def doLevel2CollectTask(filename):
"""
Collect the topK result from filename
:param filename: target filename
:param topK: topK wants to select, by default is None.
:return: top K count result.
"""
Type0 = "dns_unmatched_msg"
Type1 = "dns_unmatched_reply"
Type2 = "DNS_RR_unknown_type"
f = open(filename)
dataDict = json.load(f)
weirdTypeCollect = {}
for key in dataDict:
if dataDict[key]["weird"]:
# Check direction first to get the inner server.
# Check direction first to get the inner server.
srcIP = dataDict[key]["addr"][0]
dstIP = dataDict[key]["addr"][2]
for weird in dataDict[key]["weird"]:
loc = -1
if weird[0] == Type0:
loc = 0
elif weird[0] == Type1:
loc = 1
elif weird[0] == Type2:
loc = 2
if srcIP.startswith("136.159."):
# Which means srcIP is within our campus. it should be an outbound traffic
if loc != -1:
try:
weirdTypeCollect[getIPCluster(dstIP)][loc] += 1
except KeyError:
weirdTypeCollect[getIPCluster(dstIP)] = [0, 0, 0]
weirdTypeCollect[getIPCluster(dstIP)][loc] += 1
else:
if loc != -1:
try:
weirdTypeCollect[getIPCluster(srcIP)][loc] += 1
except KeyError:
weirdTypeCollect[getIPCluster(srcIP)] = [0, 0, 0]
# print(weirdTypeCollect)
return weirdTypeCollect
def doCollectTask(filename, topK):
"""
Collect the topK result from filename
:param filename: target filename
:param topK: topK wants to select, by default is None.
:return: top K count result.
"""
f = open(filename)
dataDict = json.load(f)
allOutCollect = Counter()
for key in dataDict:
# Check direction first to get the inner server.
srcIP = dataDict[key]["addr"][0]
dstIP = dataDict[key]["addr"][2]
if srcIP.startswith("136.159."):
# Which means srcIP is within our campus. it should be an outbound traffic
allOutCollect[getIPCluster(dstIP)] += 1
else:
allOutCollect[getIPCluster(srcIP)] += 1
return Counter(dict(allOutCollect.most_common(topK)))
def doCollectTask(filename, topK):
"""
Collect the topK result from filename
:param filename: target filename
:param topK: topK wants to select, by default is None.
:return: top K count result.
"""
f = open(filename)
dataDict = json.load(f)
allOutCollect = {}
for key in dataDict:
# Check direction first to get the inner server.
srcIP = dataDict[key]["addr"][0]
dstIP = dataDict[key]["addr"][2]
if srcIP.startswith("136.159."):
# Which means srcIP is within our campus. it should be an outbound traffic
if dataDict[key]["conn"][1] != "-":
try:
allOutCollect[getIPCluster(dstIP)].append(
dataDict[key]["conn"][1])
except KeyError:
allOutCollect[getIPCluster(dstIP)] = []
allOutCollect[getIPCluster(dstIP)].append(
dataDict[key]["conn"][1])
else:
if dataDict[key]["conn"][2] != "-":
try:
allOutCollect[getIPCluster(srcIP)].append(
dataDict[key]["conn"][2])
except KeyError:
allOutCollect[getIPCluster(srcIP)] = []
allOutCollect[getIPCluster(srcIP)].append(
dataDict[key]["conn"][2])
return allOutCollect
def doLevel2CollectTask(filename):
"""
Collect the topK result from filename
:param filename: target filename
:param topK: topK wants to select, by default is None.
:return: top K count result.
"""
Type0 = "dns_unmatched_msg"
Type1 = "dns_unmatched_reply"
Type2 = "DNS_RR_unknown_type"
f = open(filename)
dataDict = json.load(f)
weirdByteCollect = {}
for key in dataDict:
if dataDict[key]["weird"]:
# Check direction first to get the inner server.
# Check direction first to get the inner server.
srcIP = dataDict[key]["addr"][0]
dstIP = dataDict[key]["addr"][2]
for weird in dataDict[key]["weird"]:
if weird[0] == "dns_unmatched_reply":
print(dataDict[key])
if srcIP.startswith("136.159."):
# Which means srcIP is within our campus. it should be an outbound traffic
# Get the InByte First.
byte = dataDict[key]["conn"][2]
# print(dataDict[key])
try:
weirdByteCollect[getIPCluster(dstIP)].append(byte)
except KeyError:
weirdByteCollect[getIPCluster(dstIP)] = []
weirdByteCollect[getIPCluster(dstIP)].append(byte)
else:
byte = dataDict[key]["conn"][1]
try:
weirdByteCollect[getIPCluster(srcIP)].append(byte)
except KeyError:
weirdByteCollect[getIPCluster(srcIP)] = []
weirdByteCollect[getIPCluster(dstIP)].append(byte)
print(weirdByteCollect)
return weirdByteCollect