Loading manifests/l3_centralizedattackdetectorservice.yaml +2 −0 Original line number Original line Diff line number Diff line Loading @@ -42,6 +42,8 @@ spec: value: "0.5" value: "0.5" - name: MONITORED_KPIS_TIME_INTERVAL_AGG - name: MONITORED_KPIS_TIME_INTERVAL_AGG value: "60" value: "60" - name: TEST_ML_MODEL value: "0" readinessProbe: readinessProbe: exec: exec: command: ["/bin/grpc_health_probe", "-addr=:10001"] command: ["/bin/grpc_health_probe", "-addr=:10001"] Loading proto/l3_attackmitigator.proto +3 −4 Original line number Original line Diff line number Diff line Loading @@ -13,15 +13,14 @@ // limitations under the License. // limitations under the License. syntax = "proto3"; syntax = "proto3"; package l3_attackmitigator; import "context.proto"; import "context.proto"; import "l3_centralizedattackdetector.proto"; service L3Attackmitigator{ service L3Attackmitigator{ // Perform Mitigation rpc PerformMitigation (L3AttackmitigatorOutput) returns (l3_centralizedattackdetector.StatusMessage) {} rpc PerformMitigation (L3AttackmitigatorOutput) returns (context.Empty) {} // Get Mitigation rpc GetMitigation (context.Empty) returns (context.Empty) {} rpc GetMitigation (context.Empty) returns (context.Empty) {} // Get Configured ACL Rules rpc GetConfiguredACLRules (context.Empty) returns (ACLRules) {} rpc GetConfiguredACLRules (context.Empty) returns (ACLRules) {} } } Loading proto/l3_centralizedattackdetector.proto +9 −0 Original line number Original line Diff line number Diff line Loading @@ -13,6 +13,7 @@ // limitations under the License. // limitations under the License. syntax = "proto3"; syntax = "proto3"; package l3_centralizedattackdetector; import "context.proto"; import "context.proto"; Loading @@ -25,6 +26,10 @@ service L3Centralizedattackdetector { // Get the list of features used by the ML model in the CAD component // Get the list of features used by the ML model in the CAD component rpc GetFeaturesIds (context.Empty) returns (AutoFeatures) {} rpc GetFeaturesIds (context.Empty) returns (AutoFeatures) {} // Sets the list of attack IPs in order to be used to compute the prediction accuracy of the // ML model in the CAD component in case of testing the ML model. rpc SetAttackIPs (AttackIPs) returns (context.Empty) {} } } message Feature { message Feature { Loading Loading @@ -66,3 +71,7 @@ message L3CentralizedattackdetectorBatchInput { message StatusMessage { message StatusMessage { string message = 1; string message = 1; } } message AttackIPs { repeated string attack_ips = 1; } No newline at end of file src/l3_attackmitigator/README.md +8 −3 Original line number Original line Diff line number Diff line # l3_attackmitigator # L3 Attack Mitigator - Receives packages and process it with TSTAT - Functions: ReportSummarizeKpi(KpiList) Receives detected attacks from the Centralized Attack Detector component and performs the necessary mitigations. ## Functions: - PerformMitigation(L3AttackmitigatorOutput) -> StatusMessage - GetMitigation(Empty) -> Empty - GetConfiguredACLRules(Empty) -> ACLRules src/l3_attackmitigator/client/l3_attackmitigatorClient.py +13 −19 Original line number Original line Diff line number Diff line Loading @@ -15,17 +15,12 @@ import grpc, logging import grpc, logging from common.Constants import ServiceNameEnum from common.Constants import ServiceNameEnum from common.Settings import get_service_host, get_service_port_grpc from common.Settings import get_service_host, get_service_port_grpc from common.proto.context_pb2 import Empty from common.proto.l3_attackmitigator_pb2 import L3AttackmitigatorOutput, ACLRules from common.proto.l3_attackmitigator_pb2_grpc import L3AttackmitigatorStub from common.proto.l3_centralizedattackdetector_pb2 import StatusMessage from common.tools.client.RetryDecorator import retry, delay_exponential from common.tools.client.RetryDecorator import retry, delay_exponential from common.proto.l3_attackmitigator_pb2_grpc import ( from common.tools.grpc.Tools import grpc_message_to_json_string L3AttackmitigatorStub, ) from common.proto.l3_attackmitigator_pb2 import ( L3AttackmitigatorOutput, ACLRules ) from common.proto.context_pb2 import ( Empty ) LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__) MAX_RETRIES = 15 MAX_RETRIES = 15 Loading @@ -37,7 +32,7 @@ class l3_attackmitigatorClient: if not host: host = get_service_host(ServiceNameEnum.L3_AM) if not host: host = get_service_host(ServiceNameEnum.L3_AM) if not port: port = get_service_port_grpc(ServiceNameEnum.L3_AM) if not port: port = get_service_port_grpc(ServiceNameEnum.L3_AM) self.endpoint = "{}:{}".format(host, port) self.endpoint = "{}:{}".format(host, port) LOGGER.debug("Creating channel to {}...".format(self.endpoint)) LOGGER.debug("Creating channel to {:s}...".format(self.endpoint)) self.channel = None self.channel = None self.stub = None self.stub = None self.connect() self.connect() Loading @@ -54,23 +49,22 @@ class l3_attackmitigatorClient: self.stub = None self.stub = None @RETRY_DECORATOR @RETRY_DECORATOR def PerformMitigation(self, request: L3AttackmitigatorOutput) -> Empty: def PerformMitigation(self, request: L3AttackmitigatorOutput) -> StatusMessage: LOGGER.debug('PerformMitigation request: {}'.format(request)) LOGGER.debug('PerformMitigation request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.PerformMitigation(request) response = self.stub.PerformMitigation(request) LOGGER.debug('PerformMitigation result: {}'.format(response)) LOGGER.debug('PerformMitigation result: {:s}'.format(grpc_message_to_json_string(response))) return response return response @RETRY_DECORATOR @RETRY_DECORATOR def GetMitigation(self, request: Empty) -> Empty: def GetMitigation(self, request: Empty) -> Empty: LOGGER.debug('GetMitigation request: {}'.format(request)) LOGGER.debug('GetMitigation request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.GetMitigation(request) response = self.stub.GetMitigation(request) LOGGER.debug('GetMitigation result: {}'.format(response)) LOGGER.debug('GetMitigation result: {:s}'.format(grpc_message_to_json_string(response))) return response return response @RETRY_DECORATOR @RETRY_DECORATOR def GetConfiguredACLRules(self, request: Empty) -> ACLRules: def GetConfiguredACLRules(self, request: Empty) -> ACLRules: LOGGER.debug('GetConfiguredACLRules request: {}'.format(request)) LOGGER.debug('GetConfiguredACLRules request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.GetConfiguredACLRules(request) response = self.stub.GetConfiguredACLRules(request) LOGGER.debug('GetConfiguredACLRules result: {}'.format(response)) LOGGER.debug('GetConfiguredACLRules result: {:s}'.format(grpc_message_to_json_string(response))) return response return response Loading
manifests/l3_centralizedattackdetectorservice.yaml +2 −0 Original line number Original line Diff line number Diff line Loading @@ -42,6 +42,8 @@ spec: value: "0.5" value: "0.5" - name: MONITORED_KPIS_TIME_INTERVAL_AGG - name: MONITORED_KPIS_TIME_INTERVAL_AGG value: "60" value: "60" - name: TEST_ML_MODEL value: "0" readinessProbe: readinessProbe: exec: exec: command: ["/bin/grpc_health_probe", "-addr=:10001"] command: ["/bin/grpc_health_probe", "-addr=:10001"] Loading
proto/l3_attackmitigator.proto +3 −4 Original line number Original line Diff line number Diff line Loading @@ -13,15 +13,14 @@ // limitations under the License. // limitations under the License. syntax = "proto3"; syntax = "proto3"; package l3_attackmitigator; import "context.proto"; import "context.proto"; import "l3_centralizedattackdetector.proto"; service L3Attackmitigator{ service L3Attackmitigator{ // Perform Mitigation rpc PerformMitigation (L3AttackmitigatorOutput) returns (l3_centralizedattackdetector.StatusMessage) {} rpc PerformMitigation (L3AttackmitigatorOutput) returns (context.Empty) {} // Get Mitigation rpc GetMitigation (context.Empty) returns (context.Empty) {} rpc GetMitigation (context.Empty) returns (context.Empty) {} // Get Configured ACL Rules rpc GetConfiguredACLRules (context.Empty) returns (ACLRules) {} rpc GetConfiguredACLRules (context.Empty) returns (ACLRules) {} } } Loading
proto/l3_centralizedattackdetector.proto +9 −0 Original line number Original line Diff line number Diff line Loading @@ -13,6 +13,7 @@ // limitations under the License. // limitations under the License. syntax = "proto3"; syntax = "proto3"; package l3_centralizedattackdetector; import "context.proto"; import "context.proto"; Loading @@ -25,6 +26,10 @@ service L3Centralizedattackdetector { // Get the list of features used by the ML model in the CAD component // Get the list of features used by the ML model in the CAD component rpc GetFeaturesIds (context.Empty) returns (AutoFeatures) {} rpc GetFeaturesIds (context.Empty) returns (AutoFeatures) {} // Sets the list of attack IPs in order to be used to compute the prediction accuracy of the // ML model in the CAD component in case of testing the ML model. rpc SetAttackIPs (AttackIPs) returns (context.Empty) {} } } message Feature { message Feature { Loading Loading @@ -66,3 +71,7 @@ message L3CentralizedattackdetectorBatchInput { message StatusMessage { message StatusMessage { string message = 1; string message = 1; } } message AttackIPs { repeated string attack_ips = 1; } No newline at end of file
