xbase-util 0.8.3__tar.gz → 0.8.4__tar.gz

{xbase_util-0.8.3 → xbase_util-0.8.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase_util
-Version: 0.8.3
+Version: 0.8.4
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.8.3 → xbase_util-0.8.4}/setup.py

@@ -3,7 +3,7 @@ from distutils.core import setup
 from setuptools import find_packages
 
 setup(name="xbase_util",
-      version="0.8.3",
+      version="0.8.4",
       description="网络安全基础工具",
       long_description="包含提取，预测，训练的基础工具",
       author="xyt",

{xbase_util-0.8.3 → xbase_util-0.8.4}/xbase_util/common_util.py

@@ -91,20 +91,17 @@ def get_ua_duplicate_count(text_data):
     return sum(count)
 
 
-def get_res_status_code_list(text_data):
+def get_res_status_code_list(all_packets):
     value_res = []
-    res = []
     num_1 = 0
     num_2 = 0
     num_3 = 0
     num_4 = 0
     num_5 = 0
-
-    res.extend([item for item in text_data.splitlines() if item.startswith("HTTP/")])
-    for item in res:
-        m = re.search(r"\b(\d{3})\b", item)
-        if m:
-            value_res.append(int(m.group(0)))
+    for item in all_packets:
+        match = re.search(r'HTTP/\d\.\d (\d{3})', item['res_header'])
+        if match:
+            value_res.append(int(match.group(1)))
     for value in value_res:
         if 0 <= value < 200:
             num_1 = num_1 + 1

xbase_util-0.8.4/xbase_util/test.py

@@ -0,0 +1,40 @@
+import re
+
+import numpy as np
+from scapy.packet import Raw
+from scapy.utils import rdpcap
+
+from xbase_util.common_util import get_res_status_code_list
+from xbase_util.pcap_util import reassemble_tcp_pcap, reassemble_session_pcap
+from xbase_util.xbase_constant import res_status_code_pattern
+
+if __name__ == '__main__':
+    packets_scapy = reassemble_tcp_pcap(rdpcap("gzip2.pcap"))
+    skey = '10.28.7.16:54398'
+    streams = b""
+    for pkt in packets_scapy:
+        if Raw in pkt:
+            streams += pkt[Raw].load
+    text_data = streams.decode('ascii', errors='ignore')
+    all_packets = reassemble_session_pcap(packets_scapy, skey=skey)
+    if len(all_packets) != 0:
+        all_req_size = [item['req_size'] for item in all_packets if item['key'] == skey]
+        all_res_size = [item['res_size'] for item in all_packets if item['key'] != skey]
+        num_1, num_2, num_3, num_4, num_5 = get_res_status_code_list(all_packets)
+        # 获取请求头参数数量
+        req_header_count_list = [req['req_header'].count(":") for req in all_packets]
+        # 请求的时间间隔
+        request_flattened_time = [item['req_time'] for item in all_packets]
+        request_time_diffs = [request_flattened_time[i + 1] - request_flattened_time[i] for i in
+                              range(len(request_flattened_time) - 1)]
+        request_mean_diff = round(np.nanmean(request_time_diffs), 5) or 0
+        request_variance_diff = round(np.nanvar(request_time_diffs), 5) or 0
+        # 响应的时间间隔
+        response_flattened_time = [item['res_time'] for item in all_packets]
+        response_time_diffs = [response_flattened_time[i + 1] - response_flattened_time[i] for i in
+                               range(len(response_flattened_time) - 1)]
+        response_mean_diff = round(np.nanmean(response_time_diffs), 5) or 0
+        response_variance_diff = round(np.nanvar(response_time_diffs), 5) or 0
+
+        time_period = [(abs(item['res_time'] - item['req_time'])) for item in
+                       all_packets if item['res_time'] != 0 and item['req_time'] != 0]

{xbase_util-0.8.3 → xbase_util-0.8.4}/xbase_util.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase-util
-Version: 0.8.3
+Version: 0.8.4
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

xbase_util-0.8.3/xbase_util/test.py

@@ -1,8 +0,0 @@
-from scapy.utils import rdpcap
-
-from xbase_util.pcap_util import reassemble_tcp_pcap, reassemble_session_pcap
-
-if __name__ == '__main__':
-    packets = reassemble_tcp_pcap(rdpcap("gzip2.pcap"))
-    res=reassemble_session_pcap(packets, skey='10.28.7.16:54398')
-    print(res)