def _reset_all_hosts_vnet(self):
"""
Moves all hosts to the initial virtual-net (lowest security)
"""
for host in self._hosts_sorted_by_id:
# logger.info("Moving host %s to vnet %s", host["mac"], self.vnets[0]["name"])
ApiWrapper.set_vnet(host["mac"], self.vnets[0]["name"])
def _init_net_info(self):
"""
Fetches Gemel SDN network info from the API and
initiates essential info such as number of vnets,
number of simulations, etc
"""
# fetch list of simulation hosts
sims_list = ApiWrapper.get_sims()
idx = 0
ip_id_map = {}
# assign a zero-based ID to each mac-address and store
# the mapping
for host_type, hosts in sims_list.items():
for host in hosts:
host["id"] = idx
host["type"] = host_type
ip_id_map[host["overlay_ip"]] = idx
idx += 1
# fetch list of know alerts and sort by ID
alerts = ApiWrapper.get_known_alert()
alerts = sorted(alerts, key=lambda x: x["id"])
# fetch ARP table
self.arp_table = ApiWrapper.get_arp_table()
# fetch vnet list
self.vnets = ApiWrapper.vnet_list()
self.simulations = sims_list
self.host_count = idx
self.ip_id_map = ip_id_map
self.known_alerts = alerts
def _get_qos_asr_reward(self):
asr = ApiWrapper.sim_attack_stats()
qos = ApiWrapper.sim_qos_stats()
m_qos = np.average([a["taskDuration"] for a in qos])
m_asr = np.average([a["ratio"] for a in asr])
res = m_qos / 10.0 - m_asr
logger.debug(f"QoS-ASR reward qos={m_qos} asr={m_asr} res={res}")
return res
def test_arp(self):
arp = ApiWrapper.get_arp_table()
self.assertIsInstance(arp, dict)
for ip, macs in arp.items():
self.assertRegex(ip, r"(\d{1,3}\.){3}\d{1,3}")
self.assertIsInstance(macs, list)
for m in macs:
self.assertRegex(m, r"^([0-9a-fA-F][0-9a-fA-F]:){5}([0-9a-fA-F][0-9a-fA-F])$")
def _fetch_alerts(self):
"""
Fetch IDS alerts and filter out irrelevant one
"""
ids_alerts = ApiWrapper.get_events(interval=self._interval)
alerts = [(alert["src"],
int(re.match(r".*:(\d+):.*", alert["sig_name"]).group(1)))
for net, alerts in ids_alerts.items() for alert in alerts]
obs = {}
for src_ip, alert_code in alerts:
obs[src_ip] = obs.get(src_ip, []) + [alert_code]
return obs
def _get_vnet_status(self):
"""
Receives which vn each host is in and returns as
feature array
"""
# fetch where each host is
vnet_status = ApiWrapper.vnet_status()
# use list of vnet names to assign a "number" to each vnet
# (i.e. index of the vnet in the list)
vnet_names = [x["name"] for x in self.vnets]
# get a list of vnet names for each host
sorted_list = [
vnet_status[host["mac"]] for host in self._hosts_sorted_by_id
]
# use vnet "number" instead of vnet name and convert to NumPy array
return np.asarray([vnet_names.index(name) for name in sorted_list])
def _apply_action(self, action):
"""
performs the given action code on the environment
:param action: number of action to take
:return: whether action was illegal
"""
action_void = False
if self.actions == GemelEnv.ActionSpace.TOGGLE:
if action >= self.action_space.n - 1:
return False
sims = self._hosts_sorted_by_id
ApiWrapper.toggle(sims[action]["mac"])
elif self.actions == GemelEnv.ActionSpace.DOUBLE_BUTTON:
if action >= self.action_space.n - 1:
return False
target_host = action // 2
more_security = bool(action % 2)
_host_cur_vn = self.current_state[0][target_host]
if more_security:
if _host_cur_vn != len(self.vnets) - 1:
ApiWrapper.set_vnet(
self._hosts_sorted_by_id[target_host]["mac"],
self.vnets[_host_cur_vn + 1]["name"])
else:
action_void = True
else:
if _host_cur_vn > 0:
ApiWrapper.set_vnet(
self._hosts_sorted_by_id[target_host]["mac"],
self.vnets[_host_cur_vn - 1]["name"])
else:
action_void = True
else:
raise Exception("Unknown action-set: {}".format(self.actions))
return action_void
def test_events(self):
events = ApiWrapper.get_events(60)
self.assertIn("ids", events)
self.assertIn("ips", events)