# GAR-Project 2019-2020
This workgroup is a project created by 4 students of the University of Alcalá for the subject of Network Management and Administration of the fourth year.
## Abstract
The purpose of this project is to develop an artificial intelligence to classify possible DDoS attacks in an SDN network. This will be done by using data collectors such as Telegraf, Mininet to emulate the SDN network, and InfluxDB and Grafana as a means to store data and visualize it respectively. For non-English speakers we leave part of the content of this guide written in Spanish:
* Network Scenario - Mininet Guide: [Link](https://hackmd.io/@davidcawork/r1fZC-nRS)
* DDoS using hping3 tool Guide: [Link](https://hackmd.io/@davidcawork/HJ_D7jA0r)
* Mininet Internals (II) Guide: [Link](https://hackmd.io/@davidcawork/SyrwHoNJL)
**Keywords**: [`DDoS attacks`](https://www.digitalattackmap.com/); [`SDN network`](https://www.opennetworking.org/sdn-definition/); [`Artificial Intelligence classification`](https://www.sciencedirect.com/science/article/abs/pii/016974399500050X); [`Mininet`](http://mininet.org/)
<br>
## Index
- [Installation methods :wrench:](#installation-methods-wrench)
* Vagrant
* Native
- [Our scenario](#our-scenario)
* Running the scenario
* Is working properly?
- [Attack time! :boom:](#attack-time-boom)
+ Time to limit the links
+ Getting used to hping3
+ Installing things... again! :weary:
+ Usage
+ Demo time! :tada:
- [Traffic classification with a SVM (**S**upport **V**ector **M**achine)](#traffic-classification-with-a-svm-support-vector-machine)
* First step: Getting the data collection to work :dizzy_face:
* Second step: Generating the training datasets
* Third step: Putting it all together: `src/traffic_classifier.py`
- [Mininet CLI (**C**ommand **L**ine **I**nterface)](#mininet-cli-command-line-interface)
- [Mininet Internals](#mininet-internals-)
* Network Namespaces
- [Mininet Internals (II) <a name="mininet_internals_II"></a>](#mininet-internals-ii-)
* Is Mininet using Network Namespaces?
* The Big Picture
- How would our Kernel-level scenario look then?
- [Troubleshooting](#troubleshooting)
- [Appendix <a name="appendix"></a>](#appendix-)
* The Vagrantfile
* File descriptors: `stdout` and friends
---
## Notes
Throughout the document we will always be talking about 2 virtual machines (VMs) on which we implement the scenario we are discussing. In order to keep it simple we hace called one VM **controller** and the other one **test**. Even though the names may seem kind of random at the moment we promise they're not. Just keep this in mind as you continue reading.
<br>
---
## Installation methods :wrench:
We have created a **Vagrantfile** through which we provide each machine with the necessary scripts to install and configure the scenario. By working in a virtualized environment we make sure we all have the exact same configuration so that tracing and fixing erros becomes much easier. If you do not want to use Vagrant as a provider you can follow the native installation method we present below.
### Vagrant
First of all, clone the repository from GitHub :octocat: and navigate into the new directory with:
```bash
git clone https://github.com/GAR-Project/project
cd project
```
We power up the virtual machine through **Vagrant**:
```bash
vagrant up
```
And we have to connect to both machines. **Vagrant** provides a wrapper for the *SSH* utility that makes it a breeze to get into each virtual machine. The syntax is just `vagrant ssh <machine_name>` where the `<machine_name>` is given in the **Vagrantfile** (see the [appendix](#appendix)):
```bash
vagrant ssh test
vagrant ssh controller
```
We should already have all the machines configured with all the necessary tools to bring our network up with Mininet on the **test** VM, and Ryu on the **controller** VM. This includes every `python3` dependency as well as any needed packages.
#### Troubleshooting problems regarding SSH
If you have problems connecting via SSH to the machine, check that the keys in the path `.vagrant/machines/test/virtualbox/` are owned by the user, and have read-only permissions for the owner of the key.
``` bash
cd .vagrant/machines/test/virtualbox/
chmod 400 private_key
# We could also use this instead of "chmod 400" (u,g,o -> user, group, others)
# chmod u=r,go= private_key
```
Instead of using vagrant's manager to make the SSH connection, we can opt for manually doing it ourselves by passing the path to the private key to SSH. For example:
```bash
ssh -i .vagrant/machines/test/virtualbox/private_key vagrant@10.0.123.2
```
---
### Native
This method assumes you already have any VMs up and running with the correct configuration and dependencies installed. Ideally you should have 2 VMs. We will be running **Ryu** (the *SDN* controller) in one of them and we will have **mininet**'s emulated network with running in the other one. Try to use Ubuntu 16.04 (a.k.a **Xenial**) as the VM's distribution to avoid any mistakes we may have not encountered.
