From 7f1185422725b9314288394067c5d1dadd378e50 Mon Sep 17 00:00:00 2001
From: luiscal4a <l.delacal@alumnos.upm.es>
Date: Thu, 20 Oct 2022 02:59:12 +0200
Subject: [PATCH] Added comments to document each class and method in the
 Centralized Attack Detector and Attack Mitigator components

---
 ..._attackmitigatorServiceServicerImpl.py.swp | Bin 0 -> 24576 bytes
 .../l3_attackmitigatorServiceServicerImpl.py  |  42 +-----------------
 ...alizedattackdetectorServiceServicerImpl.py |  40 ++++++++++++++---
 3 files changed, 36 insertions(+), 46 deletions(-)
 create mode 100644 src/l3_attackmitigator/service/.l3_attackmitigatorServiceServicerImpl.py.swp

diff --git a/src/l3_attackmitigator/service/.l3_attackmitigatorServiceServicerImpl.py.swp b/src/l3_attackmitigator/service/.l3_attackmitigatorServiceServicerImpl.py.swp
new file mode 100644
index 0000000000000000000000000000000000000000..65809863d885b43c2f574076dea8189e7171564b
GIT binary patch
literal 24576
zcmYc?2=nw+u+TGPU|?VnU|`5M2uS|&lbzwka~X!xq|&^SQji3GoSdImQk0*QlUjsd
zT^+<g{gSj|-Q<#@9NoOsa{c0>Wc?iD_{5Tu#N_PU%#zIX#FG3X{o>T3vdrXEEK<P`
z87NicnOl&fS5S%H=26+v5E$VhP+F3vYrz|8Y-DHv3JGN;MFnA@P!MwzkA}c#2#kin
zXb6mkz-S1JhQMeDjE2By2#k;rC@ElJsAphcV1oMB5lS<n(X3FuE|j)}(lB+*P`(0`
zPKDAic@`+&1xhzSX_!2eJ4%g)z-S1JhQMeDjE2By2#kinXb6mkz-S1JhQMeDjE2By
z2+$w|5>pr$ma{Q19A}5j|HJzKyZ9LxcJMPWl<_k#81pkQaPl)Su=6u8T;*e6xXj1E
z(96fb;K|3p@Q;^)VFxb*!*pH-hH1PE3<bOl42ir9457RX44%9U47R)s3^u$B41ahS
z7}oMIFtqV7FqHE!Fr@G>Fog0jFnIGYFj(_2FsSe_F!1p(F!1m&Fr4RRV3@?sz%Y@U
zfx&{Cf#Dq&1H(El28MDj1_lQ%1_paB1_miE28K_Z3=F3@85mA-GB7l9GB8wfGB8+k
zGB6l(GB8MUGB7;iU|@L2!N72YgMncc2LnSd2LnS72LnSK2Lpov2LppX2LppT2LppV
z2Ll5?2Lr<ob_Rxr><kR&*&*T4z|O#s%Fe*x!p^|J%Fe)Wk&S`j0viLvS~doTW;O<f
zCN>6!QZ@z#Ej9)QDK-X%&8!Rzn^+kbQdk)n99S6`L|GXaL|7RZuCXvMbg?inxU(=Y
zxUn!W2(U0PTw`Wnn99t+5XH>E5XsEIpv}y{@STZ)p@E5kA)JYUL5hii;RYiE!*xam
zhIQ~k5(OwwR&Y#7QE+tjam_0!s#GY+S18Fy1@VJQb5es-OBfiS3KbHQbK;9ib5i4r
zQ%m$xQj3#|G7CyF^YavJ6_i|p`~wt9^HNfaGmBDF6g)yg0)iDviW1Y(GLx0Cn^00&
zkg8y-;Fz2PvMHppAk{UmG*{2j*(WH}$2BA}z%|}8Aj|~2=DfsQkY=#Gx?tN7wkRuv
z_`CR9DU=qZB$lLty_1%olapVbnU}6mkXV$Mn_7}uRBWw~mS3chnO9trn3tTYqmY=A
z0#ci+kXVeQN+CZDB&v{`T9T2UqL7@QmzJ4cT9g_O3k|I9Q?Lbx7DP2T(DV|MbM#=L
z2iK#l5S&_~0P;VG2DzssBeNJ3`U=iqn?O>iF_4;<QjnjSR}!C@q6cS}mS(2tfd~a#
