//    Copyright © 2010 IRL at Texas A&M University (http://irl.cse.tamu.edu)
//
//    This file is part of IRL Snacktime.
//
//    IRL Snacktime is free software: you can redistribute it and/or modify
//    it under the terms of the GNU Lesser General Public License as published by
//    the Free Software Foundation, either version 3 of the License, or
//    (at your option) any later version.
//
//    IRL Snacktime is distributed in the hope that it will be useful,
//    but WITHOUT ANY WARRANTY; without even the implied warranty of
//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//    GNU Lesser General Public License for more details
//    http://www.gnu.org/licenses/lgpl.txt.
//
//    Contact:
//	Dmitri Loguinov (dmitri@cse.tamu.edu)
//
//    Data and signatures:
//	http://irl.cse.tamu.edu/projects/sampling
//
//    Publication:
//	D. Leonard and D. Loguinov, "Demystifying Service Discovery: 
//	Implementing an Internet-Wide Scanner," ACM IMC, November 2010.
//
#include <windows.h>
#include <stdio.h>
#include <map>
#include <math.h>
#include <fstream>
#include <string>

using namespace std;

class signature_data{
public:
	unsigned __int8 id;
	unsigned __int16 tcp_window;
	unsigned __int8 ip_ttl;
	unsigned __int8 num_delays;
	double *delays;

	signature_data():id(0),tcp_window(0),ip_ttl(0),num_delays(0),delays(NULL){}
};

class input_data{
public:
	unsigned __int16 tcp_window;
	unsigned __int8 ip_ttl;
	unsigned __int32 num_delays;
	unsigned __int32 max_delays;
	double *delays;

	input_data():tcp_window(0),ip_ttl(0),num_delays(0),delays(NULL){
		max_delays = 1024;
		delays = new double[max_delays];
	}
};

void main(){
	//Generates distribution of fingerprints for a given set of input data
	FILE *sigs;
	if( fopen_s(&(sigs), "input_signatures.dat", "rb") != 0 ){
		printf("error input_signatures.dat\n");
		return;
	}

	unsigned __int32 num_signatures = 98;
	signature_data **signatures = new signature_data*[num_signatures];
	ZeroMemory(signatures, num_signatures*sizeof(signature_data*));
	while( ! feof(sigs) ){
		signature_data *new_sig = new signature_data();
		if( fread(&(new_sig->id), sizeof(new_sig->id), 1, sigs) != 1 )
			break;
		if( fread(&(new_sig->tcp_window), sizeof(new_sig->tcp_window), 1, sigs) != 1 )
			break;
		if( fread(&(new_sig->ip_ttl), sizeof(new_sig->ip_ttl), 1, sigs) != 1 )
			break;
		if( fread(&(new_sig->num_delays), sizeof(new_sig->num_delays), 1, sigs) != 1 )
			break;
		new_sig->delays = new double[new_sig->num_delays];
		if( fread(new_sig->delays, sizeof(double), new_sig->num_delays, sigs) != new_sig->num_delays )
			break;
		if( new_sig->id < num_signatures && signatures[new_sig->id] == NULL )
			signatures[new_sig->id] = new_sig;
		else
			printf("error in signatures!\n");
	}
	if( signatures[num_signatures-1] == NULL )
		printf("incorrect number of signatures!\n");

	FILE *data;
	if( fopen_s(&(data), "input_ip_data.dat", "rb") != 0 )
		printf("error input_ip_data.dat\n");

	map<unsigned __int8, unsigned __int32> sig_totals;
	input_data cur;
	unsigned __int32 processed_count = 0;

	while( ! feof(data) ){
		if( fread(&(cur.tcp_window), sizeof(cur.tcp_window), 1, data) != 1 )
			break;
		if( fread(&(cur.ip_ttl), sizeof(cur.ip_ttl), 1, data) != 1 )
			break;
		if( fread(&(cur.num_delays), sizeof(cur.num_delays), 1, data) != 1 )
			break;
		if( cur.num_delays > cur.max_delays ){
			double *del = cur.delays;
			cur.max_delays = cur.num_delays;
			cur.delays = new double[cur.max_delays];
			delete[] del;
		}
		if( fread(cur.delays, sizeof(double), cur.num_delays, data) != cur.num_delays )
			break;
			
