//public void ReceiveFile()
//{
// if (ReceivedParsedFile != null)
// {
// ReceivedParsedFile("Received parsed file");
// }
// //if (listOfHandlers != null)
// //{
// // listOfHandlers("received file");
// //}
//}
public void ReceiveFile(CurrentCaptureFile captureFile)
{
// No longer using this event
//if (ReceivedParsedFile != null)
//{
// ReceivedParsedFile(captureFile);
//}
}
//public AnalysisEngine(bool trimZeroPacketIntervals, int histogramBinSize, HypothesisTest hypothesisTest, string captureFileName, CaptureState captureState)
public AnalysisEngine(bool trimZeroPacketIntervals, int histogramBinSize, HypothesisTestType hypothesisTestType, CurrentCaptureFile file)
{
this._HistogramBinSize = histogramBinSize;
this._TrimZeroPacketIntervals = trimZeroPacketIntervals;
this._CaptureFileName = file.FileName;
//this._CaptureState = captureState;
this._CaptureState = file.CaptureState;
this._HypothesisTestType = hypothesisTestType;
this._File = new CurrentCaptureFile();
this._File = file;
}
private void CreateAnalysisData(CurrentCaptureFile file)
{
AnalysisEngine analysisEngine = new AnalysisEngine(AnalysisConfiguration.TrimSmallPackets, AnalysisConfiguration.HistogramBinSize, AnalysisConfiguration.HypothesisTestType, file);
analysisEngine.CalculateSingleBatchStatistics();
analysisEngine.CalculateCumulativeBatchStatistics();
analysisEngine.CalculateSingleHistogramData();
analysisEngine.CalculateCumulativeHistogramData();
analysisEngine.CalculateCumulativeProbabilityDistribution(file.CaptureState);
analysisEngine.CalculateHypothesisTestResults();
analysisEngine = null;
}
public BindingList<CurrentCaptureFile> CheckForNewFiles(string inputFilePath, string outputFilePath)
{
BindingList<CurrentCaptureFile> currentCaptureFiles = new BindingList<CurrentCaptureFile>();
FileInfo[] fi = null;
string currentCaptureFileName = string.Empty;
// Process the file
ProcessCapturePackets pcp = new ProcessCapturePackets();
try
{
if (inputFilePath != "")
{
DirectoryInfo di = new DirectoryInfo(inputFilePath);
fi = di.GetFiles();
foreach (var file in fi)
{
if (file.Name != "TestFile.txt")
{
pcp.ProcessPacketFile(file.Name);
if (currentCaptureFileName != file.Name)
{
CurrentCaptureFile ccf = new CurrentCaptureFile();
ccf = pcp.GetCurrentCaptureFile(file.Name);
currentCaptureFiles.Add(ccf);
}
}
// Move the file to the done folder
File.Move(inputFilePath + "\\" + file.Name, outputFilePath + "\\" + file.Name);
}
}
}
catch (Exception ex)
{
// Possible conflict with parse files service - ignore this error for now - we'll try
// again in a few seconds
}
return currentCaptureFiles;
}
//private static void OnReceivedFileEvent(string msg)
//{
// // Method called when parsed file received notification event is raised
// AnalysisControl.OnReceivedFileEvent("received file");
//}
// static void OnReceivedFileEvent(string fileName)
static void OnReceivedFileEvent(CurrentCaptureFile captureFile)
{
// No longer using this event / event handler...