src/l3_attackmitigator/README.md +8 −3 Original line number Original line Diff line number Diff line # l3_attackmitigator # L3 Attack Mitigator - Receives packages and process it with TSTAT - Functions: ReportSummarizeKpi(KpiList) Receives detected attacks from the Centralized Attack Detector component and performs the necessary mitigations. ## Functions: - PerformMitigation(L3AttackmitigatorOutput) -> StatusMessage - GetMitigation(Empty) -> Empty - GetConfiguredACLRules(Empty) -> ACLRules
src/l3_attackmitigator/client/l3_attackmitigatorClient.py +13 −19 Original line number Original line Diff line number Diff line Loading @@ -15,17 +15,12 @@ import grpc, logging import grpc, logging from common.Constants import ServiceNameEnum from common.Constants import ServiceNameEnum from common.Settings import get_service_host, get_service_port_grpc from common.Settings import get_service_host, get_service_port_grpc from common.proto.context_pb2 import Empty from common.proto.l3_attackmitigator_pb2 import L3AttackmitigatorOutput, ACLRules from common.proto.l3_attackmitigator_pb2_grpc import L3AttackmitigatorStub from common.proto.l3_centralizedattackdetector_pb2 import StatusMessage from common.tools.client.RetryDecorator import retry, delay_exponential from common.tools.client.RetryDecorator import retry, delay_exponential from common.proto.l3_attackmitigator_pb2_grpc import ( from common.tools.grpc.Tools import grpc_message_to_json_string L3AttackmitigatorStub, ) from common.proto.l3_attackmitigator_pb2 import ( L3AttackmitigatorOutput, ACLRules ) from common.proto.context_pb2 import ( Empty ) LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__) MAX_RETRIES = 15 MAX_RETRIES = 15 Loading @@ -37,7 +32,7 @@ class l3_attackmitigatorClient: if not host: host = get_service_host(ServiceNameEnum.L3_AM) if not host: host = get_service_host(ServiceNameEnum.L3_AM) if not port: port = get_service_port_grpc(ServiceNameEnum.L3_AM) if not port: port = get_service_port_grpc(ServiceNameEnum.L3_AM) self.endpoint = "{}:{}".format(host, port) self.endpoint = "{}:{}".format(host, port) LOGGER.debug("Creating channel to {}...".format(self.endpoint)) LOGGER.debug("Creating channel to {:s}...".format(self.endpoint)) self.channel = None self.channel = None self.stub = None self.stub = None self.connect() self.connect() Loading @@ -54,23 +49,22 @@ class l3_attackmitigatorClient: self.stub = None self.stub = None @RETRY_DECORATOR @RETRY_DECORATOR def PerformMitigation(self, request: L3AttackmitigatorOutput) -> Empty: def PerformMitigation(self, request: L3AttackmitigatorOutput) -> StatusMessage: LOGGER.debug('PerformMitigation request: {}'.format(request)) LOGGER.debug('PerformMitigation request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.PerformMitigation(request) response = self.stub.PerformMitigation(request) LOGGER.debug('PerformMitigation result: {}'.format(response)) LOGGER.debug('PerformMitigation result: {:s}'.format(grpc_message_to_json_string(response))) return response return response @RETRY_DECORATOR @RETRY_DECORATOR def GetMitigation(self, request: Empty) -> Empty: def GetMitigation(self, request: Empty) -> Empty: LOGGER.debug('GetMitigation request: {}'.format(request)) LOGGER.debug('GetMitigation request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.GetMitigation(request) response = self.stub.GetMitigation(request) LOGGER.debug('GetMitigation result: {}'.format(response)) LOGGER.debug('GetMitigation result: {:s}'.format(grpc_message_to_json_string(response))) return response return response @RETRY_DECORATOR @RETRY_DECORATOR def GetConfiguredACLRules(self, request: Empty) -> ACLRules: def GetConfiguredACLRules(self, request: Empty) -> ACLRules: LOGGER.debug('GetConfiguredACLRules request: {}'.format(request)) LOGGER.debug('GetConfiguredACLRules request: {:s}'.format(grpc_message_to_json_string(request))) response = self.stub.GetConfiguredACLRules(request) response = self.stub.GetConfiguredACLRules(request) LOGGER.debug('GetConfiguredACLRules result: {}'.format(response)) LOGGER.debug('GetConfiguredACLRules result: {:s}'.format(grpc_message_to_json_string(response))) return response return response