z1r$NJO(5sOWinIrQc^){VnBvKSs>joBann}8GyrwNLIjgLOkgTb+>1VLSk`oesX4F
zNooqA<c1o6(8LA_8OLN07o23A{r%iL-5s4nJpKLRgIz=5HiJBkWQ2mP0(31<d{Js)
zX=-ta9*hrBr3azF5mv01n3AHQ2{#L#Pmp3pAu|t}U!dlon~#V(r~<gf&iMtEZbkXI
z8u3sWgiTNZm{J8>1?U1L6xYD?DP$Ha6s0Dn=;r6;R9Y(}=ND8eWR`#eHY2etRUt7C
zk`EG-a#CTgQ^-v%E>28OMYs->#fuU%i&GU`E0R;exmrUBW^1)oajm98UVe!}T7GF>
zijrPheo<~>iAH)+L2^9QsQ8ln_^jgmy!hghqRhN>4VWJ?Q#3UZK1&4~ZUqlhkhL&>
zSiyV=j-{M5P+XLxR+Pji=VYelmFT&rmcSf@WH{WYlA=m0gnyJl>&OtA6>LF~1~SbV
zY#2&Fx~G=F0|w+Xm{Npk2>ama1v$6Cq(NeE_rL@*Q{Wy!VuF;yG8@dPATcc35z+67
znjD>rQbENVG*CQKz<M<mbnO)U^7B#=ft*rY5?_#CRAQx2TvDV1Rs{<8;-X}1!YRcd
zNhKvjajKhNT2fG2Vx<7r3R0mBDhfd%im(VG49!^xVcpC;kan={5GNNf4Kg3h0O=`C
z%}Ij?EF`uOp2mnUuxePC!Bsow=YbppSB-9XVQFe!a%y~Lih`|z0jgw9VsS})Nn$z<
znX<&3QczW+Yluh?KK}0Ru0eX4d1?6?O5k_^RV|Jspmm1|zOaRdumr6H$p9&-X$tZ2
znR%Hd@$niUUuZ(Y2ox5eVDQY#EXhpF$*f9MC`&BL1ZCJ_g~YrR1&Ak$K{Ziwer`d2
zUTR)Ru|jEaYKlT;o`Rz<*gGIol5-M^ixn_eKthuUlmahv)bKHeI2XQ55+<u@#lR5k
z8WiT~>>BUv;ppe*>I16a4K0oI49zU`49!gS%q^^p4U7$x7@Yn6LR=$4@TfC1Ff>qN
zfP|NVtwK(IdU|GFx?Xx}iBEoddTNnId_1TskB`@6U`Q*<&xPegJ&33Epss?%t3qZj
zC?Uhb6(R`H22Bt!Z79hBrVT|9rY$!&KToeDKR>5f4^*D%g@Bka9Uu`LB^-+Wf};GA
ze0V-DNHT&MfL>MUz}yaJc&1=62~=+(nc|q7<Cb4ko>-KEsPuF|4JV)cbTkoAdjZyz
zf`({vKG=^CH^Pdgf+VAOkndm)g@!YXDk)9E;w)$&$D?b81}w5>NRr3!J~*jDL_sc%
zcP=e1$<KupN(f;HKeRM61;T=w?+N8X?SZI=sDKKARDe?vil3334fC!B7T;m!8w`))
z%rw}IOHR!zDFWx{6v&$7l+=>c<dXa%kijsgxaJm=R5CC?lQyUhg|SOAb5mh#P+Y;-
z&`boeGd@18v;@>1jfWXnPy}inrj_P_8%PWc$_hD|xtS%2pypCBxQ$)}ZqfQ=Ca2~V
zr|L0)+GmhvGE@lMFb4GkiVIScGt)AY6><{u(n}N5Qx($l%TkN-K&4$lYEf=xadBpT
z9=McZP*w={4Ds*}4N(Yp3<`4e3-NRfR`3r}aQ63e@dUNZf))JT6de5`6}&zDTyzvt
zGfOg3ixg5T3W`#Tixogk@!W!(%+wT+gHkd<?TDmOP!kc<t3YuvsKtY<AU_Y(%29F*
zR`3i~QgCt%_6*ixP*w=d%K;e-s*k{ZlB7z7#DapH%w$l>s*sad4ze>by(ksZ49(0_
zC@;z^$;?aFQ7Fz&D=AMbN@Y-HPzDvv3JMt|B?VUc`sL;2dWi*z$r-77`9<maIglVM
z*7xyrcJ&K()iu&H0PBg&FIC7*tW?NPDoM=DQ%Hm~%b;BeSSTl!FeocjLREsASEa?E
zXvi#9NXyJgRe&^>Kt(*L)X&KT^->hdGfOhiV-IRx3R2uUg59V9mC;cMODzJ$l!B3-
zfr17oW|g2)N}ASS2ZNfUMVaXtB??9cMuxgZ21dpT9!3U61_~jmMTu@X`Q-{4pfD(g
z20}?{QDRz7ez|T2NReJ@slFxysQ-VKlYt?V3)26G&EH?-XJA;s&%ofx&%p4DkAdL>
z9|OZ_J_d#aJ_d#`J_ZI!J_d$6ybKJhc^Me0co`U&L2ModhD06)h6El41}z>21_mAm
zhE?1Q3@f=A7^=A$7^=7#7*x3#7%p)!FkIwfU^vOez;KX@fng&T1H&vX28L!X28Kc|
zh+DRBGBC{JWMG)W$-pp~lYya}lYt=`+P??&?WH&w7??O27~XL(FdXAxU^oix+jny?