//// Method called when parsed file received notification event is raised
//FileQueue.Enqueue(captureFile);
//// Method called when parsed file received notification event is raised
//// Send the file to the BatchIntervalEngine and AnalysisEngine for processing
////BatchIntervalEngine biEngine = new BatchIntervalEngine(DbConnectionString, _ParsedFilesPath, captureFileName, 5, InterarrivalInterval.GetIntervalMilliSeconds());
//BatchIntervalEngine biEngine = new BatchIntervalEngine(DbConnectionString, _ParsedFilesPath, captureFile.FileName, AnalysisConfiguration.TimerInterval, InterarrivalInterval.GetIntervalMilliSeconds());
//biEngine.ProcessNewBatchIntervals();
////AnalysisEngine analysisEngine = new AnalysisEngine(AnalysisConfiguration.TrimSmallPackets, AnalysisConfiguration.HistogramBinSize, AnalysisConfiguration.HypothesisTest, captureFileName, file.CaptureState);
//AnalysisEngine analysisEngine = new AnalysisEngine(AnalysisConfiguration.TrimSmallPackets, AnalysisConfiguration.HistogramBinSize, AnalysisConfiguration.HypothesisTestType, captureFile);
//analysisEngine.CalculateSingleBatchStatistics();
//analysisEngine.CalculateCumulativeBatchStatistics();
//analysisEngine.CalculateSingleHistogramData();
//analysisEngine.CalculateCumulativeHistogramData();
//analysisEngine.CalculateCumulativeProbabilityDistribution(captureFile.CaptureState);
//analysisEngine.CalculateHypothesisTestResults();
}
private void ProcessCaptureDataButton_Click(object sender, EventArgs e)
{
// For testing - code to be moved to background worker thread
// For production: use the OnFileReceived event handler to notify the BatchIntervalEngine that a new file has been received
// For testing:
BindingList<CurrentCaptureFile> _CurrentCaptureFiles = new BindingList<CurrentCaptureFile>();
CurrentCaptureFile ccf = new CurrentCaptureFile("CaptureFile635674934252530702u.pcap", CaptureState.Unmarked);
CurrentCaptureFile ccf1 = new CurrentCaptureFile("CaptureFile635674934452612146d.pcap", CaptureState.Marked);
CurrentCaptureFile ccf2 = new CurrentCaptureFile("CaptureFile635674934652743658u.pcap", CaptureState.Unmarked);
CurrentCaptureFile ccf3 = new CurrentCaptureFile("CaptureFile635674934852905142d.pcap", CaptureState.Marked);
_CurrentCaptureFiles.Add(ccf);
_CurrentCaptureFiles.Add(ccf1);
_CurrentCaptureFiles.Add(ccf2);
_CurrentCaptureFiles.Add(ccf3);
if (_CurrentCaptureFiles.Count > 0)
{
foreach (CurrentCaptureFile file in _CurrentCaptureFiles)
{
string captureFileName = file.FileName;
//BatchIntervalEngine biEngine = new BatchIntervalEngine(DbConnectionString, _ParsedFilesPath, _CurrentCaptureFileName, 5, InterarrivalInterval.GetIntervalMilliSeconds());
//string captureFileName = "CaptureFile635674934252530702u.pcap";
BatchIntervalEngine biEngine = new BatchIntervalEngine(DbConnectionString, _ParsedFilesPath, captureFileName, 5, InterarrivalInterval.GetIntervalMilliSeconds());
biEngine.ProcessNewBatchIntervals();
//AnalysisEngine analysisEngine = new AnalysisEngine(AnalysisConfiguration.TrimSmallPackets, AnalysisConfiguration.HistogramBinSize, AnalysisConfiguration.HypothesisTest, captureFileName, file.CaptureState);
AnalysisEngine analysisEngine = new AnalysisEngine(AnalysisConfiguration.TrimSmallPackets, AnalysisConfiguration.HistogramBinSize, AnalysisConfiguration.HypothesisTestType, file);
analysisEngine.CalculateSingleBatchStatistics();
analysisEngine.CalculateCumulativeBatchStatistics();
