diff options
| author | Simone Ricci <simonericci12.sr@gmail.com> | 2019-11-26 21:20:22 +0100 |
|---|---|---|
| committer | Simone Ricci <simonericci12.sr@gmail.com> | 2019-11-26 21:20:22 +0100 |
| commit | a65c959940dd57bd71c4870e3c179664ee34a96c (patch) | |
| tree | 96f2399c47beb4eb377a8cca68c36115cab189ec /example/intrusion_detection.h | |
| parent | e98b994a39ee829058265353473d773642c889cf (diff) | |
Fixed intrusion detection
Diffstat (limited to 'example/intrusion_detection.h')
| -rw-r--r-- | example/intrusion_detection.h | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/example/intrusion_detection.h b/example/intrusion_detection.h new file mode 100644 index 000000000..b31890c96 --- /dev/null +++ b/example/intrusion_detection.h @@ -0,0 +1,34 @@ +#include <stdio.h> +#include <stdlib.h> +#include "reader_util.h" +#include "ndpi_api.h" + +typedef struct norm_values{ + double upper_bound; + double lower_bound; + double weight; + double value; + double norm_value; +}ndpi_norm_value; + +double normalize(ndpi_norm_value* tresholds); + +double get_flow_score(ndpi_norm_value* scores, int n_metrics); + +/* ********************************** */ + +double Ddos_score(struct ndpi_flow_info* flow); + +double Dos_goldeneye_score(struct ndpi_flow_info* flow); + +double Dos_hulk_score(struct ndpi_flow_info* flow); + +double Dos_slow_score(struct ndpi_flow_info* flow); + +double Ftp_patator_score(struct ndpi_flow_info* flow); + +double Hearthbleed_score(struct ndpi_flow_info* flow); + +double Infiltration_score(struct ndpi_flow_info* flow); + +double Ssh_patator_score(struct ndpi_flow_info* flow);
\ No newline at end of file |