commit 0c6854220f3f23f51bf0d4b59fc3aa8862a8b5f0
parent 7bd7e77ed831f92211f1f1a59cd6f3b9b6c7ad62
Author: Cody Lewis <cody@codymlewis.com>
Date: Wed, 8 Apr 2020 20:20:25 +1000
Improved training data generation, added readme, added requirements, and updated controller to python3
Diffstat:
4 files changed, 90 insertions(+), 30 deletions(-)
diff --git a/README.md b/README.md
@@ -0,0 +1,57 @@
+# DDoS Autoencoder
+A combination of SDN and a neural network autoencoder that results in the
+mitigation of context attacks
+
+## Requirements
+- python3
+- pip
+
+## Installation
+```
+pip3 install -r requirements.txt
+```
+
+## Generating data
+First start the controller in generate data mode:
+```
+./network_controller.py --gen-data
+```
+
+Then start the network in normal interactions training mode (this uses mininet
+so it will probably require root privileges to run):
+```
+./create_network --normal
+```
+
+Once done, train for the attack state. Start the controller in generate attack
+data mode:
+```
+./network_controller.py --attack --gen-data
+```
+
+Then start the network in attack interactions training mode:
+```
+./create_network --all-attack
+```
+
+## Training the Autoencoder
+Simply run the following:
+```
+./network_controller.py --train
+```
+
+## Run DDoS Mitigation
+Start the controller in detection mode:
+```
+./network_controller.py --detect
+```
+
+Then start the network in attack and CLI mode:
+```
+./create_network --attack --cli
+```
+
+The user should be able to ping the attack target with the following command:
+```
+u0 ping t0
+```
diff --git a/create_network b/create_network
@@ -73,19 +73,12 @@ def run_network(num_bots):
controller=RemoteController
)
net.start()
- finish_time = time.time() + 3000
+ finish_time = time.time() + 36_000
if "--train" in sys.argv:
- finish_time = time.time() + 3000
for host in net.hosts:
host.cmdPrint("export FLASK_APP=WebServer.py && flask run --host=0.0.0.0 &")
time.sleep(3)
if "--attack" in sys.argv:
- info("*** Starting web server on target\n")
- net['t0'].cmdPrint("export FLASK_APP=WebServer.py && flask run --host=0.0.0.0 &")
- time.sleep(1)
- info("*** User browsing web service\n")
- net['u0'].cmdPrint(f"netsurf http://{net['t0'].IP()}:5000/ &")
- time.sleep(1)
info("*** Starting botnet controller\n")
net['b0'].cmdPrint(f"./botnet_controller -n {num_bots} -t {net['t0'].IP()} &")
time.sleep(1)
@@ -98,8 +91,7 @@ def run_network(num_bots):
for host in net.hosts:
if host is not net['b0']:
host.cmd(f"./bot -c {net['b0'].IP()} &")
- while time.time() < finish_time:
- time.sleep(1)
+ time.sleep(finish_time - time.time())
elif "--normal" in sys.argv:
info("*** Normal activity\n")
while time.time() < finish_time:
@@ -115,7 +107,6 @@ def run_network(num_bots):
else:
info("*** ICMP activity\n")
host.cmd(f"ping -c1 {random_host_ip}")
- time.sleep(np.random.uniform(0, 1))
else:
info("*** Starting web server on target\n")
net['t0'].cmdPrint("export FLASK_APP=WebServer.py && flask run --host=0.0.0.0 &")
diff --git a/network_controller.py b/network_controller.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python2
+#!/usr/bin/env python3
# -*- coding: utf-8 -*-
'''
@@ -13,16 +13,16 @@ import numpy as np
import tensorflow as tf
from tensorflow import keras
-import pox.lib.packet as pac
-from pox.boot import boot
-from pox.core import core
-from pox.lib.recoco import Timer
+import pox3.lib.packet as pac
+from pox3.boot import boot
+from pox3.core import core
+from pox3.lib.recoco import Timer
-import pox.openflow.libopenflow_01 as of
+import pox3.openflow.libopenflow_01 as of
if __name__ != "__main__":
- import pox.forwarding.l2_learning as l2l
+ import pox3.forwarding.l2_learning as l2l
LOG = core.getLogger()
IPV4_PROTOCOLS = {
@@ -44,8 +44,8 @@ class Flow:
A class for flows through the network
'''
def __init__(self, src, dst, comm_prot, packets, amount_bytes):
- self.src = src
- self.dst = dst
+ self.src = str(src)
+ self.dst = str(dst)
self.comm_prot = comm_prot
self.packets = packets
self.bytes = amount_bytes
@@ -166,7 +166,7 @@ class Controller(object):
durations = []
current_time = time.time()
num_pair_flows = float(0)
- all_flows = self.flows.values()
+ all_flows = list(self.flows.values())
num_flows = float(len(all_flows))
for i, flow in enumerate(all_flows):
amount_packets.append(flow.packets)
@@ -175,7 +175,7 @@ class Controller(object):
for other_flow in all_flows[i + 1:]:
if flow.is_pair(other_flow):
num_pair_flows += 1
- all_growing_flows = self.growing_flows.values()
+ all_growing_flows = list(self.growing_flows.values())
num_growing_flows = len(all_growing_flows)
num_growing_pair_flows = 0
for i, flow in enumerate(all_growing_flows):
@@ -255,20 +255,29 @@ def launch():
if __name__ == '__main__':
if "--train" in sys.argv:
- data, bin_labels = (lambda x: (x[:, :6], x[:, 6]))(np.loadtxt("training_data.txt"))
- labels = np.array([[1, 0] if l == 0 else [0, 1] for l in bin_labels])
+ data, labels_bin = (lambda x: (x[:, :6], x[:, 6]))(np.loadtxt("training_data.txt"))
+ labels = np.array([[1, 0] if l == 0 else [0, 1] for l in labels_bin])
inputs = keras.Input(shape=(6,))
- x = keras.layers.Dense(10, activation=tf.nn.relu)(inputs)
- x = keras.layers.Dense(10, activation=tf.nn.relu)(x)
+ x = keras.layers.Dense(100, activation=tf.nn.relu)(inputs)
+ x = keras.layers.Dense(100, activation=tf.nn.relu)(x)
+ x = keras.layers.Dense(100, activation=tf.nn.relu)(x)
outputs = keras.layers.Dense(2, activation=tf.nn.softmax)(x)
model = keras.Model(inputs=inputs, outputs=outputs)
model.compile(
- optimizer="RMSProp",
- loss=keras.losses.CategoricalCrossentropy()
+ optimizer="Adam",
+ loss=keras.losses.BinaryCrossentropy(),
+ metrics=["accuracy"]
+ )
+ history = model.fit(
+ x=data,
+ y=labels,
+ epochs=500,
+ verbose=1,
+ validation_split=0.2,
+ callbacks=[keras.callbacks.EarlyStopping(patience=5)]
)
- history = model.fit(x=data, y=labels, epochs=500, verbose=1)
print("Reached loss: {}".format(history.history['loss'][-1]))
model.save("model.h5")
print("Saved model as model.h5")
else:
- boot(["log.level", "--DEBUG", "network_controller"])
+ boot(["network_controller"])
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,3 @@
+pox3
+mininet
+tensorflow
