From a65c959940dd57bd71c4870e3c179664ee34a96c Mon Sep 17 00:00:00 2001
From: Simone Ricci <simonericci12.sr@gmail.com>
Date: Tue, 26 Nov 2019 21:20:22 +0100
Subject: Fixed intrusion detection

---
 example/intrusion_detection.h | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 example/intrusion_detection.h

(limited to 'example/intrusion_detection.h')

diff --git a/example/intrusion_detection.h b/example/intrusion_detection.h
new file mode 100644
index 000000000..b31890c96
--- /dev/null
+++ b/example/intrusion_detection.h
@@ -0,0 +1,34 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include "reader_util.h"
+#include "ndpi_api.h"
+
+typedef struct norm_values{
+    double upper_bound;
+    double lower_bound;
+    double weight;
+    double value;
+    double norm_value;
+}ndpi_norm_value;
+
+double normalize(ndpi_norm_value* tresholds);
+
+double get_flow_score(ndpi_norm_value* scores, int n_metrics);
+
+/* ********************************** */
+
+double Ddos_score(struct ndpi_flow_info* flow);
+
+double Dos_goldeneye_score(struct ndpi_flow_info* flow);
+
+double Dos_hulk_score(struct ndpi_flow_info* flow);
+
+double Dos_slow_score(struct ndpi_flow_info* flow);
+
+double Ftp_patator_score(struct ndpi_flow_info* flow);
+
+double Hearthbleed_score(struct ndpi_flow_info* flow);
+
+double Infiltration_score(struct ndpi_flow_info* flow);
+
+double Ssh_patator_score(struct ndpi_flow_info* flow);
\ No newline at end of file
-- 
cgit v1.2.3