📄 kddcup.c
字号:
vmnet,nntp,uucp_path,pop_3,pop_2,csnet_ns,iso_tsap,hostnames,supdup,link,ctf,
rje,remote_job,gopher,mtp,domain,whois,name,time,netstat,systat,daytime,
discard,echo,kshell,klogin,uucp,courier */
if (population[i].service!=-1) // service 0:http 1:smtp 2:private 3:ecr_i 4:other
{
switch(population[i].service)
{
case 0 : strcpy(tempstr,"http");break;
case 1 : strcpy(tempstr,"smtp");break;
case 2 : strcpy(tempstr,"private");break;
case 3 : strcpy(tempstr,"ecr_i");break;
default: strcpy(tempstr,"other");break;
}
if (stringcmp(kdata[j].service,tempstr)!=0)
continue;
}
if (population[i].flag!=-1)
{
switch(population[i].flag) // 5:SF 4:SH 3:S1 2:S0 1:REJ 0:RSTO
{
case 0 : strcpy(tempstr,"RSTO");break;
case 1 : strcpy(tempstr,"REJ");break;
case 2 : strcpy(tempstr,"S0");break;
case 3 : strcpy(tempstr,"S1");break;
case 4 : strcpy(tempstr,"SH");break;
case 5 : strcpy(tempstr,"SF");break;
}
if (stringcmp(kdata[j].flag,tempstr)!=0)
continue;
}
if (population[i].src_bytes!=-1 &&population[i].src_bytes!=kdata[j].src_bytes)
continue;
if (population[i].dst_bytes!=-1 &&population[i].dst_bytes!=kdata[j].src_bytes)
continue;
if (population[i].land!=-1 && (population[i].land!=kdata[j].land))
continue;
if (population[i].wrong_fragment!=-1 && (population[i].wrong_fragment!=kdata[j].wrong_fragment))
continue;
//if ((stringcmp(kdata[j].protocol_type,tempstr)!=0)
//{
// printf("没有跳出FOR循环!!!出现错误!!!");
// }//调试用
vcount++;
}
np=(float)vcount/(float) normalcount; // 计算染色体的适应度值
/* 规则个体对攻击文件匹配概率*/
vcount=0;
for (j=0;j<attackcount;j++) // 统计染色体与正常文本normal的匹配个数,匹配概率
{
if (population[i].duration!=-1 && population[i].duration!=ddata[j].duration)
continue; //continue控制跳出此次循环;j++后继续 而break则跳出了for循环
if (population[i].protocol_type!=-1)
{
switch(population[i].protocol_type)
{
case 0 : strcpy(tempstr,"tcp");break;
case 1 : strcpy(tempstr,"udp");break;
case 2 : strcpy(tempstr,"icmp");break;
}
if (stringcmp(ddata[j].protocol_type,tempstr)!=0)
continue;
}
/* 在kddcup中总结出 有这么多SERVICE
http,private,smtp,finger,domain_u,eco_i,ntp_u,auth,ecr_i,telnet,ftp,other,
ftp_data,ssh,ldap,netbios_dgm,netbios_ns,netbios_ssn,imap4,sql_net,Z39_50,bgp,
vmnet,nntp,uucp_path,pop_3,pop_2,csnet_ns,iso_tsap,hostnames,supdup,link,ctf,
rje,remote_job,gopher,mtp,domain,whois,name,time,netstat,systat,daytime,
discard,echo,kshell,klogin,uucp,courier */
if (population[i].service!=-1) // service 0:http 1:smtp 2:private 3:ecr_i 4:other
{
switch(population[i].service)
{
case 0 : strcpy(tempstr,"http");break;
case 1 : strcpy(tempstr,"smtp");break;
case 2 : strcpy(tempstr,"private");break;
case 3 : strcpy(tempstr,"ecr_i");break;
default: strcpy(tempstr,"other");break;
}
if (stringcmp(ddata[j].service,tempstr)!=0)
continue;
}
if (population[i].flag!=-1)
{
switch(population[i].flag) // 5:SF 4:SH 3:S1 2:S0 1:REJ 0:RSTO
{
case 0 : strcpy(tempstr,"RSTO");break;
case 1 : strcpy(tempstr,"REJ");break;
case 2 : strcpy(tempstr,"S0");break;
case 3 : strcpy(tempstr,"S1");break;
case 4 : strcpy(tempstr,"SH");break;
case 5 : strcpy(tempstr,"SF");break;
}
if (stringcmp(ddata[j].flag,tempstr)!=0)
continue;
}
if (population[i].src_bytes!=-1 &&population[i].src_bytes!=ddata[j].src_bytes)
continue;
if (population[i].dst_bytes!=-1 &&population[i].dst_bytes!=ddata[j].src_bytes)
continue;
if (population[i].land!=-1 && (population[i].land!=ddata[j].land))
continue;
if (population[i].wrong_fragment!=-1 && (population[i].wrong_fragment!=ddata[j].wrong_fragment))
continue;
//if ((stringcmp(kdata[j].protocol_type,tempstr)!=0)
//{
// printf("没有跳出FOR循环!!!出现错误!!!");
// }//调试用
vcount++;
}
ap=(float)vcount/(float) attackcount; // 计算染色体的适应度值
population[i].fitness=ap-np;
/*
printf(", the %d fitness : %f,",i,population[i].fitness);
*/
}
/* 打印种群中的个体适应度值
printf("\n\nthis is fitness:");
for(i = 0 ; i < POPSIZE ; i++)
{
printf("\n%d,%d,%d,%d,%d,%d,%d,%d\n",population[i].duration,population[i].protocol_type,population[i].service,population[i].flag,population[i].src_bytes,population[i].dst_bytes,population[i].land,population[i].wrong_fragment);
