def getHourlySrcPortIPCount(filename): srcPortCounter = Counter() file = fileReader(filename) for line in file: srcPortIP = line.split("\t")[FieldToLoc["srcPort"]] srcPortCounter[srcPortIP] += 1 return srcPortCounter
def getHourlyCount(filename): file = fileReader(filename) typeCounter = Counter() for line in file: type = line.split("\t")[FieldToLoc["type"]] typeCounter[type] += 1 return typeCounter
def getHourlyDstIPCount(filename): dstCounter = Counter() file = fileReader(filename) for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] dstCounter[dstIP] += 1 return dstCounter
def getStatistics(filename): startX = 0 startY = 0 size = 50 file = fileReader(filename) IPDict = [[] for _ in range(size)] for i in range(size): IPDict[i] = [0] * size for line in file: print(line) if "." not in line: continue [IPForth, IPThird] = line.strip().split(".") if startX <= int(IPThird) < startX + size and startY <= int( IPForth) < startY + size: IPDict[int(IPThird) - startX][int(IPForth) - startY] += 1 print(IPDict[int(size / 2)]) for i in range(len(IPDict)): for j in range(len(IPDict[i])): if IPDict[i][j] == 0: continue IPDict[i][j] = math.log10(IPDict[i][j]) xticks = [str(i) for i in range(startX, startX + size)] yticks = [str(i) for i in range(startY, startY + size)] doDrawHeatMap(IPDict, xticks, yticks)
def getHourlyNameIPCount(filename): nameCounter = Counter() file = fileReader(filename) for line in file: nameIP = line.split("\t")[FieldToLoc["query"]] nameCounter[nameIP] += 1 return nameCounter
def getSpecifiedCount(self, fieldName): file = fileReader(self.filename) certainCounter = Counter() for line in file: specifiedFieldVal = line.split("\t")[FieldToLoc[fieldName]] certainCounter[specifiedFieldVal] += 1 return certainCounter
def doDistinceIPCount(filename, fieldName): IP_set = set() file = fileReader(filename) for line in file: IP = line.split("\t")[FieldToLoc[fieldName]] IP_set.add(IP) return len(IP_set)
def doDistinceNameCount(filename, fieldName): Name_set = set() file = fileReader(filename) for line in file: name = line.split("\t")[FieldToLoc[fieldName]] Name_set.add(name) return len(Name_set)
def getIPCountDict(filename): file = fileReader(filename) ipCountDict = {} for line in file: ip = line.split("\t")[0] count = int(line.split("\t")[1]) ipCountDict[ip] = count return ipCountDict
def getSubnetData(filename): yDataDict = Counter() file = fileReader(filename) for line in file: subnetID = int(line.split("\t")[0]) subnetCount = int(line.split("\t")[1]) yDataDict[subnetID] = subnetCount return yDataDict
def getHourlyAnalysis(filename): file = fileReader(filename) hourlyCounter = Counter() for line in file: response = line.split("\t")[FieldToLoc["answers"]] query = line.split("\t")[FieldToLoc["query"]] hourlyCounter[responseClassify(query, response)] += 1 return hourlyCounter
def getHourlyValidResponse(filename): file = fileReader(filename) responseList = [] for line in file: response = line.split("\t")[FieldToLoc["answers"]] if response != "-": responseList.append(response) return responseList
def getHourlyResponseLess(filename): file = fileReader(filename) responseLineList = [] for line in file: response = line.split("\t")[FieldToLoc["answers"]] if response == "-": responseLineList.append(line + "\n") return responseLineList
def dumpParticalIP(filename, outputFilename): outputStr = "" file = fileReader(filename) for line in file: srcIP = line.split("\t")[FieldToLoc["dstIP"]] particalSrcP = ".".join(srcIP.split(".")[2:4]) outputStr = outputStr + particalSrcP + "\n" outputFile = fileWriter(outputFilename) outputFile.writeString(outputStr)
def getSrcIPList(filename): file = fileReader(filename) ipList = [] for line in file: queryCount = int(line.split("\t")[1]) if queryCount > 0: ipList.append(line.split("\t")[0]) return ipList
def getHourlyCount(filename): file = fileReader(filename) traceSet = set() for line in file: lineList = line.strip().split("\t") info = lineList[FieldToLoc["uid"]] + lineList[FieldToLoc["srcIP"]] + lineList[FieldToLoc["srcPort"]] + \ lineList[FieldToLoc["dstIP"]] + lineList[FieldToLoc["transID"]] + lineList[FieldToLoc["query"]] traceSet.add(info) return len(traceSet)
def doHourlyCPSCRelatedGen(inputFilename): inputFile = fileReader(inputFilename) dstIPs = ["192.33.14.30", "192.175.48.6"] ret_list = [] for line in inputFile: queriedName = line.split("\t")[FieldToLoc["dstIP"]] if queriedName in dstIPs: ret_list.append(line) return ret_list
