Beispiel #1
0
def eval_pcap(pcap, labels, time_const, label=None, rnn_size=100, model_path='/models/OneLayerModel.pkl', model_type='RandomForest'):
    logger = logging.getLogger(__name__)
    try:
        if 'LOG_LEVEL' in os.environ and os.environ['LOG_LEVEL'] != '':
            logger.setLevel(os.environ['LOG_LEVEL'])
    except Exception as e:
        logger.error(
            'Unable to set logging level because: {0} defaulting to INFO.'.format(str(e)))
    data = create_dataset(pcap, time_const, label=label,
                          model_path=model_path, model_type=model_type)
    # Create an iterator
    iterator = BatchIterator(
        data,
        labels,
        perturb_types=['random data']
    )
    logger.debug('Created iterator')
    rnnmodel = SoSModel(rnn_size=rnn_size, label_size=len(labels))
    logger.debug('Created model')
    rnnmodel.load(os.path.join(working_set.find(Requirement.parse(
        'poseidonml')).location, 'poseidonml/models/SoSmodel'))
    logger.debug('Loaded model')

    X_list = iterator.X
    L_list = iterator.L
    sessions = iterator.sessions

    num_total = 0
    max_score = 0
    scores = {}
    for i, X in enumerate(X_list):
        L = L_list[i]
        out = rnnmodel.get_output(
            np.expand_dims(X, axis=0),
            np.expand_dims(L, axis=0),
        )
        for j, o in enumerate(out):
            for k, s in enumerate(o):
                num_total += 1
                session = sessions[i][k]['session info']
                p = session['protocol']
                if p == '06':
                    p = 'TCP'
                if p == '17':
                    p = 'UDP'
                if p == '01':
                    p = 'ICMP'
                flowlike = p + ' '
                if session['initiated by source']:
                    flowlike += session['source']+' to '+session['destination']
                else:
                    flowlike += session['destination']+' to '+session['source']
                scores[num_total] = str(s)
                if s > max_score:
                    max_score = s

    logger.info(max_score)
    return max_score
Beispiel #2
0
        data = create_dataset(data_dir, time_const)
        write_dir = sys.argv[2]
        logger.info('Saving data to %s', write_dir)
        with open(write_dir, 'wb') as handle:
            pickle.dump(data, handle, protocol=pickle.HIGHEST_PROTOCOL)
    else:
        data = data_dir

    logger.info('Loaded training data')
    # Create an iterator
    iterator = BatchIterator(
        data,
        labels,
        perturb_types=['random data', 'port swap', 'direction_swap'])
    logger.info('Created iterator')
    rnnmodel = SoSModel(rnn_size=100, label_size=len(labels))
    logger.info('Created model')
    try:
        rnnmodel.load('/models/SoSmodel')
        logger.info('Loaded model')
    except Exception as e:
        rnnmodel.initialize()
        logger.info('Initialized model')

    X_v, L_v, Y_v = iterator.gen_batch(split='validation', batch_size=64)

    cost = rnnmodel.get_cost(X_v, L_v, Y_v)
    out = rnnmodel.get_output(X_v, L_v)

    logger.info('Initial validation cost: %s', np.mean(cost))
    min_cost = cost