diff --git a/Documentation.pdf b/Documentation.pdf new file mode 100644 index 0000000..68644d1 Binary files /dev/null and b/Documentation.pdf differ diff --git a/html/info.php b/html/info.php deleted file mode 100755 index 7807d67..0000000 --- a/html/info.php +++ /dev/null @@ -1,3 +0,0 @@ - { - DashboardAdapter.alertHigh("Port " + data[0].get("targetAddress") + " is under a horizontal port scan."); + DashboardAdapter.alertHigh("Port " + data[0].get("targetPort") + " is under a horizontal port scan."); }); } private static void setup(String id, int period, int threshold) throws EPCompileException, EPDeployException { @@ -40,7 +40,7 @@ private static void setup(String id, int period, int threshold) throws EPCompile " select targetPort from "+latest+ " group by targetPort having count(distinct targetAddress) >= " + threshold, - "on "+alert+" as A delete from "+latest+" as B where B.targetAddress=A.targetAddress"); + "on "+alert+" as A delete from "+latest+" as B where B.targetPort=A.targetPort"); } /** @@ -56,6 +56,7 @@ public static int[] getPeriod() { * @param period [period_lowPriority, period_highPriority] */ public static void setPeriod(int[] period) { + EPAdapter.destroy(); HorizontalPortScanCEP.period = period; } @@ -72,6 +73,7 @@ public static int[] getThreshold() { * @param threshold [threshold_lowPriority, threshold_highPriority] */ public static void setThreshold(int[] threshold) { + EPAdapter.destroy(); HorizontalPortScanCEP.threshold = threshold; } } diff --git a/src/main/java/CEP/PortScanDetector/VerticalPortScanCEP.java b/src/main/java/CEP/PortScanDetector/VerticalPortScanCEP.java index 875354d..4a494c8 100644 --- a/src/main/java/CEP/PortScanDetector/VerticalPortScanCEP.java +++ b/src/main/java/CEP/PortScanDetector/VerticalPortScanCEP.java @@ -60,6 +60,7 @@ public static int[] getPeriod() { * @param period [period_lowPriority, period_highPriority] */ public static void setPeriod(int[] period) { + EPAdapter.destroy(); VerticalPortScanCEP.period = period; } @@ -76,6 +77,7 @@ public static int[] getThreshold() { * @param threshold */ public static void setThreshold(int[] threshold) { + EPAdapter.destroy(); VerticalPortScanCEP.threshold = threshold; } } diff --git a/src/main/java/Dashboard/Dashboard.java b/src/main/java/Dashboard/Dashboard.java index 511b180..cb6aed6 100755 --- a/src/main/java/Dashboard/Dashboard.java +++ b/src/main/java/Dashboard/Dashboard.java @@ -1,11 +1,15 @@ package Dashboard; import CEP.PortScanDetector.Detector; +import CEP.PortScanDetector.HorizontalPortScanCEP; +import CEP.PortScanDetector.SinglePortScanCEP; +import CEP.PortScanDetector.VerticalPortScanCEP; import CEP.WebserverMonitor.ApacheAccessLogCEP; import CEP.WebserverMonitor.Monitor; import CEP.WebserverMonitor.NeptuneErrorLogCEP; import Utilities.DashboardAdapter; import Utilities.EPAdapter; +import com.espertech.esper.common.client.module.ParseException; import com.espertech.esper.compiler.client.EPCompileException; import com.espertech.esper.runtime.client.EPDeployException; import de.siegmar.fastcsv.writer.CsvWriter; @@ -375,8 +379,20 @@ public void actionPerformed(ActionEvent e) { NeptuneErrorLogCEP.setUserBaseScan_threshold(thresholds); NeptuneErrorLogCEP.setup(); } + case 4 : { + VerticalPortScanCEP.setPeriod(periods); + VerticalPortScanCEP.setThreshold(thresholds); + SinglePortScanCEP.setup(); + VerticalPortScanCEP.setup(); + } + case 5 : { + HorizontalPortScanCEP.setPeriod(periods); + HorizontalPortScanCEP.setThreshold(thresholds); + SinglePortScanCEP.setup(); + HorizontalPortScanCEP.setup(); + } } - } catch (EPCompileException | EPDeployException exception) { + } catch (EPCompileException | EPDeployException | IOException | ParseException exception) { exception.printStackTrace(); } }