def cluster(self, messages, appDatas):
if messages is None:
raise TypeError("Messages cannot be None")
if appDatas is None:
raise TypeError("AppDatas cannot be None")
if len(messages) == 0:
raise TypeError("There should be at least one message.")
if len(appDatas) == 0:
raise TypeError("There should be at least one applicative data.")
for m in messages:
if not isinstance(m, AbstractMessage):
raise TypeError("At least one message ({0}) is not an AbstractMessage.".format(str(m)))
for appData in appDatas:
if not isinstance(appData, ApplicativeData):
raise TypeError("At least one applicative data ({0}) is not an instance of ApplicativeData.".format(str(appData)))
labels = dict()
for appData in appDatas:
labels[appData.value] = appData.name
idMessages = dict()
for message in messages:
idMessages[message.id] = message
messagesPerAppData = dict()
for message in messages:
messagesPerAppData[message] = set()
searchEngine = SearchEngine()
searchResults = searchEngine.searchDataInMessages([appData.value for appData in appDatas], messages, inParallel=True, dataLabels=labels)
for result in searchResults:
searchTask = result.searchTask
message = searchTask.properties['message']
label = searchTask.properties['label']
if label not in list(labels.values()):
raise ValueError("Found label ({0}) in a result cannot be identified in the original list of searched labels.".format(label))
if message.id not in list(idMessages.keys()):
raise ValueError("Found message ({0}) cannot be identified in the original list of searched messages.".format(message.id))
messagesPerAppData[idMessages[message.id]].add(label)
# Build clusters
clusters = dict()
for message, labelsInMessage in list(messagesPerAppData.items()):
strAppDatas = ';'.join(sorted(labelsInMessage))
if len(strAppDatas) == 0:
strAppDatas = None
if strAppDatas in list(clusters.keys()):
clusters[strAppDatas].append(message)
else:
clusters[strAppDatas] = [message]
# Build Symbols
symbols = [Symbol(name=strAppDatas, messages=msgs) for strAppDatas, msgs in list(clusters.items())]
return symbols
def cluster(self, messages, appDatas):
if messages is None:
raise TypeError("Messages cannot be None")
if appDatas is None:
raise TypeError("AppDatas cannot be None")
if len(messages) == 0:
raise TypeError("There should be at least one message.")
if len(appDatas) == 0:
raise TypeError("There should be at least one applicative data.")
for m in messages:
if not isinstance(m, AbstractMessage):
raise TypeError("At least one message ({0}) is not an AbstractMessage.".format(str(m)))
for appData in appDatas:
if not isinstance(appData, ApplicativeData):
raise TypeError("At least one applicative data ({0}) is not an instance of ApplicativeData.".format(str(appData)))
labels = dict()
for appData in appDatas:
labels[appData.value] = appData.name
idMessages = dict()
for message in messages:
idMessages[message.id] = message
messagesPerAppData = dict()
for message in messages:
messagesPerAppData[message] = set()
searchEngine = SearchEngine()
searchResults = searchEngine.searchDataInMessages([appData.value for appData in appDatas], messages, inParallel=True, dataLabels=labels)
for result in searchResults:
searchTask = result.searchTask
message = searchTask.properties['message']
label = searchTask.properties['label']
if label not in labels.values():
raise ValueError("Found label ({0}) in a result cannot be identified in the original list of searched labels.".format(label))
if message.id not in idMessages.keys():
raise ValueError("Found message ({0}) cannot be identified in the original list of searched messages.".format(message.id))
messagesPerAppData[idMessages[message.id]].add(label)
# Build clusters
clusters = dict()
for message, labelsInMessage in messagesPerAppData.iteritems():
strAppDatas = ';'.join(sorted(labelsInMessage))
if len(strAppDatas) == 0:
strAppDatas = None
if strAppDatas in clusters.keys():
clusters[strAppDatas].append(message)
else:
clusters[strAppDatas] = [message]
# Build Symbols
symbols = [Symbol(name=strAppDatas, messages=msgs) for strAppDatas, msgs in clusters.iteritems()]
return symbols
def __searchApplicativeDataInMessage(self, message):
"""This internal method search any applicative data that could be identified
in the specified message and returns results in a dict that shows the position
of the applicative data identified.
:parameter message: the message in which we search any applicative data
:type message: :class:`netzob.Common.Models.Vocabulary.Messages.AbstractMessage.AbstractMessage`
:return: a dict that describes the position of identified applicative data
:rtype: :class:`dict`
"""
if message is None:
raise TypeError("Message cannot be None")
self._logger.debug("Search app data in {0}".format(message.data))
results = OrderedDict()
appValues = OrderedDict()
if message.session is not None:
for applicativeD in message.session.applicativeData:
appValues[applicativeD.value] = applicativeD.name
else:
self._logger.debug("Message is not attached to a session, so no applicative data will be considered while computing the alignment.")
if len(appValues) > 0:
searchResults = SearchEngine.searchInMessage(appValues.keys(), message, addTags=False)
for searchResult in searchResults:
for (startResultRange, endResultRange) in searchResult.ranges:
appDataName = appValues[searchResult.searchTask.properties["data"]]
for pos in range(startResultRange/4, endResultRange/4):
results[pos] = appDataName
return results
def __searchApplicativeDataInMessage(self, message):
"""This internal method search any applicative data that could be identified
in the specified message and returns results in a dict that shows the position
of the applicative data identified.
:parameter message: the message in which we search any applicative data
:type message: :class:`netzob.Common.Models.Vocabulary.Messages.AbstractMessage.AbstractMessage`
:return: a dict that describes the position of identified applicative data
:rtype: :class:`dict`
"""
if message is None:
raise TypeError("Message cannot be None")
self._logger.debug("Search app data in {0}".format(message.data))
results = OrderedDict()
appValues = OrderedDict()
if message.session is not None:
for applicativeD in message.session.applicativeData:
appValues[applicativeD.value] = applicativeD.name
else:
self._logger.debug("Message is not attached to a session, so no applicative data will be considered while computing the alignment.")
if len(appValues) > 0:
searchResults = SearchEngine.searchInMessage(appValues.keys(), message, addTags=False)
for searchResult in searchResults:
for (startResultRange, endResultRange) in searchResult.ranges:
appDataName = appValues[searchResult.searchTask.properties["data"]]
for pos in range(startResultRange/4, endResultRange/4):
results[pos] = appDataName
return results
