def run_l2b_experiments(self, exp, train_portion):
l2btools = Learn2BanTools()
l2btools.load_train2ban_config()
utc_datetime = datetime.datetime.utcnow()
utc_datetime.strftime("%Y-%m-%d-%H%MZ")
analyse_log_file = l2btools.analyser_results_dir + 'analyse_' + str(
utc_datetime)
logging.basicConfig(filename=analyse_log_file, level=logging.INFO)
logging.info('Begin learn 2 ban analysis for Experiment Id: ' +
str(exp['id']))
l2btools.set_training_log(exp['training_log'])
experiment_classifier = l2btools.construct_classifier(
exp['kernel_type'])
self.analyse_trainer = Train2Ban(experiment_classifier)
self.analyse_trainer.add_malicious_history_log_files(
l2btools.load_training_logs())
training_set = l2btools.gather_all_features()
self.analyse_trainer.add_to_sample(training_set)
self.analyse_trainer.normalise(exp['norm_mode'])
#This step will also update teh regex filter file to point to the experiment file
self.analyse_trainer.add_bad_regexes(
l2btools.load_bad_filters_from_db(exp['regex_filter_id']))
#marking training data
self.analyse_trainer.mark_bad_target()
marked_training_set = self.analyse_trainer.get_training_set()
train_selector, test_selector = l2btools.random_slicer(
len(marked_training_set), train_portion)
train_set = marked_training_set.get_training_subset(
case_selector=train_selector)
test_set = marked_training_set.get_training_subset(
case_selector=test_selector)
#initializes L2BEXperiment
cur_experiment = L2BExperiment(train_set, test_set,
experiment_classifier)
#cur_experiment.train()
#Predict for training data using constructed model
#logging.info('Crossvalidation score: ' + str(cur_experiment.cross_validate_test()))
#graph the result
dim_reducers = ['PCA', 'Isomap']
kernels = ['linear', 'rbf', 'poly']
all_possible_choices = np.transpose(
np.array([
np.tile(dim_reducers, len(kernels)),
np.repeat(kernels, len(dim_reducers))
]))
for cur_choice in all_possible_choices:
cur_experiment.plot(dim_reduction_strategy=cur_choice[0],
kernel=cur_choice[1])
def setUp(self):
"""Call before every test case."""
self.l2btools = Learn2BanTools()
self.l2btools.load_train2ban_config()
self.l2btools.retrieve_experiments()
self.log_files = [[self.TEST_LOG_ID, self.TEST_LOG_FILENAME]]
#we are testing trainin
self.test_trainer = Train2Ban(self.l2btools.construct_svm_classifier())
self.test_trainer._training_set = TrainingSet(
) #clean the training set
self.test_trainer.add_to_sample(
self.l2btools.gather_all_features([self.TEST_LOG_FILENAME]))
class Profiler():
l2btools = Learn2BanTools()
def profile_learn2ban(self):
self.l2btools.load_train2ban_config()
experiment_set = self.l2btools.retrieve_experiments()
for exp in experiment_set:
utc_datetime = datetime.datetime.utcnow()
utc_datetime.strftime("%Y-%m-%d-%H%MZ")
filename = src_dir+'/profiler/logs/profile_'+str(utc_datetime)
Analyser().profile(exp,0.8, filename)
break
p = pstats.Stats(filename)
p.strip_dirs().sort_stats(-1).print_stats()
p.dump_stats(src_dir+'profiler/logs/stats_'+str(utc_datetime))
def run_experiments(self, exp):
l2btools = Learn2BanTools()
l2btools.load_train2ban_config()
utc_datetime = datetime.datetime.utcnow()
utc_datetime.strftime("%Y-%m-%d-%H%MZ")
analyse_log_file = l2btools.analyser_results_dir + 'analyse_' + str(
utc_datetime)
logging.basicConfig(filename=analyse_log_file, level=logging.INFO)
logging.info('Begin learn 2 ban analysis for Experiment Id: ' +
str(exp['id']))
l2btools.set_training_log(exp['training_log'])
self.analyse_trainer = Train2Ban(
l2btools.construct_classifier(exp['kernel_type']))
self.analyse_trainer.add_malicious_history_log_files(
l2btools.load_training_logs())
training_set = l2btools.gather_all_features()
self.analyse_trainer.add_to_sample(training_set)
self.analyse_trainer.normalise(exp['norm_mode'])
#This step will also update teh regex filter file to point to the experiment file
self.analyse_trainer.add_bad_regexes(
l2btools.load_bad_filters_from_db(exp['regex_filter_id']))
#Train for training data
self.analyse_trainer.mark_and_train()
#Predict for training data using constructed model
self.analyse_trainer.predict(training_set)
logging.info('Training errors: ' +
str(self.analyse_trainer.model_errors()))
ip_index, data, target = self.analyse_trainer.get_training_model()
bad_ips = [
ip_index[cur_target] for cur_target in range(0, len(target))
if target[cur_target]
]
#logging.info('Training Bad IPs identified: '+ bad_ips)
#Load testing data
l2btools.set_testing_log(exp['testing_log'])
#Clear IP_Sieve
l2btools.clear_data()
#Predict for testing data using model constructed from training data
self.analyse_trainer.predict(l2btools.gather_all_features())
logging.info('Testing errors: ' +
str(self.analyse_trainer.model_errors()))
experiment_result = {}
experiment_result['experiment_id'] = exp['id']
experiment_result['result_file'] = analyse_log_file
l2btools.save_experiment(experiment_result)
class BasicTest(unittest.TestCase):
l2btools = Learn2BanTools()
experiment_set = ({
'regex_filter_id': 1L,
'testing_log': 'testing.log',
'kernel_type': 'linear',
'training_log': 'training.log',
'norm_mode': 'individual',
'id': 2L
}, )
def nontest_analyser(self):
self.l2btools.load_train2ban_config()
experiment_set = self.l2btools.retrieve_experiments()
for exp in experiment_set:
p = Process(target=Analyser().run_experiments(exp))
p.start()
def test_l2b_experiment(self):
self.l2btools.load_train2ban_config()
for exp in self.experiment_set:
cur_experimentor = Experimentor(exp, self.l2btools)
cur_experimentor.run_l2b_experiment(0.70, [])
#cur_experiment.train()
#Predict for training data using constructed model
#logging.info('Crossvalidation score: ' + str(cur_experiment.cross_validate_test()))
#graph the result
dim_reducers = ['PCA', 'Isomap']
kernels = ['linear', 'rbf', 'poly']
all_possible_choices = np.transpose(
np.array([
np.tile(dim_reducers, len(kernels)),
np.repeat(kernels, len(dim_reducers))
]))
for cur_choice in all_possible_choices:
cur_experiment.plot(dim_reduction_strategy=cur_choice[0],
kernel=cur_choice[1])
if __name__ == "__main__":
l2btools = Learn2BanTools()
l2btools.load_train2ban_config()
experiment_set = l2btools.retrieve_experiments()
for exp in experiment_set:
p = Process(target=Analyser().run_experiments(exp))
p.start()
#TODO: add support for multiple experiment files
#TODO: output results in formatted log
#TODO: plot graphs of results