,17 @@ public class Layer2SignatureDetector implements PacketListener, ClusterMatcherOb
      */
     private static boolean DUPLICATE_OUTPUT_TO_STD_OUT = true;
 
      */
     private static boolean DUPLICATE_OUTPUT_TO_STD_OUT = true;
 

+    /**
+     * Router's MAC.
+     * This is only useful for the filter for direction when it is a WAN signature (Phone-Cloud or Device-Cloud).
+     * Phone-Device signatures do not have router MAC address in it.
+     */
+    // TODO: MAKE THESE INPUT PARAMETERS
+    private static String TRAINING_ROUTER_WLAN_MAC = "b0:b9:8a:73:69:8e";
+    private static String ROUTER_WLAN_MAC = "00:c1:b1:14:eb:31";
+    //private static String TRAINING_ROUTER_WLAN_MAC = null;
+    //private static String ROUTER_WLAN_MAC = null;
+

     private static List<Function<Layer2Flow, Boolean>> parseSignatureMacFilters(String filtersString) {
         List<Function<Layer2Flow, Boolean>> filters = new ArrayList<>();
         String[] filterRegexes = filtersString.split(";");
     private static List<Function<Layer2Flow, Boolean>> parseSignatureMacFilters(String filtersString) {
         List<Function<Layer2Flow, Boolean>> filters = new ArrayList<>();
         String[] filterRegexes = filtersString.split(";");


@@ -151,13 +162,15 @@ public class Layer2SignatureDetector implements PacketListener, ClusterMatcherOb
             offSignature = PcapPacketUtils.useRangeBasedMatching(offSignature, offClusterAnalysis);
         }
         Layer2SignatureDetector onDetector = onSignatureMacFilters == null ?
             offSignature = PcapPacketUtils.useRangeBasedMatching(offSignature, offClusterAnalysis);
         }
         Layer2SignatureDetector onDetector = onSignatureMacFilters == null ?

-                new Layer2SignatureDetector(onSignature, signatureDuration, isRangeBasedForOn, eps, onMaxSkippedPackets) :
-                new Layer2SignatureDetector(onSignature, onSignatureMacFilters, signatureDuration,
-                        isRangeBasedForOn, eps, onMaxSkippedPackets);
+                new Layer2SignatureDetector(onSignature, TRAINING_ROUTER_WLAN_MAC, ROUTER_WLAN_MAC, signatureDuration,
+                        isRangeBasedForOn, eps, onMaxSkippedPackets) :
+                new Layer2SignatureDetector(onSignature, TRAINING_ROUTER_WLAN_MAC, ROUTER_WLAN_MAC,
+                        onSignatureMacFilters, signatureDuration, isRangeBasedForOn, eps, onMaxSkippedPackets);

         Layer2SignatureDetector offDetector = offSignatureMacFilters == null ?
         Layer2SignatureDetector offDetector = offSignatureMacFilters == null ?

-                new Layer2SignatureDetector(offSignature, signatureDuration, isRangeBasedForOff, eps, offMaxSkippedPackets) :
-                new Layer2SignatureDetector(offSignature, offSignatureMacFilters, signatureDuration,
-                        isRangeBasedForOff, eps, offMaxSkippedPackets);
+                new Layer2SignatureDetector(offSignature, TRAINING_ROUTER_WLAN_MAC, ROUTER_WLAN_MAC, signatureDuration,
+                        isRangeBasedForOff, eps, offMaxSkippedPackets) :
+                new Layer2SignatureDetector(offSignature, TRAINING_ROUTER_WLAN_MAC, ROUTER_WLAN_MAC, offSignatureMacFilters,
+                        signatureDuration, isRangeBasedForOff, eps, offMaxSkippedPackets);

         final List<UserAction> detectedEvents = new ArrayList<>();
         onDetector.addObserver((signature, match) -> {
             UserAction event = new UserAction(UserAction.Type.TOGGLE_ON, match.get(0).get(0).getTimestamp());
         final List<UserAction> detectedEvents = new ArrayList<>();
         onDetector.addObserver((signature, match) -> {
             UserAction event = new UserAction(UserAction.Type.TOGGLE_ON, match.get(0).get(0).getTimestamp());


@@ -244,13 +257,18 @@ public class Layer2SignatureDetector implements PacketListener, ClusterMatcherOb
     private int mMaxSkippedPackets;
     private List<Integer> mSkippedPackets;
 
     private int mMaxSkippedPackets;
     private List<Integer> mSkippedPackets;
 