analysisEngine.CalculateSingleHistogramData();
analysisEngine.CalculateCumulativeHistogramData();
analysisEngine.CalculateCumulativeProbabilityDistribution(file.CaptureState);
analysisEngine.CalculateHypothesisTestResults();
biEngine = null;
analysisEngine = null;
}
}
/******************************** Old code ********************************************/
//DisplayStatisticsData bsd = new DisplayStatisticsData();
//BindingList<DisplayStatistic> ds = new BindingList<DisplayStatistic>();
//ds = bsd.GetSingleMarkedDisplayStatistics();
//bool success = false;
////int intervalSizeMs = 30 ;
//int intervalSizeMs = InterarrivalInterval.GetIntervalMilliSeconds();
//// For testing:
//BindingList<CurrentCaptureFile> _CurrentCaptureFiles = new BindingList<CurrentCaptureFile>();
//CurrentCaptureFile ccf = new CurrentCaptureFile("CaptureFile635674934252530702u.pcap", CaptureState.Unmarked);
//CurrentCaptureFile ccf1 = new CurrentCaptureFile("CaptureFile635674934452612146d.pcap", CaptureState.Marked);
//CurrentCaptureFile ccf2 = new CurrentCaptureFile("CaptureFile635674934652743658u.pcap", CaptureState.Unmarked);
//CurrentCaptureFile ccf3 = new CurrentCaptureFile("CaptureFile635674934852905142d.pcap", CaptureState.Marked);
//_CurrentCaptureFiles.Add(ccf);
//_CurrentCaptureFiles.Add(ccf1);
//_CurrentCaptureFiles.Add(ccf2);
//_CurrentCaptureFiles.Add(ccf3);
//if (_CurrentCaptureFiles.Count > 0)
//{
// foreach (CurrentCaptureFile file in _CurrentCaptureFiles)
// {
// BindingList<RawPacket> rawPackets = new BindingList<RawPacket>();
// BindingList<PacketInterval> intervalCounts = new BindingList<PacketInterval>();
// //int captureBatchId = 0;
// ProcessCapturePackets pcp = new ProcessCapturePackets();
// ClientStatusToolStripStatusLabel.Visible = true;
// ClientStatusToolStripProgressBar.Visible = true;
// ClientStatusToolStripStatusLabel.Text = "Loading capture packets into data store for file [" + file.FileName + "]...";
// try
// {
// rawPackets = pcp.LoadPackets(file.FileName);
// if (rawPackets.Count > 0) { success = true; }
// }
// catch (Exception ex)
// {
// MessageBox.Show("Error loading raw packet data for file [" + file.FileName + "]: " + ex.Message, "Process Capture Packets - Load Packets");
// }
// try
// {
// if (success)
// {
// intervalCounts = pcp.CalculateIntervalCounts(rawPackets, intervalSizeMs);
// }
// }
// catch (Exception ex)
// {
// success = false;
// MessageBox.Show("Error calculating interval counts for file [" + file.FileName + "]: " + ex.Message, "Process Capture Packets - Calculate Interval Counts");
// }
// // Load the batch intervals into the database
// if (success)
// {
// try
// {
// //success = pcp.SaveBatchIntervals(DbConnectionString, intervalCounts, file.FileName, captureBatchId, file.Marked);
// success = pcp.SaveBatchIntervals(DbConnectionString, intervalCounts);
// }
// catch (Exception ex)
// {
// success = false;
// MessageBox.Show("Error saving batch interval counts: " + ex.Message, "Save Batch Intervals");
// }
// }
// // Add batch to cumulative totals
// if(success)
// {
// try
// {
// //success = pcp.UpdateCumulativeIntervals(DbConnectionString, intervalCounts, file.Marked);
// success = pcp.UpdateCumulativeIntervals(DbConnectionString, intervalCounts);
// }
// catch (Exception ex)
// {
// success = false;
// MessageBox.Show("Error updating cumulative intervals for this file [" + file.FileName + "]: " + ex.Message);
// }
// }