zFcfnzFeGs>FlciyFg#;tU^vRoz_5s&fuV+-fx(WQfkA<tfkB>~f#EV61H&aY28KP*
zetZcV1A`|U0|PG`1H)xj28K(l3=Df%85m}>GB8B4GB7ByGBDg?VPKfS!oX0^!oZNm
z!oc9k!oZ-z!oZ-!!oZ-&!oYB!nSo&qGXukFW(J08W(EdZW(J1yObiU?m>3xHnHU)I
zm>3wcm>3wWnHU(Dm>3uyF)}bbWMp8N!N|Zc1=`OCH47jqSV5sEwWPEtPXS!uXh7TT
zwrNVx_6n#Y4^CYv`K6$~0=O%b0%|oW*eX<K*D7fu+CSN_HafWN1Zg2@DHwrEcaUw+
z5(?Tt3If{;Dl?#s4UkpEB}IuPsp*w^dU{ChBlpx2gmb`+Bpn4%22L$5(SbEMHLVyx
zzJgnZ!(0B|Ag#%%nPsUd3ScJ|TPak79bA%_UJJ=dNS=g9ffd$*oCG%?(s+UT1zOQS
zGj?i<0=T+?ih{bfX(g#ekRBJv!{7h~<+r@las^QD-zp}rx)$Dpg4V`HNL?hD5G;gY
zl^3)<M4%U>jIJGrdbsC6?NGF~w_YfC+yv?;SWga8p@Sk9Yj}V?ir15xNa+V*7|1|a
z2gMfDxQmBY@*oKihILaQlKGJ89wY(6Af1^7wwVRkbU`H0bil_aK)o$nXwpKAqhK9V
zL9;UzJaB?jKXmK_F~kB=sRtrZ&4I>LJV?eC#>q^9M+Qh7i#Aw#07)ZjgNbA7WFjmE
zM>japql{r`z|(`Wf?sO6LK&pGKxBAjc)J|tQivgXpn3y5jDaeSh+w$Rc&H8t1s!5Z
zttd&&OVNl%5{$*I7pYeW9vss^N>a+8;vp?F9c(Zx^SGy$Kw62Q#->JQL43ZB0ywcK
zfRkFj4unoYw$eW*1=Ign(>$bd$0!4^W^v@y4@$Wp3~Jx$73ZX;7HAkDTmX^*VW^cU
zsY#{j8cN}b;HHU!kwS55a(-S)u@a~}EX^xPEz(g)#nhdg50+D~Re-Uy6%66A3^E_u
zynv7QfQCJhMh!qpK)5(HuOu@sHAlf#!7VYTI2FYVhyw8LI#`gy(jjr>703V(hLu||
zQ*abpAf+%29`J#2$}>PMCYW2127;iW2<fRqi!{#^tWgvX8mmGid02u54;jD;3WOj$
z9AM##I<5c@w2-1wq;WQIvIC7lzzl>4zzqX)^A&7im7X3%04@(oyhySjF0vf5PEcw`
z_y#qFz-mE6!2k+Kuqe0!L={(pj1(XZY!szJ>s3g%Mggf_2Zc0fbTBhNPfsDBC^aP$
z+zo-`PH=O=N<p<)2PTyY8s11OE(QrIA*@A?HiRd@4lGFoxm5ww1OPJ>6clJaLItu2
z*YGH$vQJe=OU%qkP0>>bFUrqLhjsHkQxwV*LF2QamRD*Dw50<wE;9{Qq{bJe7UWba
zDB2<kpbk!FrdTN`C@U0H=49rTSSh4r7K6Glwt4xwxv9BHpslhX6G0d@_2HAB4(=tu
z(ksM@l+=>M%$#CGfTBpl2Vgxx2^3sYz~rHs8EeA;HcX93VX({$9l1p+wJ`@@Ax47T
z3eBC6h8e8Q<ml`Jn;t<p8#Fuu>RMOoC4v)|UQT{`JcJ3EP(m3O0nI4+_`{|L{QQ0V
z-Qjr#!=yCGI17qt7-KIW6W#oS!X1NLJpEt>gJ!_s=ECA(0H&ZI0h60plANIjY9E10
z5CvP%OoaxFi-;<O{~;P+tu3eq7#Ft&kdcWgDMg^3wylCvb*;X!5xjW|lFTf?tr=uI
zPR$@mWX%X;KndLplp#W#0~8XIlk<yGKyB@kd~h!v)<exq%u57!(i4k|Gt={OL4&6H
z;6bqD{2bl9Qc%Vz#t_h}$SBFpfyX0y_`vil*eW2}OsFn{xZ4&&=_r6`P!xa#KnxuP
zNU+#KC<qrM0Tuu;u-J}ewpF(pWOQahtreI7(palo4KcLV3d{hD!D9o9vBjWSF!;DQ
zG|R(>$}u%SC;dPj8So@9D6M6t!e+`q{r@?v3=AjOApL*X`ur>W3=C`d85nx`85nx_
z85qj>85kJ&85myhF)&=>V_-PJ$G~u$kAYz|9|J=_9|J=^9|MCw9|MCQ9|MCK9|MCD
z9|OZLUIvDrybKHnco`V>^D;0jhprKb=Vf4!0?F|(FkItdVA#OJz)-})z!1X2z!1#C
zz`)MKz`(}C!0-V&cCdn*fuWY0fx(fRfq|Wyfq{*if#Cxe1H*YP28LcP28J*$1_nMZ