-    public Layer2SignatureDetector(List<List<List<PcapPacket>>> searchedSignature, int signatureDuration,
-                                   boolean isRangeBased, double eps, int limitSkippedPackets) {
-        this(searchedSignature, null, signatureDuration, isRangeBased, eps, limitSkippedPackets);
+
+
+    public Layer2SignatureDetector(List<List<List<PcapPacket>>> searchedSignature, String trainingRouterWlanMac,
+                                   String routerWlanMac, int signatureDuration, boolean isRangeBased, double eps,
+                                   int limitSkippedPackets) {
+        this(searchedSignature, trainingRouterWlanMac, routerWlanMac, null, signatureDuration, isRangeBased,
+                eps, limitSkippedPackets);

     }
 
     }
 

-    public Layer2SignatureDetector(List<List<List<PcapPacket>>> searchedSignature, List<Function<Layer2Flow,
-            Boolean>> flowFilters, int inclusionTimeMillis, boolean isRangeBased, double eps, int limitSkippedPackets) {
+    public Layer2SignatureDetector(List<List<List<PcapPacket>>> searchedSignature, String trainingRouterWlanMac,
+                                   String routerWlanMac, List<Function<Layer2Flow, Boolean>> flowFilters,
+                                   int inclusionTimeMillis, boolean isRangeBased, double eps, int limitSkippedPackets) {

         if (flowFilters != null && flowFilters.size() != searchedSignature.size()) {
             throw new IllegalArgumentException("If flow filters are used, there must be a flow filter for each cluster " +
                     "of the signature.");
         if (flowFilters != null && flowFilters.size() != searchedSignature.size()) {
             throw new IllegalArgumentException("If flow filters are used, there must be a flow filter for each cluster " +
                     "of the signature.");


@@ -260,9 +278,10 @@ public class Layer2SignatureDetector implements PacketListener, ClusterMatcherOb
         for (int i = 0; i < mSignature.size(); i++) {
             List<List<PcapPacket>> cluster = mSignature.get(i);
             Layer2ClusterMatcher clusterMatcher = flowFilters == null ?
         for (int i = 0; i < mSignature.size(); i++) {
             List<List<PcapPacket>> cluster = mSignature.get(i);
             Layer2ClusterMatcher clusterMatcher = flowFilters == null ?

-                    new Layer2ClusterMatcher(cluster, inclusionTimeMillis, isRangeBased, eps, limitSkippedPackets) :
-                    new Layer2ClusterMatcher(cluster, flowFilters.get(i), inclusionTimeMillis, isRangeBased,
-                            eps, limitSkippedPackets);
+                    new Layer2ClusterMatcher(cluster, trainingRouterWlanMac, routerWlanMac, inclusionTimeMillis,
+                            isRangeBased, eps, limitSkippedPackets) :
+                    new Layer2ClusterMatcher(cluster, trainingRouterWlanMac, routerWlanMac, flowFilters.get(i),
+                            inclusionTimeMillis, isRangeBased, eps, limitSkippedPackets);

             clusterMatcher.addObserver(this);
             clusterMatchers.add(clusterMatcher);
         }
             clusterMatcher.addObserver(this);
             clusterMatchers.add(clusterMatcher);
         }

diff --git a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/util/PcapPacketUtils.java b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/util/PcapPacketUtils.java
index edfbb9cbe98ccb53692b5a1dab1e8ef83dcd0416..68e7defe8d0924e984191a090d0d0a942ca43ea0 100644 (file)
--- a/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/util/PcapPacketUtils.java
+++ b/Code/Projects/PacketLevelSignatureExtractor/src/main/java/edu/uci/iotproject/util/PcapPacketUtils.java
@@ -13,6 +13,7 @@ import org.pcap4j.packet.TcpPacket;
 import org.pcap4j.util.MacAddress;
 
 import java.io.PrintWriter;
 import org.pcap4j.util.MacAddress;
 
 import java.io.PrintWriter;

+import java.math.BigInteger;

 import java.util.*;
 
 /**
 import java.util.*;
 
 /**


@@ -847,4 +848,17 @@ public final class PcapPacketUtils {
         // Sequence index starts from 0
         signatures.remove(sequenceIndex);
     }
         // Sequence index starts from 0
         signatures.remove(sequenceIndex);
     }

+
+    /**
+     * Convert a String MAC address into a byte array.
+     *
+     * @param macAddress A String that contains a MAC address to be converted into byte array.
+     */
+    public static byte[] stringToByteMacAddress(String macAddress) {
+
+        BigInteger biMacAddress = new BigInteger(macAddress, 16);
+        byte[] byteMacAddress = biMacAddress.toByteArray();
+        // Return from 1 to 6 since element 0 is 0 because of using BigInteger's method.
+        return Arrays.copyOfRange(byteMacAddress, 1, 7);
+    }

 }
 }