def listen(ctx, verbose, home_id): """ Passive monitoring of network :param ctx: shared context :param verbose: show received frames :param home_id: filter frames including specified home-id """ # initialize signal.signal(signal.SIGINT, signal_handler) cfg = ctx.obj[CONFIGURATION] cfg.home_id = home_id cfg.verbose = verbose honeylog = ctx.obj[LOGGER] with multiprocessing.Manager() as manager: # initialize shared network and decoy information network = manager.dict(load_json(cfg.networks_path + '/' + cfg.network_file)) decoys = manager.dict(load_json(cfg.networks_path + '/' + cfg.decoys_file)) # init stats inner_stats = init_stats_dict() stats_real = manager.dict(inner_stats.copy()) stats_malicious = manager.dict(inner_stats.copy()) stats_invalid = manager.dict(inner_stats.copy()) stats_in = manager.dict(inner_stats.copy()) stats_out = manager.dict(inner_stats.copy()) stats = {STAT_REAL: stats_real, STAT_MALICIOUS: stats_malicious, STAT_INVALID: stats_invalid, STAT_IN: stats_in, STAT_OUT: stats_out} frames_in = list() frames_out = list() # initialize components receiver = Receiver(cfg, network, decoys, honeylog, frames_in, frames_out) monitor = Monitor(cfg, network, decoys, honeylog, stats) receiver.monitor = monitor monitor.receiver = receiver # start configuration configuration_process = Process(target=set_configuration, args=(cfg, honeylog)) configuration_process.start() # if not verbose if not verbose: # show only stats statsview_process = Process(target=stats_view, args=(stats, ctx.obj[DEBUG_LEVEL])) statsview_process.start() # start reception receiver.start(False, True)
def record(ctx): """Records frames until users interrupt""" configuration = ctx.obj[CONFIGURATION] logger = ctx.obj[LOGGER] network = load_json(configuration.networks_path + '/' + configuration.real_networks_name) decoys = load_json(configuration.networks_path + '/' + configuration.virtual_networks_name) receiver = Receiver(configuration, network, decoys, logger, None, None) monitor = Monitor(configuration, network, decoys, logger, None, receiver) receiver.monitor = monitor monitor.record()
def run(ctx, passive, low, home_id, test): """Starts the IoT honeypot""" configuration = ctx.obj[CONFIGURATION] configuration.home_id = home_id logger = ctx.obj[LOGGER] if passive: signal.signal(signal.SIGINT, signal_handler) network = load_json(configuration.networks_path + '/' + configuration.real_networks_name) decoys = load_json(configuration.networks_path + '/' + configuration.virtual_networks_name) receiver = Receiver(configuration, network, decoys, logger, None, None) monitor = Monitor(configuration, network, decoys, logger, None, receiver) receiver.monitor = monitor configuration_process = Process(target=set_configuration, args=(configuration, logger)) configuration_process.start() signal.signal(signal.SIGINT, signal_handler) global monitor_stats monitor_stats = monitor.stats monitor.start(passive=True) else: with multiprocessing.Manager() as manager: # load networks to shared dictionaries of manager network = manager.dict( load_json(configuration.networks_path + '/' + configuration.real_networks_name)) decoys = manager.dict( load_json(configuration.networks_path + '/' + configuration.virtual_networks_name)) if home_id and home_id not in decoys.keys(): sys.exit(ERROR_MISSING_DECOYS) signal.signal(signal.SIGINT, signal_handler) monitor_conn, generator_conn = Pipe() receiver_conn, transmitter_conn = Pipe() transmitter = Transmitter(configuration, transmitter_conn) if not low: responder = Responder(transmitter, decoys, logger) else: responder = None receiver = Receiver(configuration, network, decoys, logger, receiver_conn, responder) monitor = Monitor(configuration, network, decoys, logger, monitor_conn, receiver) receiver.monitor = monitor generator = TrafficGenerator(configuration, network, decoys, logger, generator_conn, transmitter) # init processes monitor_process = Process(target=monitor_target, args=(monitor, )) configuration_process = Process(target=set_configuration, args=(configuration, logger)) # start processes try: configuration_process.start() monitor_process.start() generator.start(test) except KeyboardInterrupt: logger.info('\nTerminating...') monitor_process.terminate() configuration_process.terminate() configuration_process.join() monitor_process.join()
def run(ctx, low, home_id): """ Run main function of the IoT honeypot :param ctx: shared context :param low: low-interaction mode means that the honeypot does not respond to malicious frames :param home_id: specifies the network identifier """ # initialization signal.signal(signal.SIGINT, signal_handler) cfg = ctx.obj[CONFIGURATION] cfg.home_id = home_id honeylog = ctx.obj[LOGGER] # manager handles shared content between TX and RX processes with multiprocessing.Manager() as manager: network = manager.dict(load_json(cfg.networks_path + '/' + cfg.network_file)) decoys = manager.dict(load_json(cfg.networks_path + '/' + cfg.decoys_file)) # init stats inner_stats = init_stats_dict() stats_real = manager.dict(inner_stats.copy()) stats_malicious = manager.dict(inner_stats.copy()) stats_invalid = manager.dict(inner_stats.copy()) stats_in = manager.dict(inner_stats.copy()) stats_out = manager.dict(inner_stats.copy()) stats = {STAT_REAL: stats_real, STAT_MALICIOUS: stats_malicious, STAT_INVALID: stats_invalid, STAT_IN: stats_in, STAT_OUT: stats_out} frames_in = manager.list() frames_out = manager.list() # display real-time statistics statsview_process = Process(target=stats_view, args=(stats, ctx.obj[DEBUG_LEVEL])) # if records for specified network are missing if not safe_key_in_dict(home_id, decoys.keys()): # honeypot stops and display error sys.exit(ERROR_MISSING_DECOYS) signal.signal(signal.SIGINT, signal_handler) # init frame transmitter transmitter = Transmitter(cfg, frames_out, stats) # if not low-interaction mode if not low: # init responder responder = Responder(transmitter, decoys, honeylog) else: # else responder not needed responder = None # init receiver and monitor receiver = Receiver(cfg, network, decoys, honeylog, frames_in, frames_out, responder) monitor = Monitor(cfg, network, decoys, honeylog, stats) receiver.monitor = monitor monitor.receiver = receiver # init traffic generator generator = TrafficGenerator(cfg, network, decoys, honeylog, stats, transmitter) # honeypot configuration process configuration_process = Process(target=set_configuration, args=(cfg, honeylog)) # receiver process receiver_process = Process(target=receiver_target, args=(receiver, False, False)) try: configuration_process.start() receiver_process.start() statsview_process.start() # generator works in main process generator.start() except KeyboardInterrupt: honeylog.info('\nTerminating...') receiver_process.terminate() configuration_process.terminate() configuration_process.join() receiver_process.join() statsview_process.join()