def getHourlySrcPortIPCount(filename):
srcPortCounter = Counter()
file = fileReader(filename)
for line in file:
srcPortIP = line.split("\t")[FieldToLoc["srcPort"]]
srcPortCounter[srcPortIP] += 1
return srcPortCounter
def getHourlyCount(filename):
file = fileReader(filename)
typeCounter = Counter()
for line in file:
type = line.split("\t")[FieldToLoc["type"]]
typeCounter[type] += 1
return typeCounter
def getHourlyDstIPCount(filename):
dstCounter = Counter()
file = fileReader(filename)
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
dstCounter[dstIP] += 1
return dstCounter
def getStatistics(filename):
startX = 0
startY = 0
size = 50
file = fileReader(filename)
IPDict = [[] for _ in range(size)]
for i in range(size):
IPDict[i] = [0] * size
for line in file:
print(line)
if "." not in line:
continue
[IPForth, IPThird] = line.strip().split(".")
if startX <= int(IPThird) < startX + size and startY <= int(
IPForth) < startY + size:
IPDict[int(IPThird) - startX][int(IPForth) - startY] += 1
print(IPDict[int(size / 2)])
for i in range(len(IPDict)):
for j in range(len(IPDict[i])):
if IPDict[i][j] == 0:
continue
IPDict[i][j] = math.log10(IPDict[i][j])
xticks = [str(i) for i in range(startX, startX + size)]
yticks = [str(i) for i in range(startY, startY + size)]
doDrawHeatMap(IPDict, xticks, yticks)
def getHourlyNameIPCount(filename):
nameCounter = Counter()
file = fileReader(filename)
for line in file:
nameIP = line.split("\t")[FieldToLoc["query"]]
nameCounter[nameIP] += 1
return nameCounter
def getSpecifiedCount(self, fieldName):
file = fileReader(self.filename)
certainCounter = Counter()
for line in file:
specifiedFieldVal = line.split("\t")[FieldToLoc[fieldName]]
certainCounter[specifiedFieldVal] += 1
return certainCounter
def doDistinceIPCount(filename, fieldName):
IP_set = set()
file = fileReader(filename)
for line in file:
IP = line.split("\t")[FieldToLoc[fieldName]]
IP_set.add(IP)
return len(IP_set)
def doDistinceNameCount(filename, fieldName):
Name_set = set()
file = fileReader(filename)
for line in file:
name = line.split("\t")[FieldToLoc[fieldName]]
Name_set.add(name)
return len(Name_set)
def getIPCountDict(filename):
file = fileReader(filename)
ipCountDict = {}
for line in file:
ip = line.split("\t")[0]
count = int(line.split("\t")[1])
ipCountDict[ip] = count
return ipCountDict
def getSubnetData(filename):
yDataDict = Counter()
file = fileReader(filename)
for line in file:
subnetID = int(line.split("\t")[0])
subnetCount = int(line.split("\t")[1])
yDataDict[subnetID] = subnetCount
return yDataDict
def getHourlyAnalysis(filename):
file = fileReader(filename)
hourlyCounter = Counter()
for line in file:
response = line.split("\t")[FieldToLoc["answers"]]
query = line.split("\t")[FieldToLoc["query"]]
hourlyCounter[responseClassify(query, response)] += 1
return hourlyCounter
def getHourlyValidResponse(filename):
file = fileReader(filename)
responseList = []
for line in file:
response = line.split("\t")[FieldToLoc["answers"]]
if response != "-":
responseList.append(response)
return responseList
def getHourlyResponseLess(filename):
file = fileReader(filename)
responseLineList = []
for line in file:
response = line.split("\t")[FieldToLoc["answers"]]
if response == "-":
responseLineList.append(line + "\n")
return responseLineList
def dumpParticalIP(filename, outputFilename):
outputStr = ""
file = fileReader(filename)
for line in file:
srcIP = line.split("\t")[FieldToLoc["dstIP"]]
particalSrcP = ".".join(srcIP.split(".")[2:4])
outputStr = outputStr + particalSrcP + "\n"
outputFile = fileWriter(outputFilename)
outputFile.writeString(outputStr)
def getSrcIPList(filename):
file = fileReader(filename)
ipList = []
for line in file:
queryCount = int(line.split("\t")[1])
if queryCount > 0:
ipList.append(line.split("\t")[0])
return ipList
def getHourlyCount(filename):
file = fileReader(filename)
traceSet = set()
for line in file:
lineList = line.strip().split("\t")
info = lineList[FieldToLoc["uid"]] + lineList[FieldToLoc["srcIP"]] + lineList[FieldToLoc["srcPort"]] + \
lineList[FieldToLoc["dstIP"]] + lineList[FieldToLoc["transID"]] + lineList[FieldToLoc["query"]]
traceSet.add(info)
return len(traceSet)
def doHourlyCPSCRelatedGen(inputFilename):
inputFile = fileReader(inputFilename)
dstIPs = ["192.33.14.30", "192.175.48.6"]
ret_list = []