def doHourlyCPSCRelatedGen(inputFilename): inputFile = fileReader(inputFilename) checkedNames = ["ns1.cpsc.ucalgary.ca", "ns2.cpsc.ucalgary.ca", "mirror.cpsc.ucalgary.ca"] ret_list = [] for line in inputFile: queriedName = line.split("\t")[FieldToLoc["query"]] if queriedName in checkedNames: ret_list.append(line) return ret_list
def getCount(filename): IPCounter = Counter() file = fileReader(filename) for line in file: print(line) if "." not in line: continue line = line.strip() IPCounter[line] += 1 print(IPCounter)
def doOccurredCount(filename, fieldCkecked): subnetPools = Counter() file = fileReader(filename) for line in file: IP = line.split("\t")[fieldCkecked] ThirdSubmet = int(IP.split(".")[2]) subnetPools[ThirdSubmet] += 1 return subnetPools
def doHourlyIPCount(filename): srcField = "srcIP" dstField = "dstIP" srcIPCounter = Counter() dstIPCounter = Counter() File = fileReader(filename) for line in File: srcIPCounter[line.split("\t")[FieldToLoc[srcField]]] += 1 dstIPCounter[line.split("\t")[FieldToLoc[dstField]]] += 1 return srcIPCounter, dstIPCounter
def getHourlyNBSTATRow(filename, NBSTATFoldername): file = fileReader(filename) NBSTATFilename = NBSTATFoldername + "/" + filename.split("/")[-1] dump_str = "" for line in file: type = line.split("\t")[FieldToLoc["type"]] if type == "NBSTAT": dump_str += (line + "\n") campusFile = fileWriter(NBSTATFilename) campusFile.writeString(dump_str)
def getHourlyAkamaiRow(filename, AkamaiFoldername): file = fileReader(filename) AkamaiFilename = AkamaiFoldername + "/" + filename.split("/")[-1] AkamaiDNSList = ["136.159.222.244"] dump_str = "" for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] if dstIP in AkamaiDNSList: dump_str += (line + "\n") AkamaiFile = fileWriter(AkamaiFilename) AkamaiFile.writeString(dump_str)
def getCache(filename): if not isFileExist(filename): return None file = fileReader(filename) ipOrgDict = {} for line in file: if len(line.split("\t")) > 1: [ip, org] = line.split("\t") ipOrgDict[ip] = org print(ipOrgDict) return ipOrgDict
def getHourlyPhysRow(filename, PhysFoldername): file = fileReader(filename) PhysFilename = PhysFoldername + "/" + filename.split("/")[-1] PhysDNSList = ["136.159.51.4", "136.159.51.5", "136.159.52.10"] dump_str = "" for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] if dstIP in PhysDNSList: dump_str += (line + "\n") PhysFile = fileWriter(PhysFilename) PhysFile.writeString(dump_str)
def getHourlyCampusOneRow(filename, campusOneFoldername): file = fileReader(filename) campusOneFilename = campusOneFoldername + "/" + filename.split("/")[-1] campusOneDNSList = ["136.159.1.21"] dump_str = "" for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] if dstIP in campusOneDNSList: dump_str += (line + "\n") campusFile = fileWriter(campusOneFilename) campusFile.writeString(dump_str)
def getHourlyAuroralRow(filename, AuroralFoldername): file = fileReader(filename) AuroralFilename = AuroralFoldername + "/" + filename.split("/")[-1] AuroralDNSList = ["136.159.142.4", "136.159.142.5"] dump_str = "" for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] if dstIP in AuroralDNSList: dump_str += (line + "\n") AuroralFile = fileWriter(AuroralFilename) AuroralFile.writeString(dump_str)
def getHourlyUnknownRow(filename, UnknownFoldername): file = fileReader(filename) UnknownFilename = UnknownFoldername + "/" + filename.split("/")[-1] UnknownDNSList = ["136.159.205.37", "136.159.205.38", "136.159.205.39"] dump_str = "" for line in file: dstIP = line.split("\t")[FieldToLoc["dstIP"]] if dstIP in UnknownDNSList: dump_str += (line + "\n") UnknownFile = fileWriter(UnknownFilename) UnknownFile.writeString(dump_str)
def doHourlyTTLCount(filename): ttlCounter = Counter() file = fileReader(filename) for line in file: ttlVector = line.split("\t")[FieldToLoc["ttls"]] if ttlVector == "-": continue ttl_list = parseTTLVector(ttlVector) for ttl in ttl_list: ttlCounter[ttl] += 1 return ttlCounter
def doEndingStatistics(filename): fieldName = "error" error_dict = {} file = fileReader(filename) for line in file: error = line.split("\t")[FieldToLoc[fieldName]] if error in error_dict.keys(): error_dict[error] += 1 else: error_dict[error] = 1 return error_dict