Esempi in Python per Utility.get_interval_pps

Esempio n. 1

File: test_Utility.py Progetto: tklab-tud/ID2T

 def test_get_interval_pps_below_max(self):
     cipps = [(5, 1), (10, 2), (15, 3)]
     self.assertEqual(Utility.get_interval_pps(cipps, 3), 1)
     self.assertEqual(Utility.get_interval_pps(cipps, 7), 2)
     self.assertEqual(Utility.get_interval_pps(cipps, 12), 3)

Esempio n. 2

    def generate_attack_packets(self):
        """
        Creates the attack packets.
        """
        # Timestamp
        timestamp_next_pkt = self.get_param_value(self.INJECT_AT_TIMESTAMP)
        pps = self.get_param_value(self.PACKETS_PER_SECOND)

        # calculate complement packet rates of BG traffic per interval
        complement_interval_pps = self.statistics.calculate_complement_packet_rates(
            pps)

        # Initialize parameters
        mac_source = self.get_param_value(self.MAC_SOURCE)
        ip_source = self.get_param_value(self.IP_SOURCE)
        # FIXME: why is port_source never used?
        port_source = self.get_param_value(self.PORT_SOURCE)
        mac_destination = self.get_param_value(self.MAC_DESTINATION)
        ip_destination = self.get_param_value(self.IP_DESTINATION)
        port_destination = self.get_param_value(self.PORT_DESTINATION)

        # Check ip.src == ip.dst
        self.ip_src_dst_catch_equal(ip_source, ip_destination)

        # Set TTL based on TTL distribution of IP address
        source_ttl_dist = self.statistics.get_ttl_distribution(ip_source)
        if len(source_ttl_dist) > 0:
            source_ttl_prob_dict = lea.Lea.fromValFreqsDict(source_ttl_dist)
            source_ttl_value = source_ttl_prob_dict.random()
        else:
            source_ttl_value = Util.handle_most_used_outputs(
                self.statistics.get_most_used_ttl_value())

        destination_ttl_dist = self.statistics.get_ttl_distribution(
            ip_destination)
        if len(destination_ttl_dist) > 0:
            destination_ttl_prob_dict = lea.Lea.fromValFreqsDict(
                destination_ttl_dist)
            destination_ttl_value = destination_ttl_prob_dict.random()
        else:
            destination_ttl_value = Util.handle_most_used_outputs(
                self.statistics.get_most_used_ttl_value())

        # Set Window Size based on Window Size distribution of IP address
        source_win_dist = self.statistics.get_win_distribution(ip_source)
        if len(source_win_dist) > 0:
            source_win_prob_dict = lea.Lea.fromValFreqsDict(source_win_dist)
        else:
            source_win_dist = self.statistics.get_win_distribution(
                self.statistics.get_most_used_ip_address())
            source_win_prob_dict = lea.Lea.fromValFreqsDict(source_win_dist)

        destination_win_dist = self.statistics.get_win_distribution(
            ip_destination)
        if len(destination_win_dist) > 0:
            destination_win_prob_dict = lea.Lea.fromValFreqsDict(
                destination_win_dist)
        else:
            destination_win_dist = self.statistics.get_win_distribution(
                self.statistics.get_most_used_ip_address())
            destination_win_prob_dict = lea.Lea.fromValFreqsDict(
                destination_win_dist)

        # Set MSS (Maximum Segment Size) based on MSS distribution of IP address
        mss_value = Util.handle_most_used_outputs(
            self.statistics.get_most_used_mss_value())
        if not mss_value:
            mss_value = 1465

        # Inject EternalBlue exploit packets
        # Read Win7_eternalblue_exploit pcap file
        source_origin_wins, destination_origin_wins = {}, {}
        exploit_raw_packets = scapy.utils.RawPcapReader(
            self.template_attack_pcap_path)

        port_source = rnd.randint(
            self.minDefaultPort,
            self.maxDefaultPort)  # experiments show this range of ports
        # conversations = {(ip.src, ip.dst, port.src, port.dst): packets}
        conversations, order_list_conversations = self.packets_to_convs(
            exploit_raw_packets)
        exploit_raw_packets.close()

