public DangerousHTTPRequests SecureFilterAndScanAllFile() { DangerousHTTPRequests dangerousRequests = new DangerousHTTPRequests(); FilteredRecords filtered = new FilteredRecords(); try { using (StreamReader sr = new StreamReader(fileName, System.Text.Encoding.Default)) { string line; //long bytesSeek = 0; while ((line = sr.ReadLine()) != null) { if (OneRecord.IsRecordCanBeCreated(line)) { OneRecord record = new OneRecord(line); //filteredList.AddRecord(record); if (DangerousHTTPRequests.isRecordLoginFailure(record)) { filtered.AddRecord(record); } } } } } catch (FileNotFoundException ioEx) { Console.WriteLine(ioEx.Message); } dangerousRequests = filtered.AttackDetector(); return(dangerousRequests); }
public DangerousHTTPRequests AttackDetector() { DangerousHTTPRequests dangerousRequests = new DangerousHTTPRequests(); //if (anyFilterActive) //{ int index = 0; foreach (OneRecord _record in FilteredRecordsList) { if (DangerousHTTPRequests.isRecordLoginFailure(_record)) { string ip = _record.ip; string requestFilename = _record.request_file_name; DateTime time = _record.date; int numberOfRequests = 1; //if (dangerousRequests.DangerousIp.ContainsKey(ip)) // break; for (int i = index + 1; i < FilteredRecordsList.Count; i++) { //Console.WriteLine("{0}", FilteredRecordsList[i].date - time); if ((FilteredRecordsList[i].date - time).TotalMinutes >= 1) { break; } if (ip != FilteredRecordsList[i].ip) { continue; } if (requestFilename != FilteredRecordsList[i].request_file_name) { continue; } //Console.WriteLine("{0}", FilteredRecordsList[i].date); numberOfRequests++; } float probabilityOfDangerous = (float)100 * numberOfRequests / 15; // 15 ---> 100% if (probabilityOfDangerous > 100) { probabilityOfDangerous = 100; } if (DangerousHTTPRequests.isRecordDangerous(numberOfRequests, probabilityOfDangerous)) { if (dangerousRequests.DangerousIp.ContainsKey(ip)) { if (dangerousRequests.DangerousIp[ip] < probabilityOfDangerous) { dangerousRequests.DangerousIp[ip] = probabilityOfDangerous; //Console.WriteLine("blya"); } //else // break; } else { dangerousRequests.AddIp(ip, probabilityOfDangerous); } } //Console.WriteLine("aaaaaaaaaaaaaaa {0}", dangerousRequests.DangerousIp[ip]); //Console.WriteLine(string.Format("колво - {0}; Number 2 : {1:0.00##}", numberOfRequests,probabilityOfDangerous)); } index++; } //} //else //{ //} return(dangerousRequests); }