}
for(i = 0 ; i < POPSIZE ; i++)
{
printf("\n%f\n",population[i].fitness);
}
*/
}
int stringcmp(char *s1, char *s2) //比较字符串A[10]与B[10]的函数 因为strcmp(*s1,*s2) 函数不能比较字符串数组
{
while((*s1 == *s2)&& *s1&&(*s1!='\0')&&(*s2!='\0'))
{
s1++;
s2++;
}
return (*s1 - *s2);
}
void select()
{
int i,index;
double p,sum=0.0; //p存放随机概率,sum存放个体适应率和累计适应率
double cfitness[POPSIZE];
struct individual newpopulation[POPSIZE];
srand((unsigned) time(NULL));
for (i=0;i<POPSIZE;i++)
{
sum+=population[i].fitness;
population[i].fitness=sum;
}
for (i=0;i<POPSIZE;i++)
{
cfitness[i]=population[i].fitness/sum;
}
for (i=0;i<POPSIZE;i++) //for循环实现轮盘赌算法
{
p=rand()%1000/1000.0; //得到千分位小数
index=0;
while (p>cfitness[index])
{
index++;
}
newpopulation[i]=population[index]; //选出的个体组成新的一代,暂时存放于newpopulation[]中
}
for(i=0;i<POPSIZE;i++)
{
population[i]=newpopulation[i];
}
}
void cross()
{
int i,j;
int c1,c2,point,temp;
double p;
srand((unsigned) time(NULL));
j=0;
for (i=0;i<POPSIZE;i++)
{
p=rand()%1000/1000.0;
if (p<pc)
{
j=j+1;
if((j % 2)==0)
{
c2=i;
//p=rand()%1000/1000.0;单点交叉算法
point=rand()%(ATTRIB-1)+1;
if (point<=1)
{
temp=population[c2].protocol_type;
population[c2].protocol_type=population[c1].protocol_type;
population[c1].protocol_type=temp;
}
if (point<=2)
{
temp=population[c2].service;
population[c2].service=population[c1].service;
population[c1].service=temp;
}
if (point<=3)
{
temp=population[c2].flag;
population[c2].flag=population[c1].flag;
population[c1].flag=temp;
}
if (point<=4)
{
temp=population[c2].src_bytes;
population[c2].src_bytes=population[c1].src_bytes;
population[c1].src_bytes=temp;
}
if (point<=5)
{
temp=population[c2].dst_bytes;
population[c2].dst_bytes=population[c1].dst_bytes;
population[c1].dst_bytes=temp;
}
if (point<=6)
{
temp=population[c2].land;
population[c2].land=population[c1].land;
population[c1].land=temp;
}
if (point<=7)
{
temp=population[c2].wrong_fragment;
population[c2].wrong_fragment=population[c1].wrong_fragment;
population[c1].wrong_fragment=temp;
}
}
else
{
c1=i;
}
}
}
}
void mutation()
{
int i,t,k;
double p;
srand((unsigned)time (NULL));
for(i=0;i<POPSIZE;i++)
{
p=rand()%1000/1000.0;
if(p<pm)
{
k=rand()% ATTRIB ;
if (k==0)
{
if((t=rand()%10)>8)
{
population[i].duration=-1;//通配符 即什么都无所谓 在与KUPDATA匹配中跳过此项
}
else if(t<4)
{
population[i].duration=0;
}
else population[i].duration=rand()%300;// 随机初始化
}
if (k==1)
{
if((rand()%10)>8)
{
population[i].protocol_type=-1;
}
else
{
population[i].protocol_type=rand()%3;// 每一个数代表一种协议 0:TCP 1:UDP 2:ICMP
}
}
if (k==2)
{
if((rand()%10)>8)
{
population[i].service=-1;
}
else
{
population[i].service=rand()%5;// 总结一下常用的52种服务
}
}
if (k==3)
{
if(t=(rand()%10)>8)
{
population[i].flag=-1;
}
/* else if (t<4)
{
population[i].flag=5; // SF 较为常见
}*/
else
{
population[i].flag=rand()%5; // 总结一下常用的6种 5:SF 4:SH 3:S1 2:S0 1:REJ 0:RSTO
}
}
if (k==4)
{
if((rand()%10)>5) // 0.1 的概率为通配符
{
population[i].src_bytes=-1;
}
else
{
population[i].src_bytes=rand()%1500;
}
}
if (k==5)
{
if((rand()%10)>5) //0.1 的概率为通配符
{
population[i].dst_bytes=-1;
}
else
{
population[i].dst_bytes=rand()%15000;
}
}
if (k==6)
{
if((rand()%10)>8) //0.1 的概率为通配符
{
population[i].land=-1;
}
else
{
population[i].land=0;
}
}
if (k==7)
{
if((rand()%10)>8) //0.1 的概率为通配符
{
population[i].wrong_fragment=-1;
}
else
{
population[i].wrong_fragment=0;
}
}
}
}
}
void fbwest()
{
int i;
i=1;
worstindex=bestindex=0;
while(i<POPSIZE)
{
if(population[i].fitness>population[bestindex].fitness)
{
bestindex=i;
}
if(population[i].fitness<population[worstindex].fitness)
{
worstindex=i;
}
i++;
}
bestindividual=population[bestindex]; //这代种群中最差的个体
worstindividual=population[worstindex]; //这代种群中最差的个体
if (gen==0)
{
thebest=bestindividual;
}
else
{
if(bestindividual.fitness>=thebest.fitness) //这代种群中的最佳个体与以前保留的最最佳个体做比较
{
thebest=bestindividual;
}
else // 如果不如以前最最佳的个体,那么用最最佳个体替换掉这代种群中的最差个体
{
population[worstindex]=thebest;
}
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -