Autopsy  4.19.3
Graphical digital forensics platform for The Sleuth Kit and other tools.
Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | List of all members
org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer Class Reference

Inherits org.sleuthkit.autopsy.url.analytics.DomainCategorizer.

Public Member Functions

synchronized void close () throws Exception
 
synchronized DomainCategory getCategory (String domain, String host) throws DomainCategorizerException
 
synchronized void initialize () throws DomainCategorizerException
 

Private Member Functions

synchronized boolean isInitialized ()
 

Static Private Member Functions

static void addItem (Map< String, String > mapping, String line, int lineNumber)
 
static Map< String, String > loadMapping () throws IOException
 

Private Attributes

Map< String, String > mapping = null
 

Static Private Attributes

static final String COMMENT_PREFIX = "#"
 
static final String CSV_DELIMITER = ","
 
static final String DOMAIN_TYPE_CSV = "default_domain_categories.csv"
 
static final Logger logger = Logger.getLogger(DefaultDomainCategorizer.class.getName())
 

Detailed Description

The default domain category provider that makes use of the default csv resource. This implementation is used if no other DomainCategorizer can determine a category for a host/domain entry.

CSV entries describing these domain types are compiled from sources. webmail: https://github.com/mailcheck/mailcheck/wiki/List-of-Popular-Domains disposable mail: https://www.npmjs.com/package/disposable-email-domains messaging: https://www.raymond.cc/blog/list-of-web-messengers-for-your-convenience/

NOTE: The (at)SuppressWarnings("try") on the class is to suppress warnings relating to the fact that the close method can throw an InterruptedException since Exception can encompass the InterruptedException. See the following github issue and bugs for more information: https://github.com/joyent/java-manta/issues/322#issuecomment-326391239, https://bugs.openjdk.java.net/browse/JDK-8155591, https://bugs.eclipse.org/bugs/show_bug.cgi?id=350279.

Definition at line 57 of file DefaultDomainCategorizer.java.

Member Function Documentation

static void org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.addItem ( Map< String, String >  mapping,
String  line,
int  lineNumber 
)
staticprivate

Adds a mapping of domain suffix to category based on the csv line found in the file.

Parameters
mappingThe suffix to category mapping.
lineThe line to be parsed.
lineNumberThe line number of this csv line.

Definition at line 98 of file DefaultDomainCategorizer.java.

synchronized void org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.close ( ) throws Exception

These providers close methods are explicitly called when ingest is finished. Conceivably, the same instance of this class may have this method called multiple times and should handle that possibility gracefully.

Exceptions
Exception

Implements org.sleuthkit.autopsy.url.analytics.DomainCategorizer.

Definition at line 181 of file DefaultDomainCategorizer.java.

synchronized DomainCategory org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.getCategory ( String  domain,
String  host 
) throws DomainCategorizerException

Provides the DomainCategory for a given domain/host or null if none can be determined.

Parameters
domainThe domain of the url.
hostThe host of the url.
Returns
The domain category if the domain/host combination was found or null if not.

Implements org.sleuthkit.autopsy.url.analytics.DomainCategorizer.

Definition at line 154 of file DefaultDomainCategorizer.java.

synchronized void org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.initialize ( ) throws DomainCategorizerException

Initializes this provider in preparation to handle 'getCategory' requests during ingest. Conceivably, the same instance of this class may have this called multiple times and should handle that possibility gracefully.

Exceptions
DomainCategorizerException

Implements org.sleuthkit.autopsy.url.analytics.DomainCategorizer.

Definition at line 132 of file DefaultDomainCategorizer.java.

synchronized boolean org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.isInitialized ( )
private

Returns true if this categorizer is properly initialized.

Returns
True if this categorizer is properly initialized.

Definition at line 149 of file DefaultDomainCategorizer.java.

static Map<String, String> org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.loadMapping ( ) throws IOException
staticprivate

Loads the domain suffixes from the csv resource file into a mapping of domain suffix to category name.

Returns
The mapping.
Exceptions
IOException

Definition at line 71 of file DefaultDomainCategorizer.java.

Member Data Documentation

final String org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.COMMENT_PREFIX = "#"
staticprivate

Definition at line 59 of file DefaultDomainCategorizer.java.

final String org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.CSV_DELIMITER = ","
staticprivate

Definition at line 60 of file DefaultDomainCategorizer.java.

final String org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.DOMAIN_TYPE_CSV = "default_domain_categories.csv"
staticprivate

Definition at line 61 of file DefaultDomainCategorizer.java.

final Logger org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.logger = Logger.getLogger(DefaultDomainCategorizer.class.getName())
staticprivate

Definition at line 62 of file DefaultDomainCategorizer.java.

Map<String, String> org.sleuthkit.autopsy.recentactivity.DefaultDomainCategorizer.mapping = null
private

Definition at line 129 of file DefaultDomainCategorizer.java.


The documentation for this class was generated from the following file:

Copyright © 2012-2022 Basis Technology. Generated on: Sun Sep 25 2022
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.