コード例 #1
0
    def __init__(self, host_map, ssh_chan_map):
        '''Constructor of Malware Propagation Director

        Args:
            host_map: Host IP to host name map.
            ssh_chan_map: SSH session chan to cluster node map.
        '''
        self.server_thread = KThread(target=self.start_malware_center, args=(MALWARE_CENTER_IP, MALWARE_CENTER_PORT))
        self.server_thread.start()
        self.try_count = 0
        self.success_count = 0
        self.count = 0
        self.critical = threading.BoundedSemaphore(value=1)
        self.current_population = 0

        self.sniffer_node_map = {}
        self.generator_node_map = {}

        self.available_map = {}
        self.ping_map = {}

        self.host_map = host_map
        self.ssh_chan_map = ssh_chan_map
コード例 #2
0
    def propagation_step_threaded(self):
        self.success_count = 0
        self.try_count = 0
        self.sniffer_node_map   = {}
        self.generator_node_map = {}

        self.ping_map = {}
        for mal_node in malware_node_list:
            self.search_victim(mal_node)

        self.available_map = {}
        ping_threads = []
        for node_ip in self.ping_map.keys():
            thread = KThread(target=self.make_ping, args=(self.ping_map[node_ip], node_ip))
            ping_threads.append(thread)
        for thread in ping_threads:
            thread.start()
        for thread in ping_threads:
            thread.join()

        self.operate_with_mal_node()
        self.current_population += self.success_count
        #logger_MalwareProp.info(str(self.try_count) + "\t\t\t" + str(self.success_count) +
        #                        "\t\t\t" + str(self.current_population) + '\t\t\t' + str(len(malware_node_list)))

        sniffer_threads = []
        for node_ip in self.sniffer_node_map.keys():
            thread = KThread(target=self.setup_sniffer, args=(self.sniffer_node_map[node_ip],))
            sniffer_threads.append(thread)
        for thread in sniffer_threads:
            thread.start()
        for thread in sniffer_threads:
            thread.join()

        generator_threads = []
        for node_ip in self.generator_node_map.keys():
            thread = KThread(target=self.setup_generator, args=(self.generator_node_map[node_ip],))
            generator_threads.append(thread)
        for thread in generator_threads:
            thread.start()
        for thread in generator_threads:
            thread.join()

        sleep(MALWARE_PROP_DELAY)
コード例 #3
0
class Malware_propagation_director:
    '''Class of Malware Propagation Director.

    TODO
    '''
    def __init__(self, host_map, ssh_chan_map):
        '''Constructor of Malware Propagation Director

        Args:
            host_map: Host IP to host name map.
            ssh_chan_map: SSH session chan to cluster node map.
        '''
        self.server_thread = KThread(target=self.start_malware_center, args=(MALWARE_CENTER_IP, MALWARE_CENTER_PORT))
        self.server_thread.start()
        self.try_count = 0
        self.success_count = 0
        self.count = 0
        self.critical = threading.BoundedSemaphore(value=1)
        self.current_population = 0

        self.sniffer_node_map = {}
        self.generator_node_map = {}

        self.available_map = {}
        self.ping_map = {}

        self.host_map = host_map
        self.ssh_chan_map = ssh_chan_map

    def set_init_population(self, init_population):
        '''

        Args:
            init_population:

        '''
        self.current_population = init_population

    def inc_try_count(self):
        self.critical.acquire()
        self.try_count += 1
        self.critical.release()

    def inc_success_count(self):
        self.critical.acquire()
        self.success_count += 1
        self.critical.release()

    def inc_count(self):
        self.critical.acquire()
        self.count += 1
        self.critical.release()

    def dec_count(self):
        self.critical.acquire()
        self.count -= 1
        self.critical.release()

    def start_malware_center(self, ip="1.2.3.254", port=56565):
        server = ThreadingUDPServer((ip, port), Malware_request_handler)
        server.allow_reuse_address = True
        print("server started")
        server.serve_forever()
        return server

    def stop_malware_center(self):
        print("server stoped")
        self.server_thread.kill()

    def add_malware_node(self, host_IP, cluster_IP, vulnerable, infected ):
        malware_node = Malware_Node( host_IP, cluster_IP, vulnerable, infected )
        malware_node_list.append( malware_node )

    def is_mal_node_in_network(self,IP):
        for mal_node in malware_node_list:
            if mal_node.get_host_IP() == IP:
                return mal_node
        return None

    def setup_sniffer(self, sniffer_list):
        for sniffer in sniffer_list:
            victim_node = sniffer[0]
            victim_ip   = sniffer[1]
            intf_name = self.host_map[victim_ip] + "-eth0"
            cmd = self.host_map[victim_ip] + ' python ' + DST_SCRIPT_FOLDER + 'port_sniffer.py ' + victim_ip + \
                  " " + intf_name
            send_mininet_cmd_to_cluster_node(victim_node.get_cluster_IP(), cmd, self.ssh_chan_map)

