Merge pull request #813 from SimoneRicci97/dev

Fixed intrusion detection

1 files changed, 34 insertions, 0 deletions

diff --git a/example/intrusion_detection.h b/example/intrusion_detection.h
new file mode 100644
index 000000000..b31890c96
--- /dev/null
+++ b/example/intrusion_detection.h
@@ -0,0 +1,34 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include "reader_util.h"
+#include "ndpi_api.h"
+
+typedef struct norm_values{
+    double upper_bound;
+    double lower_bound;
+    double weight;
+    double value;
+    double norm_value;
+}ndpi_norm_value;
+
+double normalize(ndpi_norm_value* tresholds);
+
+double get_flow_score(ndpi_norm_value* scores, int n_metrics);
+
+/* ********************************** */
+
+double Ddos_score(struct ndpi_flow_info* flow);
+
+double Dos_goldeneye_score(struct ndpi_flow_info* flow);
+
+double Dos_hulk_score(struct ndpi_flow_info* flow);
+
+double Dos_slow_score(struct ndpi_flow_info* flow);
+
+double Ftp_patator_score(struct ndpi_flow_info* flow);
+
+double Hearthbleed_score(struct ndpi_flow_info* flow);
+
+double Infiltration_score(struct ndpi_flow_info* flow);
+
+double Ssh_patator_score(struct ndpi_flow_info* flow);
\ No newline at end of file