// BindingList<BatchIntervalMarked> markedIntervals = new BindingList<BatchIntervalMarked>();
// var captureBatchId = (from i in intervalCounts
// select i.CaptureBatchId).FirstOrDefault();
// markedIntervals = pcp.GetMarkedBatchIntervals(captureBatchId);
// //AnalyzeData ad = new AnalyzeData(markedIntervals);
// CalculateHistogram h = new CalculateHistogram();
// Dictionary<int, int> histValues = new Dictionary<int, int>();
// //histValues = h.CalculateHistogramValues(markedIntervals);
// BindingList<CapturePacket> capturePackets = new BindingList<CapturePacket>();
// capturePackets = pcp.GetCapturePackets(file.FileName);
// histValues = h.CalculateHistogramValues(capturePackets);
// //Dictionary<int, decimal> probabilities = new CalculateProbability(histValues).GetProbabilityValues();
// //SortedDictionary<int, decimal> probabilities = new CalculateProbability(markedIntervals).GetProbabilityByPacketRange();
// // Display the batch in the graph:
// // - One batch each of marked and unmarked - alternate as a new batch becomes available
// // - One batch each of cumulative marked and unmarked - alternate as a new batch becomes available
// // - Add to cumulative distribution and display
// }
//}
//else
//{
// MessageBox.Show("No capture files found to process!", "Process Capture Files");
//}
}
private void OnFlooderTimerElapsedEvent(object sender, ElapsedEventArgs e)
{
// Capture the name of the current capture file
string currentCaptureFileName = _CurrentCaptureFileName;
CurrentCaptureFile ccf = new CurrentCaptureFile(_CurrentCaptureFileName, IsMarked == true ? CaptureState.Marked : CaptureState.Unmarked);
FileQueue.Enqueue(ccf);
// Increment the file count
if(ccf.CaptureState == CaptureState.Marked)
{
_MarkedFileCount++;
}
else
{
_UnmarkedFileCount++;
}
DisplayCapturedFileCount();
// Start the next packet capture file
if (IsFlooding)
{
if (IsMarked)
{
if (this.ProgressLabel.InvokeRequired)
{
BeginInvoke(new Action(() => this.ProgressLabel.Text = "Capturing unmarked packet data..."), null);
}
IsMarked = false;
StartPacketCapture(TargetIpAddressTextBox.Text.Trim(), _HostIpAddress, _FlooderTimerInterval);
}
else
{
if (this.ProgressLabel.InvokeRequired)
{
BeginInvoke(new Action(() => this.ProgressLabel.Text = "Capturing marked packet data..."), null);
}
IsMarked = true;
StartPacketCapture(TargetIpAddressTextBox.Text.Trim(), _HostIpAddress, _FlooderTimerInterval);
}
}
// Move the current packet capture file to a folder where it will be parsed
// by the ParseCaptureFilesService
// Do this at the end of the call so that the file can be closed properly
MovePacketCaptureFile(currentCaptureFileName);
//bgWorker.ReportProgress(0);
//// Raise an event to notify the AnalysisEngine that a capture file has been processed
//CurrentCaptureFile ccf = new CurrentCaptureFile(_CurrentCaptureFileName, IsMarked == true ? CaptureState.Marked : CaptureState.Unmarked);
//ccf.ReceivedParsedFile += OnReceivedFileEvent;
//ccf.ReceiveFile();
//ccf.ReceiveFile(ccf);
//UpdateParseFilesServiceStatus();
// Check to see if we found a coresident VM
int activeRow = 0;
foreach (DataGridViewRow row in _FlooderStatusDataGridView.Rows)
{
if (row.Cells["FlooderStatus"].Value.ToString() == "Running")
{
activeRow = row.Index;
break;
}
}
if(AnalysisConfiguration.FoundCoresidentVm)
{
_FlooderStatusDataGridView.Rows[activeRow].Cells["FlooderStatus"].Value = "Co-Resident"; // Status
