neo4j学习

参加软件杯学则的赛题为网络攻击朔源分析，通过在网上查找资料，发现普通的mysql数据库并不能很好的反应网络攻击的链条状态，但是使用neo4j图数据库便能较好的构建网络攻击中攻击方与被攻击方的关系，并且能够更加直观的查看网路攻击链条，进行网络攻击的朔源。

因此，从今天开始进行neo4j的相关学习。

neo4j的查询语言与一般的sql语言有很大的差距

清空neo4j中所有数据

MATCH (n)
OPTIONAL MATCH (n)-[r]-()
DELETE n,r

 

测试在neo4j数据库中添加有关网络攻击的数据

@Query("MERGE (n:computer {IP:$from} ) " +
            "MERGE (m:computer {IP:$to}) " +
            "CREATE (n)-[:关系 {relation:$relation}]->(m)")
    void createRelation(@Param("from") String from, @Param("relation") String relation, @Param("to") String to);

    @Query("match p = (m:computer)-[edge]->(n:computer) WHERE m.group > '0' AND  n.group > '0' return p")
    List<AttackRelationShip> searchAllRelationShip();




    @Query("match (m:computer) where m.group > '0' return m")
    List<Computer> searchAllComputer();

    @Query("match p = (m:computer)-[edge]->(n:computer) WHERE m.group = '0' AND  n.group = '0' return p")
    List<AttackRelationShip> searchAllRelationShip2();


    @Query("match (m:computer) where m.group = '0' return m")
    List<Computer> searchAllComputer2();

    @Query("match (m)-[edge]-(n) where n.name=$entityName return m,edge,n")
    Map<String, Object> searchAllByName(@Param("entityName") String entityName);


    @Query("MERGE (n:computer {IP:$from,group:$group} ) " +
            "MERGE (m:computer {IP:$to,group:$group}) " +
            "CREATE (n)-[:关系 {relation:$relation,time:$time,attackTimes:$attackTimes,weight:$weight}]->(m)")
    void createRelation2(@Param("group") String group, @Param("from") String from, @Param("relation") String relation, @Param("time")LocalDateTime time,@Param("attackTimes")int attackTimes,@Param("weight")int weight, @Param("to") String to);

package com.a1_new;


import com.a1_new.dao.AGRepository;
import com.a1_new.dao.PersonRelationShipRepository;
import com.a1_new.dao.PersonRepository;
import com.a1_new.entity.Attack;
import org.junit.jupiter.api.Test;
import org.neo4j.driver.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;


import java.util.*;
@SpringBootTest
public class allGraph {


    @Autowired
    PersonRepository personRepository;

    @Autowired
    PersonRelationShipRepository personRelationShipRepository;

    @Autowired
    AGRepository agRepository;

    private static List<Attack> mockAttacks() {
        List<Attack> attacks = new ArrayList<>();
        // 添加攻击事件（按时间顺序）
//        attacks.add(new Attack("1", "B", "2024-04-29 18:27:49", "Type1", "A"));
//        attacks.add(new Attack("2", "C", "2024-04-29 18:27:55", "Type2", "B"));
//        attacks.add(new Attack("3", "A", "2024-04-29 18:29:01", "Type1", "C"));
//        attacks.add(new Attack("4", "E", "2024-04-29 18:29:10", "Type3", "F"));
//        attacks.add(new Attack("5", "F", "2024-04-29 18:29:15", "Type2", "B"));
//        attacks.add(new Attack("6", "123", "2024-04-29 18:29:20", "Type2", "F"));
//        attacks.add(new Attack("7", "123", "2024-04-30 18:29:20", "Type2", "F"));
        return attacks;
    }



    @Test
    public void test() {
        List<Attack> attacks = mockAttacks();

        String group=null;


        // 打印溯源结果
        for (int i = 0; i < attacks.size(); i++) {

            Attack attack = attacks.get(i);
            System.out.println(attack.toString());
            group= String.valueOf(0);
            //agRepository.createRelation2(group,attack.getAttackIp(), attack.getAlarmType(),attack.getAttackTime(), attack.getPrivateIp());
            System.out.println("添加了"+group+attack.getAttackIp()+attack.getAlarmType()+ attack.getPrivateIp());

        }


    }

}