        conv_start_timesamp = timestamp_next_pkt
        for conv_index, conv in enumerate(order_list_conversations):
            # the distance between the starts of the converstaions
            conv_start_timesamp = conv_start_timesamp + rnd.uniform(
                0.001, 0.01)
            timestamp_next_pkt = conv_start_timesamp

            conv_pkts = conversations[conv]
            inter_arrival_times = self.get_inter_arrival_time(conv_pkts)

            if conv_index == len(
                    order_list_conversations) - 2:  # Not the last conversation
                timestamp_next_pkt = self.packets[-1].time + rnd.uniform(
                    0.001, 0.01)

            if conv_index != len(
                    order_list_conversations) - 1:  # Not the last conversation
                port_source += 2
                for self.pkt_num, pkt in enumerate(conv_pkts):
                    eth_frame = inet.Ether(pkt[0])
                    ip_pkt = eth_frame.payload
                    tcp_pkt = ip_pkt.payload

                    if self.pkt_num == 0:
                        if tcp_pkt.getfieldval("dport") == SMBLib.smb_port:
                            orig_ip_dst = ip_pkt.getfieldval("dst")

                    # Request
                    if ip_pkt.getfieldval("dst") == orig_ip_dst:  # victim IP
                        # Ether
                        eth_frame.setfieldval("src", mac_source)
                        eth_frame.setfieldval("dst", mac_destination)
                        # IP
                        ip_pkt.setfieldval("src", ip_source)
                        ip_pkt.setfieldval("dst", ip_destination)
                        ip_pkt.setfieldval("ttl", source_ttl_value)
                        # TCP
                        tcp_pkt.setfieldval("sport", port_source)
                        tcp_pkt.setfieldval("dport", port_destination)
                        # Window Size
                        source_origin_win = tcp_pkt.getfieldval("window")
                        if source_origin_win not in source_origin_wins:
                            source_origin_wins[
                                source_origin_win] = source_win_prob_dict.random(
                                )
                        new_win = source_origin_wins[source_origin_win]
                        tcp_pkt.setfieldval("window", new_win)
                        # MSS
                        tcp_options = tcp_pkt.getfieldval("options")
                        if tcp_options:
                            if tcp_options[0][0] == "MSS":
                                tcp_options[0] = ("MSS", mss_value)
                                tcp_pkt.setfieldval("options", tcp_options)

                        new_pkt = (eth_frame / ip_pkt / tcp_pkt)
                        new_pkt.time = timestamp_next_pkt

                        pps = max(
                            Util.get_interval_pps(complement_interval_pps,
                                                  timestamp_next_pkt), 10)
                        timestamp_next_pkt = self.timestamp_controller.next_timestamp(
                        ) + inter_arrival_times[
                            self.pkt_num]  # float(timeSteps.random())

                    # Reply
                    else:
                        # Ether
                        eth_frame.setfieldval("src", mac_destination)
                        eth_frame.setfieldval("dst", mac_source)
                        # IP
                        ip_pkt.setfieldval("src", ip_destination)
                        ip_pkt.setfieldval("dst", ip_source)
                        ip_pkt.setfieldval("ttl", destination_ttl_value)
                        # TCP
                        tcp_pkt.setfieldval("dport", port_source)
                        tcp_pkt.setfieldval("sport", port_destination)
                        # Window Size
                        destination_origin_win = tcp_pkt.getfieldval("window")
                        if destination_origin_win not in destination_origin_wins:
                            destination_origin_wins[
                                destination_origin_win] = destination_win_prob_dict.random(
                                )
                        new_win = destination_origin_wins[
                            destination_origin_win]
                        tcp_pkt.setfieldval("window", new_win)
                        # MSS
                        tcp_options = tcp_pkt.getfieldval("options")
                        if tcp_options:
                            if tcp_options[0][0] == "MSS":
                                tcp_options[0] = ("MSS", mss_value)
                                tcp_pkt.setfieldval("options", tcp_options)

                        new_pkt = (eth_frame / ip_pkt / tcp_pkt)

                        pps = max(
                            Util.get_interval_pps(complement_interval_pps,
                                                  timestamp_next_pkt), 10)
                        timestamp_next_pkt = self.timestamp_controller.next_timestamp(
                        ) + inter_arrival_times[
                            self.pkt_num]  # float(timeSteps.random())

