def __init__(self, ruleSet, proto, style, numChecksP, numChecksIP, \ numAnyP, numAnyIP, distanceRange, slashSize, ipsPerSlash, \ numPortsPortscan, numIPsPortscan): RuleGenerator.__init__(self, ruleSet, proto, style, numChecksP, numChecksIP, \ numAnyP, numAnyIP, distanceRange, \ slashSize, ipsPerSlash) self.MAX_NUM_PORTS_PORTSCAN = numPortsPortscan self.MAX_NUM_IPS_PORTSCAN = numIPsPortscan self.MAX_DIST_RANGE_SCAN = 65535 self.portscanSet = RuleSet()
def __init__(self, data_csv_path, mini_support, mini_confidence): self.data = list(csv.reader(open(data_csv_path))) # self.number_of_transactions = len(self.data) self.mini_support = int(mini_support*self.number_of_transactions) self.mini_confidence = mini_confidence # self.meta_data_dict = meta_data_dict_of(self.data, self.number_of_transactions) self.most_feq_set = MostFreq(self.meta_data_dict, self.mini_support, True).most_freq_set self.rules = RuleGenerator(self.meta_data_dict, self.number_of_transactions, self.most_feq_set, mini_support, self.mini_confidence).rules
def generateRules(opts, tcpRules, udpRules, icmpRules): print "Generating TCP-Ruleset" tcpRuleG = RuleGenerator(tcpRules, "tcp", opts.style, opts.numChecksP, opts.numChecksIP, \ opts.numAnyP, opts.numAnyIP, \ opts.distanceRange, opts.slashSize, opts.ipsPerSlash) if opts.verbose: print "Original ruleset:" tcpRuleG.printRules() tcpRuleG.generateRules() print "Generating UDP-Ruleset" udpRuleG = RuleGenerator(udpRules, "udp", opts.style, opts.numChecksP, opts.numChecksIP, \ opts.numAnyP, opts.numAnyIP, opts.distanceRange, \ opts.slashSize, opts.ipsPerSlash) if opts.verbose: print "Original ruleset:" udpRuleG.printRules() udpRuleG.generateRules() print "Generating ICMP-Ruleset" icmpRuleG = RuleGenerator(icmpRules, "icmp", opts.style, opts.numChecksP, opts.numChecksIP, \ opts.numAnyP, opts.numAnyIP, opts.distanceRange, \ opts.slashSize, opts.ipsPerSlash) if opts.verbose: print "Original ruleset:" icmpRuleG.printRules() icmpRuleG.generateRules() tcpRuleG.printRules(opts.elements) print udpRuleG.printRules(opts.elements) print icmpRuleG.printRules(opts.elements) print return tcpRuleG, udpRuleG, icmpRuleG