4 Commits 53309a97ca ... e5a87dc00b

Author SHA1 Message Date
  Patrick Jattke e5a87dc00b Extended prerequisites 8 years ago
  Patrick Jattke 77b92b4881 - Fixes returning the wrong packet count from DDoSAttack 8 years ago
  Patrick Jattke 29d6a99849 Merge branch 'development' of git.tk.informatik.tu-darmstadt.de:SPIN/ID2T-toolkit into development 8 years ago
  Patrick Jattke 078fd54731 - Improves the temporary attack pcap merging 8 years ago
4 changed files with 11 additions and 40 deletions
  1. 2 1
      README.md
  2. 2 1
      code/Attack/DDoSAttack.py
  3. 0 29
      code/CLI.py
  4. 7 9
      code/ID2TLib/Controller.py

+ 2 - 1
README.md

@@ -40,7 +40,8 @@ The following packages/libraries are required to compile the ID2T C++ modules
 The following python packages are required to run ID2T. Install the packages with your preferred package manager. For example, you can use pip3 (pip for python 3). Install pip3 in ubuntu with ``apt install python3-pip`` and install the packages with ``sudo pip3 install <packagename>``.
 The following python packages are required to run ID2T. Install the packages with your preferred package manager. For example, you can use pip3 (pip for python 3). Install pip3 in ubuntu with ``apt install python3-pip`` and install the packages with ``sudo pip3 install <packagename>``.
 * ``scapy`` (make sure its the python3 version)
 * ``scapy`` (make sure its the python3 version)
 * ``lea``
 * ``lea``
-* ``SciPy Stack` (see [installation instructions](https://www.scipy.org/install.html))
+* ``matplotlib``
+* ``SciPy Stack`` (see [installation instructions](https://www.scipy.org/install.html))
 
 
 #### Notes on the Minimum Package Versions
 #### Notes on the Minimum Package Versions
 The minimum version stated in the previous requirements are the versions we have used in the development of ID2T. Other (older) versions might also work; however, we cannot guarantee nor support them. Furthermore, some compilation scripts would need to be manually modified to accommodate these older versions.
 The minimum version stated in the previous requirements are the versions we have used in the development of ID2T. Other (older) versions might also work; however, we cannot guarantee nor support them. Furthermore, some compilation scripts would need to be manually modified to accommodate these older versions.

+ 2 - 1
code/Attack/DDoSAttack.py

@@ -193,4 +193,5 @@ class DDoSAttack(BaseAttack.BaseAttack):
         self.attack_end_utime = last_packet.time
         self.attack_end_utime = last_packet.time
 
 
         # return packets sorted by packet time_sec_start
         # return packets sorted by packet time_sec_start
-        return pkt_num, path_attack_pcap
+        # pkt_num+1: because pkt_num starts at 0
+        return pkt_num + 1, path_attack_pcap

+ 0 - 29
code/CLI.py

@@ -92,7 +92,6 @@ class CLI(object):
 
 
         self.process_arguments()
         self.process_arguments()
 
 
-
 def main(args):
 def main(args):
     """
     """
     Creates a new CLI object and invokes the arguments parsing.
     Creates a new CLI object and invokes the arguments parsing.
@@ -103,34 +102,6 @@ def main(args):
     # Check arguments
     # Check arguments
     cli.parse_arguments(args)
     cli.parse_arguments(args)
 
 
-
 # Uncomment to enable calling by terminal
 # Uncomment to enable calling by terminal
 if __name__ == '__main__':
 if __name__ == '__main__':
     main(sys.argv[1:])
     main(sys.argv[1:])
-
-# if __name__ == '__main__':
-#     INPUT = ['-i']
-#
-#     #    FILES = ['/root/datasets/201506021400_1G.pcap',
-#     #             '/root/datasets/201506021400_2G.pcap',
-#     #             '/root/datasets/201506021400_5G.pcap']
-#
-#     # FILES = ['/mnt/hgfs/datasets/201506021400_2G.pcap']
-#
-#     FILES = ['/home/pjattke/temp/test_me_short.pcap']
-#
-#     ATTACK_PS = ['-a', 'PortscanAttack', 'ip.src=10.2.2.4', 'mac.dst=05:AB:47:B5:19:11',
-#                  'inject.at-timestamp=1449038705.316721', 'attack.note=Portscan2']
-#     ATTACK_PS2 = ['-a', 'PortscanAttack', 'port.dst=1-1024', 'ip.src=3.3.3.3']
-#     ATTACK_DD = ['-a', 'DDoSAttack', 'ip.dst=9.9.9.9', 'attackers.count=10', 'packets.limit=100']
-#
-#     STATS_RECALC = ['-r']
-#     STATS_PRINT = ['-s']
-#     STATS_PLOT = ['-p']
-#
-#     QUERY_MODE_LOOP = ['-q']
-#     QUERY_DB = ['-q', 'ipAddress(pktsSent > 1000, kbytesSent >= 20)']
-#
-#     for f in FILES:
-#         main(INPUT + [f] + ATTACK_PS2 + ATTACK_DD)  # Statistics Calculation
-#         #main(INPUT + ATTACK_DD)  # Attack Packet Generation -> insert exit() | Merging

+ 7 - 9
code/ID2TLib/Controller.py

@@ -55,26 +55,24 @@ class Controller:
         if len(self.written_pcaps) > 1:
         if len(self.written_pcaps) > 1:
             print("\nMerging temporary attack pcaps into single pcap file...", end=" ")
             print("\nMerging temporary attack pcaps into single pcap file...", end=" ")
             sys.stdout.flush()  # force python to print text immediately
             sys.stdout.flush()  # force python to print text immediately
-            attack_pcap_file = PcapFile(self.written_pcaps[0])
-            for attack in self.written_pcaps[1:]:
-                all_attacks_pcap = attack_pcap_file.merge_attack(attack)
-                os.remove(attack)  # remove merged pcap
-                # Create new PcapFile object for next iteration
-                attack_pcap_file = PcapFile(all_attacks_pcap)
+            for i in range(0, len(self.written_pcaps) - 1):
+                attacks_pcap = PcapFile(self.written_pcaps[i])
+                attacks_pcap_path = attacks_pcap.merge_attack(self.written_pcaps[i + 1])
+                os.remove(self.written_pcaps[i + 1])  # remove merged pcap
             print("done.")
             print("done.")
         else:
         else:
-            all_attacks_pcap = self.written_pcaps[0]
+            attacks_pcap_path = self.written_pcaps[0]
 
 
         # merge single attack pcap with all attacks into base pcap
         # merge single attack pcap with all attacks into base pcap
         print("Merging base pcap with single attack pcap...", end=" ")
         print("Merging base pcap with single attack pcap...", end=" ")
         sys.stdout.flush()  # force python to print text immediately
         sys.stdout.flush()  # force python to print text immediately
-        self.pcap_dest_path = self.pcap_file.merge_attack(all_attacks_pcap)
+        self.pcap_dest_path = self.pcap_file.merge_attack(attacks_pcap_path)
         print("done.")
         print("done.")
 
 
         # delete intermediate PCAP files
         # delete intermediate PCAP files
         print('Deleting intermediate attack pcap...', end="")
         print('Deleting intermediate attack pcap...', end="")
         sys.stdout.flush()  # force python to print text immediately
         sys.stdout.flush()  # force python to print text immediately
-        os.remove(all_attacks_pcap)
+        os.remove(attacks_pcap_path)
         print("done.")
         print("done.")
 
 
         # write label file with attacks
         # write label file with attacks