                        new_pkt.time = timestamp_next_pkt

                    self.add_packet(new_pkt, ip_source, ip_destination)

            else:  # Last conversation where the victim start a connection with the attacker
                timestamp_next_pkt = self.packets[-1].time + rnd.uniform(
                    0.001, 0.01)
                port_source = rnd.randint(self.minDefaultPort,
                                          self.maxDefaultPort)
                for self.pkt_num, pkt in enumerate(conv_pkts):
                    eth_frame = inet.Ether(pkt[0])
                    ip_pkt = eth_frame.payload
                    tcp_pkt = ip_pkt.payload

                    # Request
                    if tcp_pkt.getfieldval("dport") == self.last_conn_dst_port:
                        # Ether
                        eth_frame.setfieldval("src", mac_destination)
                        eth_frame.setfieldval("dst", mac_source)
                        # IP
                        ip_pkt.setfieldval("src", ip_destination)
                        ip_pkt.setfieldval("dst", ip_source)
                        ip_pkt.setfieldval("ttl", destination_ttl_value)
                        # TCP
                        tcp_pkt.setfieldval("sport", port_source)
                        # destination port is fixed 4444
                        # Window Size
                        destination_origin_win = tcp_pkt.getfieldval("window")
                        if destination_origin_win not in destination_origin_wins:
                            destination_origin_wins[
                                destination_origin_win] = destination_win_prob_dict.random(
                                )
                        new_win = destination_origin_wins[
                            destination_origin_win]
                        tcp_pkt.setfieldval("window", new_win)
                        # MSS
                        tcp_options = tcp_pkt.getfieldval("options")
                        if tcp_options:
                            if tcp_options[0][0] == "MSS":
                                tcp_options[0] = ("MSS", mss_value)
                                tcp_pkt.setfieldval("options", tcp_options)

                        new_pkt = (eth_frame / ip_pkt / tcp_pkt)
                        new_pkt.time = timestamp_next_pkt

                        pps = max(
                            Util.get_interval_pps(complement_interval_pps,
                                                  timestamp_next_pkt), 10)
                        timestamp_next_pkt = self.timestamp_controller.next_timestamp(
                        ) + inter_arrival_times[
                            self.pkt_num]  # float(timeSteps.random())

                    # Reply
                    else:
                        # Ether
                        eth_frame.setfieldval("src", mac_source)
                        eth_frame.setfieldval("dst", mac_destination)
                        # IP
                        ip_pkt.setfieldval("src", ip_source)
                        ip_pkt.setfieldval("dst", ip_destination)
                        ip_pkt.setfieldval("ttl", source_ttl_value)
                        # TCP
                        tcp_pkt.setfieldval("dport", port_source)
                        # source port is fixed 4444
                        # Window Size
                        source_origin_win = tcp_pkt.getfieldval("window")
                        if source_origin_win not in source_origin_wins:
                            source_origin_wins[
                                source_origin_win] = source_win_prob_dict.random(
                                )
                        new_win = source_origin_wins[source_origin_win]
                        tcp_pkt.setfieldval("window", new_win)
                        # MSS
                        tcp_options = tcp_pkt.getfieldval("options")
                        if tcp_options:
                            if tcp_options[0][0] == "MSS":
                                tcp_options[0] = ("MSS", mss_value)
                                tcp_pkt.setfieldval("options", tcp_options)

                        new_pkt = (eth_frame / ip_pkt / tcp_pkt)

                        pps = max(
                            Util.get_interval_pps(complement_interval_pps,
                                                  timestamp_next_pkt), 10)
                        timestamp_next_pkt = self.timestamp_controller.next_timestamp(
                        ) + inter_arrival_times[
                            self.pkt_num]  # float(timeSteps.random())

                        new_pkt.time = timestamp_next_pkt

                    self.add_packet(new_pkt, ip_source, ip_destination)

Esempio n. 3

File: test_Utility.py Progetto: tklab-tud/ID2T

 def test_get_interval_pps_above_max(self):
     cipps = [(5, 1), (10, 2), (15, 3)]
     self.assertEqual(Utility.get_interval_pps(cipps, 30), 3)