|
|
@@ -109,7 +109,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
Param.NAT_PRESENT: ParameterTypes.TYPE_BOOLEAN,
|
|
|
|
|
|
# the base PCAP for the TTL distribution
|
|
|
- Param.TTL_FROM_OTHER: ParameterTypes.TYPE_BOOLEAN
|
|
|
+ Param.TTL_FROM_CAIDA: ParameterTypes.TYPE_BOOLEAN
|
|
|
}
|
|
|
|
|
|
# create dict with MessageType values for fast name lookup
|
|
|
@@ -153,7 +153,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
self.add_param_value(Param.PACKET_PADDING, 20)
|
|
|
|
|
|
# choose the input PCAP as default base for the TTL distribution
|
|
|
- self.add_param_value(Param.TTL_FROM_OTHER, False)
|
|
|
+ self.add_param_value(Param.TTL_FROM_CAIDA, False)
|
|
|
|
|
|
|
|
|
def generate_attack_pcap(self, context):
|
|
|
@@ -313,16 +313,16 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
bot_configs[bot]["TTL"] = self.statistics.process_db_query("most_used(ttlValue)")
|
|
|
|
|
|
|
|
|
- def assign_ttls_from_bigpcap(bot_configs):
|
|
|
+ def assign_ttls_from_caida(bot_configs):
|
|
|
"""
|
|
|
- Assign realistic TTL values to bots with respect to their IP, based on oc48-mfn.dirB.20030424-074500.UTC.anon.pcap .
|
|
|
+ Assign realistic TTL values to bots with respect to their IP, based on the CAIDA dataset.
|
|
|
If there exists an entry for a bot's IP, the TTL is chosen based on a distribution over all used TTLs by this IP.
|
|
|
If there is no such entry, the TTL is chosen based on a distribution over all used TTLs and their respective frequency.
|
|
|
|
|
|
:param bot_configs: the existing bot configurations
|
|
|
"""
|
|
|
# Mapping IP to ASN: http://www.team-cymru.org/IP-ASN-mapping.html
|
|
|
- # Why not assign TTLs for unknown input PCAP IPs like this?
|
|
|
+ # Why not assign TTLs for unknown IPs like this?
|
|
|
|
|
|
def get_ip_ttl_distrib():
|
|
|
"""
|
|
|
@@ -330,7 +330,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
:return: returns a dict with the IPs as keys and dicts for their TTL disribution as values
|
|
|
"""
|
|
|
ip_based_distrib = {}
|
|
|
- with open("resources/TTL_distrib_perIP.csv", "r") as file:
|
|
|
+ with open("resources/CaidaTTL_perIP.csv", "r") as file:
|
|
|
# every line consists of: IP, TTL, Frequency
|
|
|
next(file) # skip CSV header line
|
|
|
for line in file:
|
|
|
@@ -348,7 +348,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
"""
|
|
|
|
|
|
total_ttl_distrib = {}
|
|
|
- with open("resources/TTL_distrib_total.csv", "r") as file:
|
|
|
+ with open("resources/CaidaTTL_total.csv", "r") as file:
|
|
|
# every line consists of: TTL, Frequency, Fraction
|
|
|
next(file) # skip CSV header line
|
|
|
for line in file:
|
|
|
@@ -357,7 +357,7 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
|
|
|
return total_ttl_distrib
|
|
|
|
|
|
- # get the TTL distribution for every IP that is available in "resources/TTL_distrib_perIP.csv"
|
|
|
+ # get the TTL distribution for every IP that is available in "resources/CaidaTTL_perIP.csv"
|
|
|
ip_ttl_distrib = get_ip_ttl_distrib()
|
|
|
# build a probability dict for the total TTL distribution
|
|
|
total_ttl_prob_dict = Lea.fromValFreqsDict(get_total_ttl_distrib())
|
|
|
@@ -528,8 +528,8 @@ class MembersMgmtCommAttack(BaseAttack.BaseAttack):
|
|
|
# print(bot_configs)
|
|
|
|
|
|
# assign realistic TTL for every bot
|
|
|
- if self.get_param_value(Param.TTL_FROM_OTHER):
|
|
|
- assign_ttls_from_bigpcap(bot_configs)
|
|
|
+ if self.get_param_value(Param.TTL_FROM_CAIDA):
|
|
|
+ assign_ttls_from_caida(bot_configs)
|
|
|
else:
|
|
|
assign_realistic_ttls(bot_configs)
|
|
|
|
dustin.born