First of all clone the repository, just like how the Kaminoans :alien: do it and then navigate into it:
```bash
git clone https://github.com/GAR-Project/project
cd project
```
Manually launch the provisioning scripts in each machine:
```bash
# To install Mininet, Mininet's dependencies and telegraf. Run it on the "mininet" VM
sudo ./util/install_mininet.sh
sudo ./util/install_telegraf.sh
# To install Ryu and Monitoring system (Grafana + InfluxDB). Run it on the "controller" VM
sudo ./util/install_ryu.sh
sudo ./util/install_grafana_influxdb.sh
```
---
## Our scenario
Our network scenario is described in the following script: [`src/scenario_basic.py`](https://github.com/GAR-Project/project/blob/master/src/scenario_basic.py). Mininet makes use of a Python API to give users the ability to automate processes easily, or to develop certain modules at their convenience. For this and many other reasons, Mininet is a highly flexible and powerful tool for network emulation which is widely used by the scientific community.
* For more information about the API, see its [manual](http://mininet.org/api/annotated.html).
<!--![Escenario](https://i.imgur.com/kH7kAqB.png)-->
<!-- Using HTML let's us center images! It's kind of dirty though... -->
<p align="center">
<img src="https://i.imgur.com/kH7kAqB.png">
</p>
The image above presents us with the *logic* scenario we will be working with. As with many other areas in networking this logic picture doesn't correspond with the real implementation we are using. We have seen throughout the installation procedure how we are always talking about 2 VMs. If you read carefully you'll see that one VM's "names" are **controller** and **mininet**. So it should come as no surprise that the controller and the network itself are living in different machines!
The first question that may arise is how on Earth can we logically join these 2 together. When working with virtualized enviroments we will generate a virtual LAN where each VM is able to communicate with one another. Once we stop thinking about programs and abstract the idea of "*process*" we find that we can easily identify the **controller** which is just a **ryu** app, which is nothing more than a **python3** app with the **controller**'s VM **IP** address and the port number where the **ryu** is listening. We shouldn't forget that **any** process running within **any** host in the entire **Internet** can be identified with the host's **IP** address and the processes **port** number. Isn't it amazing?
Ok, the above sounds great but... Why should we let the controller live in a machine when we could have everything in a single machine and call it a day? We have our reasons:
* Facilitate teamwork, since the **AI's logic** will go directly into the controller's VM. This let's us increase both working group's independence. One may work on the mininet core and the d
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
项目名称:基于SVM算法的DDoS攻击识别系统 项目概述: DDoS(分布式拒绝服务)攻击是一种常见的网络攻击手段,它通过占用目标系统的资源,使得合法用户无法获得服务。为了有效识别和防御DDoS攻击,本项目将利用支持向量机(SVM)算法开发一个DDoS攻击识别系统。该系统通过对网络流量进行实时监控和分析,判断是否存在DDoS攻击行为,从而及时采取措施,保障网络安全。
资源推荐
资源详情
资源评论
收起资源包目录
python-基于SVM识别DDoS攻击.zip (27个子文件)
project-master
src
normal.py 1KB
scenario_basic.py 3KB
data_gathering.py 1KB
ddos.py 1KB
traffic_classifier.py 4KB
training_datasets
ICMP_data_class_1.csv 3KB
ICMP_data_class_0.csv 2KB
TODO.md 2KB
Vagrantfile 3KB
util
ansible_provisioning
Grafana_influxDB_telegraf
roles
Grafana
tasks
main.yml 962B
templates
InfluxDB_provisioning.yaml 454B
vars
main.yml 66B
InfluxDB
tasks
main.yml 413B
Telegraf
tasks
main.yml 424B
Monitoring_system_install.yml 200B
install_ryu.sh 436B
copy_files.sh 677B
install_mininet.sh 455B
install_grafana_influxdb.sh 1KB
install_telegraf.sh 558B
conf
project_dashboard.json 13KB
datasources.yaml 228B
telegraf_test_2_controller.conf 1KB
telegraf.conf 3KB
telegraf_mn_host.conf 1KB
main.yaml 145B
README.md 65KB
共 27 条
- 1
资源评论
就是一顿骚操作
- 粉丝: 446
- 资源: 40
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功