================================================================
		README: Creditability-based Weighted Voting (CWV)		
================================================================

Author: whtai
Date: 2011-06-03
Description: This is an implementation of whtai's thesis

================================================================


Installation
------------
Set up a database server, e.g., MySQL.

Procedure
---------
1. Create two files with pcap_id information.
	One for training, e.g., "HTTP_training_sample.txt".
	One for processing, e.g., "HTTP_processing_sample.txt".

2. Create a database, e.g., "HTTP_sample".
	
3. Database side: Set up training pcaps information in "pcapInfo" table.
	(1) CREATE TABLE pcapInfo(pcap_id BIGINT(10), msg VARCHAR(300), dev_name VARCHAR(30), timestamp VARCHAR(20), ver_id BIGINT(10), firmware_ver VARCHAR(300), signature_ver VARCHAR(300), confirm INT(4));
	(2) Use "setup_pcap_info": 
		Scan a directory to get pcap_id information.
		Select from database "pcap_lib" and insert into database "HTTP_sample".
		---> Example: ./setup_pcap_info -d '/home/dvd/thesis/CWV/data/training'
	(3) Use "update_confirm": 
		Update the manual judgement of pcaps to the database.
		---> Example: ./update_confirm -f './data/training/HTTP_training_sample.txt'
		
4. Database side: Set up alert message data in "statistics_msg" table.
	(1) CREATE TABLE statistics_msg(msg VARCHAR(300), dev_name VARCHAR(30), tp INT(4), fp INT(4), total INT(4));
	(2) Use "setup_alert_msg":
		Select from table "pcapInfo" and do the statistics of TP and FP of alert messages. 
		Insert into table "statistics_msg".
		
5. Database side: Set up processing pcaps information in "pcapInfo" table.
	(1) Use "setup_pcap_info": 
		Scan a directory to get pcap_id information.
		Select from database "pcap_lib" and insert into database "HTTP_sample".
		---> Example: ./setup_pcap_info -d '/home/dvd/thesis/CWV/data/processing'
	(2) Use "update_confirm": 
		Update the manual judgement of pcaps to the database.
		---> Example: ./update_confirm -f './data/processing/HTTP_processing_sample.txt'
		
6. CWV process: Decide traces one by one, then summarize the result.
	(1) Use "cwv" with some necessary options:
		-T, training data file, e.g., "./data/training/HTTP_training_sample.txt".
		-P, processing data file, e.g., "./data/processing/HTTP_processing_sample.txt".
		-H, database server host.
		-u, user name for database connection.
		-p, password for database connection.
		-D, database name.

Example
-------
./cwv -T './data/training/HTTP_training_sample.txt' -P './data/processing/HTTP_processing_sample.txt' -H '127.0.0.1' -u 'root' -p '9856514' -D 'HTTP_sample'
