-
Notifications
You must be signed in to change notification settings - Fork 0
/
experiment examples.txt
101 lines (78 loc) · 7.59 KB
/
experiment examples.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
Experiment example 1 - Basic ping network traffic
server1 -
server2 -
server3 -
user1 - ping -c 100 10.0.0.1
user2 - ping -c 100 10.0.0.2
user5 - ping -c 100 10.0.0.3
attacker1 - ping -c 100 10.0.0.1
attacker2 - ping -c 100 10.0.0.2
attacker5 - ping -c 100 10.0.0.3
root-switch - sudo tshark -i eth2 -i eth3 -i eth4 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/root-capture-02-12-2018.csv
slave-switch-1 - sudo tshark -i eth1 -i eth3 -i eth4 -i eth5 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-capture-02-12-2018.csv
slave-switch-1-1 - sudo tshark -i eth1 -i eth3 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-1-capture-02-12-2018.csv
controller - frenetic http-controller --verbosity debug
controller - python ADAPTS/python/examples/openNetwork-ADAPTS.py
LOAD DATA LOCAL INFILE 'capture-02-12-2018.csv' INTO TABLE mtd.packet_logs FIELDS TERMINATED BY ',' LINES TERMINATED BY '\r\n' IGNORE 1 LINES (switch_id,trace_id,frame_number,frame_time_relative,frame_time,frame_protocols,frame_len,eth_src,eth_dst,eth_type,ip_proto,ip_src,ip_dst,tcp_srcport,tcp_dstport,udp_srcport,udp_dstport);
python ADAPTS/python/calcSS.py 1
python ADAPTS/python/calcSSByTime.py 1
Experiment example 2 - Full attack traffic
server1 - vlc -Idummy /var/www/html/bbb.mp4 --repeat --sout '#std{access=udp{ttl=7},mux=ts,dst=10.0.0.11,port=1234}'
server2 -
server3 -
user1 - vlc -Idummy udp://@:1234 --sout file/ts:bbb-vlc.mp4
user2 - ping 10.0.0.2
user5 - wget http://10.0.0.1/bbb.mp4
attacker1 - sudo slowhttptest -c 1000 -B -g -o my_body_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u http://10.0.0.1 -x 10 -p 3
attacker2 - scp -i .ssh/key [email protected]:/var/www/html/bbb.mp4 ./
attacker5 - ping 10.0.0.3
root-switch - sudo tshark -i eth2 -i eth3 -i eth4 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/root-capture-02-13-2018.csv
slave-switch-1 - sudo tshark -i eth1 -i eth3 -i eth4 -i eth5 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-capture-02-13-2018.csv
slave-switch-1-1 - sudo tshark -i eth1 -i eth3 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-1-capture-02-13-2018.csv
controller - frenetic http-controller --verbosity debug
controller - python ADAPTS/python/examples/openNetwork-ADAPTS.py
LOAD DATA LOCAL INFILE 'capture-02-13-2018.csv' INTO TABLE mtd.packet_logs FIELDS TERMINATED BY ',' LINES TERMINATED BY '\r\n' IGNORE 1 LINES (switch_id,trace_id,frame_number,frame_time_relative,frame_time,frame_protocols,frame_len,eth_src,eth_dst,eth_type,ip_proto,ip_src,ip_dst,tcp_srcport,tcp_dstport,udp_srcport,udp_dstport);
python ADAPTS/python/calcSS.py 2
python ADAPTS/python/calcSSByTime.py 2
Experiment example 3 - Full attack traffic with blocking
server1 -
server2 - iperf -s
server3 -
user1 - iperf -c 10.0.0.2
user2 - ping 10.0.0.2
user5 - wget http://10.0.0.1/bbb.mp4
attacker1 - scp -i .ssh/key [email protected]:/var/www/html/bbb.mp4 ./
attacker2 - scp -i .ssh/key [email protected]:/var/www/html/bbb.mp4 ./
attacker5 - sudo slowhttptest -c 1000 -B -g -o my_body_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u http://10.0.0.1 -x 10 -p 3
root-switch - sudo tshark -i eth2 -i eth3 -i eth4 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/root-capture-02-14-2018.csv
slave-switch-1 - sudo tshark -i eth1 -i eth3 -i eth4 -i eth5 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-capture-02-14-2018.csv
slave-switch-1-1 - sudo tshark -i eth1 -i eth3 -T fields -e frame.number -e frame.time_relative -e frame.time_epoch -e frame.protocols -e frame.len -e eth.src -e eth.dst -e eth.type -e ip.proto -e ip.src -e ip.dst -e tcp.srcport -e tcp.dstport -e udp.srcport -e udp.dstport -E header=y -E separator=, -E occurrence=f > /users/neelyt/slave-switch-1-1-capture-02-14-2018.csv
controller - frenetic http-controller --verbosity debug
controller - python ADAPTS/python/examples/openNetwork-ADAPTS.py
LOAD DATA LOCAL INFILE 'capture-02-14-2018.csv' INTO TABLE mtd.packet_logs FIELDS TERMINATED BY ',' LINES TERMINATED BY '\r\n' IGNORE 1 LINES (switch_id,trace_id,frame_number,frame_time_relative,frame_time,frame_protocols,frame_len,eth_src,eth_dst,eth_type,ip_proto,ip_src,ip_dst,tcp_srcport,tcp_dstport,udp_srcport,udp_dstport);
python ADAPTS/python/calcSS.py 3
python ADAPTS/python/calcSSByTime.py 3
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_1;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_1;
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_2;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_2;
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_3;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_3;
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_test_1_w;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_1_w;
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_test_2_w;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_2_w;
DELETE FROM mtd.suspiciousness_scores;
INSERT mtd.suspiciousness_scores SELECT * FROM mtd.suspiciousness_scores_test_3_w;
DELETE FROM mtd.suspiciousness_scores_by_time;
INSERT mtd.suspiciousness_scores_by_time SELECT * FROM mtd.suspiciousness_scores_by_time_3_w;