    def setup_generator(self, generator_list):
        for generator in generator_list:
            mal_node  = generator[0]
            victim_ip = generator[1]
            intf_name = self.host_map[mal_node.get_host_IP()] + "-eth0"
            cmd = self.host_map[mal_node.get_host_IP()] + ' python ' + DST_SCRIPT_FOLDER + 'scapy_packet_gen.py ' \
                  + victim_ip + " " + intf_name
            send_mininet_cmd_to_cluster_node(mal_node.get_cluster_IP(), cmd, self.ssh_chan_map)

    def search_victim(self, mal_node):
        if mal_node.is_infected():
            victim_ip = get_random_test_IP()
            if mal_node.get_cluster_IP() not in self.ping_map.keys():
                self.ping_map[mal_node.get_cluster_IP()] = [(mal_node.get_host_IP(), victim_ip)]
            else:
                self.ping_map[mal_node.get_cluster_IP()].append((mal_node.get_host_IP(), victim_ip))

    def make_ping(self, ping_list, node_IP):
        for ping in ping_list:
            src_ip = ping[0]
            dst_ip = ping[1]
            cmd = self.host_map[src_ip] + ' ping ' + dst_ip + " -c 2"
            available = send_mininet_ping_to_cluster_node(node_IP, cmd, self.ssh_chan_map)
            self.available_map[(src_ip, dst_ip)] = available
            self.inc_try_count()

    def operate_with_mal_node(self):
        for pair_host, available in self.available_map.items():
            if available:
                mal_ip = pair_host[0]
                victim_ip = pair_host[1]
                mal_node = self.is_mal_node_in_network(mal_ip)
                victim_node = self.is_mal_node_in_network(victim_ip)
                if (victim_node is not None) and (mal_node is not None):
                    if victim_node.is_vulnerable():
                        if victim_node.get_cluster_IP() not in self.sniffer_node_map.keys():
                            self.sniffer_node_map[victim_node.get_cluster_IP()] = [(victim_node, victim_ip)]
                        else:
                            self.sniffer_node_map[victim_node.get_cluster_IP()].append((victim_node, victim_ip))
                        self.inc_success_count()
                    if mal_node.get_cluster_IP() not in self.generator_node_map.keys():
                        self.generator_node_map[mal_node.get_cluster_IP()] = [(mal_node, victim_ip)]
                    else:
                        self.generator_node_map[mal_node.get_cluster_IP()].append((mal_node, victim_ip))

    def propagation_step_threaded(self):
        self.success_count = 0
        self.try_count = 0
        self.sniffer_node_map   = {}
        self.generator_node_map = {}

        self.ping_map = {}
        for mal_node in malware_node_list:
            self.search_victim(mal_node)

        self.available_map = {}
        ping_threads = []
        for node_ip in self.ping_map.keys():
            thread = KThread(target=self.make_ping, args=(self.ping_map[node_ip], node_ip))
            ping_threads.append(thread)
        for thread in ping_threads:
            thread.start()
        for thread in ping_threads:
            thread.join()

        self.operate_with_mal_node()
        self.current_population += self.success_count
        #logger_MalwareProp.info(str(self.try_count) + "\t\t\t" + str(self.success_count) +
        #                        "\t\t\t" + str(self.current_population) + '\t\t\t' + str(len(malware_node_list)))

        sniffer_threads = []
        for node_ip in self.sniffer_node_map.keys():
            thread = KThread(target=self.setup_sniffer, args=(self.sniffer_node_map[node_ip],))
            sniffer_threads.append(thread)
        for thread in sniffer_threads:
            thread.start()
        for thread in sniffer_threads:
            thread.join()

        generator_threads = []
        for node_ip in self.generator_node_map.keys():
            thread = KThread(target=self.setup_generator, args=(self.generator_node_map[node_ip],))
            generator_threads.append(thread)
        for thread in generator_threads:
            thread.start()
        for thread in generator_threads:
            thread.join()

        sleep(MALWARE_PROP_DELAY)

    def propagation_loop(self, step_number):
        for i in xrange(step_number):
            print("STEP: " + str(i))
            self.propagation_step_threaded()

    def get_infected_nodes_number(self):
        count = 0
        for mal_node in malware_node_list:
            if mal_node.is_infected():
                count += 1
        return count

    def show_node_list(self):
        for mal_node in malware_node_list:
            mal_node.show()
        print("infected nodes number = " + str(self.get_infected_nodes_number()))
コード例 #4
0
ファイル: malware_center.py プロジェクト: ARCCN/nps
    print("IP: " + ip)
    print("PORT: " + str(port))
    #print("new worm instance h3-eth0:77.77.77.77")
    server.serve_forever()


if __name__ == "__main__":
    if len(sys.argv) > 1 and sys.argv[1] == '--help':
        print 'args: (malware_center_ip, malware_center_port)'
        exit(-1)

    if len(sys.argv) != 3:
        print('Not enough args')
        exit(-123)

    malware_center_ip = sys.argv[1]
    malware_center_port = int(sys.argv[2])

    server_thread = KThread(target=start_malware_center, args=(malware_center_ip, malware_center_port))
#    server_thread.daemon = True
    server_thread.start()
#    server_thread.kill()