_FlooderStatusDataGridView.Rows[activeRow].Cells["FlooderStatus"].Style.BackColor = CoResident;
Application.DoEvents();
}
else
{
_FlooderStatusDataGridView.Rows[activeRow].Cells["FlooderStatus"].Value = "Running"; // Status
_FlooderStatusDataGridView.Rows[activeRow].Cells["FlooderStatus"].Style.BackColor = NonResident;
Application.DoEvents();
}
}
public BatchStatistics CalculateBatchStatistics(BindingList<BatchIntervalMarked> batchIntervals, CaptureState captureState, BatchType batchType)
{
decimal batchIntervalsMean = 0;
decimal batchIntervalsTrimmedMean = 0;
// Trim zero packets from the batch interval
BindingList<BatchIntervalMarked> batchIntervalsTrimmed = new BindingList<BatchIntervalMarked>();
foreach (BatchIntervalMarked bim in batchIntervals)
{
if (bim.PacketCount > AnalysisConfiguration.HistogramBinSize)
{
batchIntervalsTrimmed.Add(bim);
}
}
// Calculate statistics for the batch
BatchStatistics bs = new BatchStatistics();
if (AnalysisConfiguration.TrimSmallPackets)
{
BaseStatistics stats = new BaseStatistics(batchIntervalsTrimmed);
bs.IntervalCountTrimmed = stats.Count;
bs.PacketCountMaximum = stats.Maximum;
bs.PacketCountMinimum = stats.Minimum;
bs.PacketCountMean = stats.Mean;
bs.PacketCountStandardDeviation = stats.StdDev;
// Calculate both means for updating the capture batch intervals
batchIntervalsTrimmedMean = stats.Mean;
batchIntervalsMean = Convert.ToDecimal((from t in batchIntervals select t.PacketCount).Average());
// Get both counts for the batch
bs.IntervalCountTrimmed = stats.Count < 0 ? 0 : stats.Count;
bs.IntervalCount = batchIntervals.Count < 0 ? 0 : batchIntervals.Count;
}
else
{
BaseStatistics stats = new BaseStatistics(batchIntervals);
bs.IntervalCount = stats.Count;
bs.PacketCountMaximum = stats.Maximum;
bs.PacketCountMinimum = stats.Minimum;
bs.PacketCountMean = stats.Mean;
bs.PacketCountStandardDeviation = stats.StdDev;
// Calculate both means for updating the capture batch intervals
batchIntervalsMean = bs.PacketCountMean;
batchIntervalsTrimmedMean = Convert.ToDecimal((from t in batchIntervalsTrimmed select t.PacketCount).Average());
// Get both counts for the batch
bs.IntervalCount = stats.Count < 0 ? 0 : stats.Count;
bs.IntervalCountTrimmed = batchIntervalsTrimmed.Count < 0 ? 0 : batchIntervalsTrimmed.Count;
}
// Update the batch mean - only for single batches, not cumulative batches
CurrentCaptureFile captureFile = new CurrentCaptureFile();
ProcessCapturePackets pcp = new ProcessCapturePackets();
captureFile = pcp.GetCurrentCaptureFile(_CaptureFileName);
int captureBatchId = captureFile.CaptureBatchId;
if (batchType == BatchType.Single && captureBatchId != 0)
{
try
{
//ProcessCapturePackets pcp = new ProcessCapturePackets();
//if (!pcp.UpdateBatchMean(Convert.ToInt32(captureBatchId), bs.PacketCountMean))
if (!pcp.UpdateBatchMean(Convert.ToInt32(captureBatchId), batchIntervalsMean, batchIntervalsTrimmedMean))
{
throw new Exception("Error updating batch mean for CaptureBatchId " + captureBatchId);
}
}
catch (Exception ex)
{
throw new Exception("Error updating batch mean for CaptureBatchId " + captureBatchId + ": " + ex.Message);
}
}
// Save the statistics to the database for display on the Analysis tab (save to DisplayStatistics table)
SaveDisplayStatistics(bs, captureBatchId, captureState, batchType, true);
return bs;
}
private void CalculateSingleHistogramProbability(BindingList<BatchIntervalMarked> batchIntervalsCollection, BatchType batchType, CurrentCaptureFile captureFile)
