SSF.App.DDoS
Class SpoofFloodTracer

java.lang.Object
  |
  +--SSF.App.DDoS.SpoofFloodTracer

public class SpoofFloodTracer
extends java.lang.Object

version 1.0.4
SpoofFloodTracer: tracing spoofed ip packets flood with given destination address.


Field Summary
static byte BROKEN
           
protected  CD_DDoSTracer cTracer
          doing cross-domain DDoS tracing
protected  java.lang.String curNhiPrefix
          the starting "domain" nhi prefix
protected  float curTime
          the simulated time cost by now
protected  boolean DEBUG
          debug switch
protected  java.util.LinkedList domainQueue
          data structure used for BFS search
static byte END_CHECK
           
protected  float endTime
          the end time of relevant flows.
protected  java.lang.String flowFilePrefix
          the flow data file name prefix
protected  int level
          the first "level" levels of nhi prefix is considered as domain ID.
protected  java.lang.String mapFile
          the map data file name
protected  NetMap netMap
          storing topology information
protected  long nFlows_t
          the threashold of the absolute number of flows, default 80
protected  long oldRecCount
          used when computing the simulated time cost
protected static float PROCESS_RECORD_COST
          simulated time cost of "processing" a single record
protected  float ratio_t
          the threashhold of the ratio, default 25%
protected  StreamInterface Rec
          recorder used to record trace data for animation
protected  java.util.LinkedList recordList
           
static byte START_CHECK
           
protected  float startTime
          the start time of relevant flows
static java.lang.String STREAM_TYPE
          record type of the trace back record
protected  java.lang.String streamID
          stream ID
static byte SUSPICIOUS
           
protected  int targetIP
          the target ip of the spoofed flood
protected  java.lang.String traceOutputFile
          file store trace data for animation
 
Constructor Summary
SpoofFloodTracer()
          Dumb constructor that does nothing.
 
Method Summary
 void config(com.renesys.raceway.DML.Configuration cfg)
          configur the tracer with DML configuration
 int createMap()
          Read topology data in for the future query.
protected  void domainTrace(SSF.App.DDoS.SpoofFloodTracer.DomainInfo dInfo)
          trace back in a given domain
protected  void gotDomain(long localFlow, SSF.App.DDoS.SpoofFloodTracer.DomainInfo dInfo)
          operations when the local domain is suspicious
protected  void gotIngressPoint(SSF.App.DDoS.TraceInfo tInfo)
          operations when got an suspected ingress point.
protected  boolean isLocalSuspicious(long localFlow, long egressFlow)
          check wether the local domain is responsible for a faire amount of flood
static void main(java.lang.String[] argv)
           
protected  void record(java.lang.String nhiPrefix, float curTime, byte status)
           
static java.lang.String recordToString(byte[] bytes, int offset, int length)
           
 void reportStatus()
          report the value of all the status variables
 void reset()
          reset the variables to the status before the tracing back, but not the time
 void setNumFlows(long nFlows)
           
 void setRatio(float rate)
           
 void setStreamID(java.lang.String streamID)
           
 void setTarget(int ip, java.lang.String domainNhiPrefix)
           
 void setTraceOutputFile(java.lang.String fname)
           
protected  void summarize()
           
protected  boolean suspiciousIngressPoint(SSF.App.DDoS.TraceInfo tInfo, long egressFlow)
          check to see whether a given ingress point is responsible for a fair amount of the flood.
 void traceback()
          trace back to the sources of the spoofed flood
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

START_CHECK

public static final byte START_CHECK
See Also:
Constant Field Values

SUSPICIOUS

public static final byte SUSPICIOUS
See Also:
Constant Field Values

END_CHECK

public static final byte END_CHECK
See Also:
Constant Field Values

BROKEN

public static final byte BROKEN
See Also:
Constant Field Values

Rec

protected StreamInterface Rec
recorder used to record trace data for animation


STREAM_TYPE

public static final java.lang.String STREAM_TYPE
record type of the trace back record

See Also:
Constant Field Values

traceOutputFile

protected java.lang.String traceOutputFile
file store trace data for animation


PROCESS_RECORD_COST

protected static final float PROCESS_RECORD_COST
simulated time cost of "processing" a single record

See Also:
Constant Field Values

DEBUG

protected boolean DEBUG
debug switch


streamID

protected java.lang.String streamID
stream ID


netMap

protected NetMap netMap
storing topology information


cTracer

protected CD_DDoSTracer cTracer
doing cross-domain DDoS tracing


targetIP

protected int targetIP
the target ip of the spoofed flood


startTime

protected float startTime
the start time of relevant flows


endTime

protected float endTime
the end time of relevant flows.


ratio_t

protected float ratio_t
the threashhold of the ratio, default 25%


nFlows_t

protected long nFlows_t
the threashold of the absolute number of flows, default 80


curNhiPrefix

protected java.lang.String curNhiPrefix
the starting "domain" nhi prefix


flowFilePrefix

protected java.lang.String flowFilePrefix
the flow data file name prefix


mapFile

protected java.lang.String mapFile
the map data file name


curTime

protected float curTime
the simulated time cost by now


level

protected int level
the first "level" levels of nhi prefix is considered as domain ID. default = 1


domainQueue

protected java.util.LinkedList domainQueue
data structure used for BFS search


recordList

protected java.util.LinkedList recordList

oldRecCount

protected long oldRecCount
used when computing the simulated time cost

Constructor Detail

SpoofFloodTracer

public SpoofFloodTracer()
Dumb constructor that does nothing.

Method Detail

reportStatus

public void reportStatus()
report the value of all the status variables


createMap

public int createMap()
Read topology data in for the future query.


setTraceOutputFile

public void setTraceOutputFile(java.lang.String fname)

setStreamID

public void setStreamID(java.lang.String streamID)

setTarget

public void setTarget(int ip,
                      java.lang.String domainNhiPrefix)

setRatio

public void setRatio(float rate)

setNumFlows

public void setNumFlows(long nFlows)

config

public void config(com.renesys.raceway.DML.Configuration cfg)
            throws com.renesys.raceway.DML.configException
configur the tracer with DML configuration

com.renesys.raceway.DML.configException

reset

public void reset()
reset the variables to the status before the tracing back, but not the time


traceback

public void traceback()
trace back to the sources of the spoofed flood


domainTrace

protected void domainTrace(SSF.App.DDoS.SpoofFloodTracer.DomainInfo dInfo)
trace back in a given domain


suspiciousIngressPoint

protected boolean suspiciousIngressPoint(SSF.App.DDoS.TraceInfo tInfo,
                                         long egressFlow)
check to see whether a given ingress point is responsible for a fair amount of the flood.


gotIngressPoint

protected void gotIngressPoint(SSF.App.DDoS.TraceInfo tInfo)
operations when got an suspected ingress point.


isLocalSuspicious

protected boolean isLocalSuspicious(long localFlow,
                                    long egressFlow)
check wether the local domain is responsible for a faire amount of flood


gotDomain

protected void gotDomain(long localFlow,
                         SSF.App.DDoS.SpoofFloodTracer.DomainInfo dInfo)
operations when the local domain is suspicious


summarize

protected void summarize()

record

protected void record(java.lang.String nhiPrefix,
                      float curTime,
                      byte status)

recordToString

public static java.lang.String recordToString(byte[] bytes,
                                              int offset,
                                              int length)

main

public static void main(java.lang.String[] argv)