Ejemplo n.º 1
0
class Kitsune:
    def __init__(
        self,
        file_path,
        limit,
        max_autoencoder_size=10,
        FM_grace_period=None,
        AD_grace_period=10000,
        learning_rate=0.1,
        hidden_ratio=0.75,
    ):
        #init packet feature extractor (AfterImage)
        self.FE = FE(file_path, limit)

        #init Kitnet
        self.AnomDetector = KitNET(self.FE.get_num_features(),
                                   max_autoencoder_size, FM_grace_period,
                                   AD_grace_period, learning_rate,
                                   hidden_ratio)

    def proc_next_packet(self):
        # create feature vector
        x = self.FE.get_next_vector()
        if len(x) == 0:
            return -1  #Error or no packets left

        # process KitNET
        return self.AnomDetector.process(
            x
        )  # will train during the grace periods, then execute on all the rest.
Ejemplo n.º 2
0
    def __init__(
        self,
        file_path,
        limit,
        max_autoencoder_size=10,
        FM_grace_period=None,
        AD_grace_period=10000,
        learning_rate=0.1,
        hidden_ratio=0.75,
    ):
        #init packet feature extractor (AfterImage)
        self.FE = FE(file_path, limit)

        #init Kitnet
        self.AnomDetector = KitNET(self.FE.get_num_features(),
                                   max_autoencoder_size, FM_grace_period,
                                   AD_grace_period, learning_rate,
                                   hidden_ratio)
Ejemplo n.º 3
0
def train_normal():
    # File location
    path = "../kitsune_dataset/wiretap_normal_hostonly.csv" #the pcap, pcapng, or tsv file to process.
    packet_limit = np.Inf #the number of packets to process

    # KitNET params:
    maxAE = 10 #maximum size for any autoencoder in the ensemble layer
    FMgrace = 10000 #the number of instances taken to learn the feature mapping (the ensemble's architecture)
    ADgrace = 740000 #the number of instances used to train the anomaly detector (ensemble itself)

    # Build Kitsune
    K = KitNET(100,maxAE,FMgrace,ADgrace,0.1,0.75)

    input_file=open(path, "r")
    input_file.readline()
    count=0


    tbar=tqdm()
    rmse=[]
    while True:
        feature_vector=input_file.readline()
        fv=feature_vector.rstrip().split(",")


        if len(fv)==101:
            fv=fv[:-1]
        fv=np.array(fv, dtype="float")
        res=K.process(fv)
        count+=1
        tbar.update(1)
        if count>FMgrace+ADgrace:
            break


    # save

    model_path="../models/kitsune_video_ho.pkl"
    with open(model_path, "wb") as of:
        pickle.dump(K, of)