{
BindingList<BatchIntervalMarked> batchIntervals = new BindingList<BatchIntervalMarked>();
batchIntervals = batchIntervalsCollection;
SortedDictionary<int, decimal> histogramProbabilities = new SortedDictionary<int, decimal>();
int histogramBinSize = AnalysisConfiguration.HistogramBinSize;
histogramProbabilities = new CalculateProbability(batchIntervals).GetProbabilityByPacketRange(_TrimZeroPacketIntervals, histogramBinSize);
// Convert histogram probabilities to Histogram type collection
BindingList<SingleHistogram> singleHistogramProbabilityData = new BindingList<SingleHistogram>();
foreach (KeyValuePair<int, decimal> data in histogramProbabilities)
{
SingleHistogram h = new SingleHistogram();
h.CaptureBatchId = captureFile.CaptureBatchId;
h.Interval = data.Key;
h.Probability = data.Value;
h.BatchType = Convert.ToInt32(batchType);
h.CaptureState = Convert.ToInt32(captureFile.CaptureState);
singleHistogramProbabilityData.Add(h);
}
// Save histogram data
SingleHistogramData shd = new SingleHistogramData(singleHistogramProbabilityData);
shd.InsertSingleHistogramData();
}
public void CalculateSingleHistogramData()
{
ProcessCapturePackets pcp = new ProcessCapturePackets();
BindingList<BatchIntervalMarked> batchIntervals = new BindingList<BatchIntervalMarked>();
// Get the batch intervals
CurrentCaptureFile captureFile = new CurrentCaptureFile();
captureFile = pcp.GetCurrentCaptureFile(_CaptureFileName);
batchIntervals = pcp.GetMarkedBatchIntervals(captureFile.CaptureBatchId);
CalculateSingleHistogramProbability(batchIntervals, BatchType.Single, captureFile);
//switch (_CaptureState)
//{
// case CaptureState.Marked:
// CalculateHistogramDataByType(batchIntervals, BatchType.Single, CaptureState.Marked);
// break;
// case CaptureState.Unmarked:
// CalculateHistogramDataByType(batchIntervals, BatchType.Single, CaptureState.Unmarked);
// break;
//}
}
public bool CalculateSingleBatchStatistics()
{
bool result = false;
// Calculate single batch statistics
//// Get the last marked and unmarked batches and add them to the graph
//int lastBatchId = 0;
ProcessCapturePackets pcp = new ProcessCapturePackets();
//lastBatchId = pcp.GetLastCaptureBatchId();
CurrentCaptureFile captureFile = new CurrentCaptureFile();
CaptureFileData cfd = new CaptureFileData();
//captureFile = cfd.GetLastCaptureBatchRecord();
captureFile = cfd.GetCurrentCaptureFile(_CaptureFileName);
// Set the global variable
_CaptureState = captureFile.CaptureState;
BindingList<BatchIntervalMarked> batchIntervals = new BindingList<BatchIntervalMarked>();
// Calculate probabilities
batchIntervals = pcp.GetMarkedBatchIntervals(captureFile.CaptureBatchId);
int histogramBinSize = Convert.ToInt32(_HistogramBinSize);
SortedDictionary<int, decimal> probabilities = new CalculateProbability(batchIntervals).GetProbabilityByPacketRange(_TrimZeroPacketIntervals, histogramBinSize);
BatchStatistics markedSingleStats = new BatchStatistics();
BatchStatistics unmarkedSingleStats = new BatchStatistics();
// Add the results to the DisplayStatistics table
DisplayStatisticsData dsd = new DisplayStatisticsData();
if(captureFile.CaptureState == CaptureState.Marked)
{
markedSingleStats = CalculateBatchStatistics(batchIntervals, CaptureState.Marked, BatchType.Single);
}
else
{
unmarkedSingleStats = CalculateBatchStatistics(batchIntervals, CaptureState.Unmarked, BatchType.Single);
}
return result;
}