for line in inputFile:
queriedName = line.split("\t")[FieldToLoc["dstIP"]]
if queriedName in dstIPs:
ret_list.append(line)
return ret_list
def doHourlyCPSCRelatedGen(inputFilename):
inputFile = fileReader(inputFilename)
checkedNames = ["ns1.cpsc.ucalgary.ca", "ns2.cpsc.ucalgary.ca", "mirror.cpsc.ucalgary.ca"]
ret_list = []
for line in inputFile:
queriedName = line.split("\t")[FieldToLoc["query"]]
if queriedName in checkedNames:
ret_list.append(line)
return ret_list
def getCount(filename):
IPCounter = Counter()
file = fileReader(filename)
for line in file:
print(line)
if "." not in line:
continue
line = line.strip()
IPCounter[line] += 1
print(IPCounter)
def doOccurredCount(filename, fieldCkecked):
subnetPools = Counter()
file = fileReader(filename)
for line in file:
IP = line.split("\t")[fieldCkecked]
ThirdSubmet = int(IP.split(".")[2])
subnetPools[ThirdSubmet] += 1
return subnetPools
def doHourlyIPCount(filename):
srcField = "srcIP"
dstField = "dstIP"
srcIPCounter = Counter()
dstIPCounter = Counter()
File = fileReader(filename)
for line in File:
srcIPCounter[line.split("\t")[FieldToLoc[srcField]]] += 1
dstIPCounter[line.split("\t")[FieldToLoc[dstField]]] += 1
return srcIPCounter, dstIPCounter
def getHourlyNBSTATRow(filename, NBSTATFoldername):
file = fileReader(filename)
NBSTATFilename = NBSTATFoldername + "/" + filename.split("/")[-1]
dump_str = ""
for line in file:
type = line.split("\t")[FieldToLoc["type"]]
if type == "NBSTAT":
dump_str += (line + "\n")
campusFile = fileWriter(NBSTATFilename)
campusFile.writeString(dump_str)
def getHourlyAkamaiRow(filename, AkamaiFoldername):
file = fileReader(filename)
AkamaiFilename = AkamaiFoldername + "/" + filename.split("/")[-1]
AkamaiDNSList = ["136.159.222.244"]
dump_str = ""
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
if dstIP in AkamaiDNSList:
dump_str += (line + "\n")
AkamaiFile = fileWriter(AkamaiFilename)
AkamaiFile.writeString(dump_str)
def getCache(filename):
if not isFileExist(filename):
return None
file = fileReader(filename)
ipOrgDict = {}
for line in file:
if len(line.split("\t")) > 1:
[ip, org] = line.split("\t")
ipOrgDict[ip] = org
print(ipOrgDict)
return ipOrgDict
def getHourlyPhysRow(filename, PhysFoldername):
file = fileReader(filename)
PhysFilename = PhysFoldername + "/" + filename.split("/")[-1]
PhysDNSList = ["136.159.51.4", "136.159.51.5", "136.159.52.10"]
dump_str = ""
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
if dstIP in PhysDNSList:
dump_str += (line + "\n")
PhysFile = fileWriter(PhysFilename)
PhysFile.writeString(dump_str)
def getHourlyCampusOneRow(filename, campusOneFoldername):
file = fileReader(filename)
campusOneFilename = campusOneFoldername + "/" + filename.split("/")[-1]
campusOneDNSList = ["136.159.1.21"]
dump_str = ""
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
if dstIP in campusOneDNSList:
dump_str += (line + "\n")
campusFile = fileWriter(campusOneFilename)
campusFile.writeString(dump_str)
def getHourlyAuroralRow(filename, AuroralFoldername):
file = fileReader(filename)
AuroralFilename = AuroralFoldername + "/" + filename.split("/")[-1]
AuroralDNSList = ["136.159.142.4", "136.159.142.5"]
dump_str = ""
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
if dstIP in AuroralDNSList:
dump_str += (line + "\n")
AuroralFile = fileWriter(AuroralFilename)
AuroralFile.writeString(dump_str)
def getHourlyUnknownRow(filename, UnknownFoldername):
file = fileReader(filename)
UnknownFilename = UnknownFoldername + "/" + filename.split("/")[-1]
UnknownDNSList = ["136.159.205.37", "136.159.205.38", "136.159.205.39"]
dump_str = ""
for line in file:
dstIP = line.split("\t")[FieldToLoc["dstIP"]]
if dstIP in UnknownDNSList:
dump_str += (line + "\n")
UnknownFile = fileWriter(UnknownFilename)
UnknownFile.writeString(dump_str)
def doHourlyTTLCount(filename):
ttlCounter = Counter()
file = fileReader(filename)
for line in file:
ttlVector = line.split("\t")[FieldToLoc["ttls"]]
if ttlVector == "-":
continue
ttl_list = parseTTLVector(ttlVector)
for ttl in ttl_list:
ttlCounter[ttl] += 1
return ttlCounter
def doEndingStatistics(filename):
fieldName = "error"
error_dict = {}
file = fileReader(filename)
for line in file:
error = line.split("\t")[FieldToLoc[fieldName]]
if error in error_dict.keys():
error_dict[error] += 1
else:
error_dict[error] = 1
return error_dict