		unsigned __int32 max_score = 0;
		__int32 max_signature_id = -1;
		bool tie = false;
		for( unsigned int i=0; i<num_signatures; i++ ){
			signature_data *cur_signature = signatures[i];

			if( cur_signature->num_delays == cur.num_delays ){
				unsigned __int32 cur_score = 1;
				if( cur_signature->tcp_window == cur.tcp_window )
					cur_score+=3;
				if( cur.ip_ttl <= cur_signature->ip_ttl ){
					cur_score++;
					if( cur.ip_ttl >= (cur_signature->ip_ttl-32) )
						cur_score++;
				}

				for( unsigned int j=0; j<cur.num_delays; j++ ){
					double diff = fabs(cur.delays[j]-cur_signature->delays[j]);
					if( diff < 1.0 ){
						if( diff == 0 )
							cur_score+=1;
						else{
							unsigned __int32 add_score = ((unsigned __int32)(fabs(log10(diff))))+1;
							if( add_score > 1 )
								add_score = 1;
							cur_score+=add_score;
						}
					}
				}

				if( cur_score > max_score ){
					max_score = cur_score;
					max_signature_id = cur_signature->id;
					tie = false;
				}else if( cur_score == max_score && max_score > 1 ){
					tie = true;
				}
			}
		}
		if( max_signature_id == 0 && max_score < 6 ){
			max_score = 0;
			max_signature_id = -1;
		}
		if( max_score > 0 && max_signature_id != -1 )
			sig_totals[max_signature_id]++;
		processed_count++;
		if( ! (processed_count%1000000) )
			printf("%u\n", processed_count);
	}
	printf("%u\n", processed_count);

	ifstream in("sig_map.txt");
	map<unsigned __int8, string> id_os_map;
	while( ! in.eof() ){
		unsigned __int16 input;
		unsigned __int8 id;
		string os_name;
		in>>input;
		id = (unsigned __int8)input;
		in>>os_name;
		id_os_map[id] = os_name;
	}
	
	ofstream out("signature_distribution.txt");
	map<unsigned __int8, unsigned __int32>::const_iterator it;
	out<<"OS\tnum"<<endl;
	for( it = sig_totals.begin(); it != sig_totals.end(); ++it )
		out<<id_os_map[it->first]<<"\t"<<it->second<<endl;
	out.close();
}

/*void main(){
	//convert text-based signatures to binary for use in above code
	ifstream in("raw_signatures.txt");

	FILE *sig_dump;
	if( fopen_s(&(sig_dump), "input_signatures.dat", "wb") != 0 )
		printf("error input_signatures.dat\n");

	unsigned __int8 count = 0;
	while( ! in.eof() ){
		unsigned __int8 id;
		unsigned __int16 tcp_window;
		unsigned __int8 ip_ttl;
		unsigned __int8 num_delays;
		double delay;

		unsigned __int16 input;
		in>>input;
		id = (unsigned __int8)input;
		if( id != count ){
			printf("error!!\n");
			break;
		}
		fwrite(&id, sizeof(id), 1, sig_dump);
		in>>tcp_window;
		fwrite(&tcp_window, sizeof(tcp_window), 1, sig_dump);
		in>>input;
		ip_ttl = (unsigned __int8)input;
		fwrite(&ip_ttl, sizeof(ip_ttl), 1, sig_dump);
		in>>input;
		num_delays = (unsigned __int8)input;
		fwrite(&num_delays, sizeof(num_delays), 1, sig_dump);
		for( unsigned int i=0; i<num_delays; i++ ){
			delay = 0;
			in>>delay;
			fwrite(&delay, sizeof(delay), 1, sig_dump);
		}
		count++;
	}
	fclose(sig_dump);
}*/