z28J`73=Eq&85m}9GBDI~GB6}?GBAX3GBAX4GB5~pGB7;gU|_h<!N9PdgMp!tgMopW
zgMopGgMnc&bbMeQI|D;LI|G9mI|G9lI|G9#I|IWRHfY$;VC}`Ik)t6n8UmvsFd71s
zhX8Wd0>|JYVvrKjTpb-V9UU`GEJ=lSVMfPH(FSp$W1`?OOW4Q<d?XezQi@=KRAL$Y
zg!M;3(#V6K$l_SE!N#P}wZX(k$4pCeKucV}9e~j>)6p?gq}5H(B5icc6gv2rju@l_
zjYEJ%hrpOAXmuN`<Sj`|hj;A}?nfF{2G7QT$7;dqKnvG`Q}a^%!Rr8V&&q=O|A`z7
z42GPL{y%Jg{}X-&hHLx`47;K00NVH&7_#^o7()3O7##Q+7&Q4A7=-v47?`1B0-&*g
z4n78k5IzQmU_J&013m@@Ha-RhRz3!XAG{0<Yk3(M=JGNynDH_&nDR0(Jm+CxILyPq
zFoTDIVLA^3LnIFa11}E)!zpeChLhY343oJT7$UhD7$mqE818a0Fx-Le0jT0)U|{BA
zV7SG}z%UoOCLoFv>VC?bk)tMzhQMeDjE2By2#kinXb6mk0A>h)8jv6i-&!=f1#ff<
z9%zt4!Bzoj$OPO72c;9pY$Sa9A9OYj+**gMdjfAVL>gFu>jW+FE>RfWf(Kr@2kQsH
z*RH{~pdlu5VFOA~rHCaAC_Bes`alcPN4MZ9fLCN8k{oPw4YGJ-bPFB{TkuNaGYhb6
z*TWEmXLV4afu;ee06~+1C2lO5U~z^;3N$zf8T$Z@2S5rP(7qE;p#)kGpuqqD$Ugk}

literal 0
HcmV?d00001

diff --git a/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py b/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
index f4b34cda1..51533c784 100644
--- a/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
+++ b/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
@@ -53,46 +53,6 @@ class l3_attackmitigatorServiceServicerImpl(L3AttackmitigatorServicer):
         self.context_client = ContextClient()
         self.service_client = ServiceClient()
 
-    def GenerateRuleValue(self, ip_o, ip_d, port_o, port_d):
-        value = {
-            "ipv4:source-address": ip_o,
-            "ipv4:destination-address": ip_d,
-            "transport:source-port": port_o,
-            "transport:destination-port": port_d,
-            "forwarding-action": "DROP",
-        }
-
-        return value
-
-    def GenerateContextId(self, context_id):
-        context_id_obj = ContextId()
-        uuid = Uuid()
-        uuid.uuid = context_id
-        context_id_obj.context_uuid.CopyFrom(uuid)
-
-        return context_id_obj
-
-    def GenerateServiceId(self, service_id):
-        service_id_obj = ServiceId()
-        context_id = ContextId()
-        uuid = Uuid()
-        uuid.uuid = service_id
-        context_id.context_uuid.CopyFrom(uuid)
-        service_id_obj.context_id.CopyFrom(context_id)
-        service_id_obj.service_uuid.CopyFrom(uuid)
-
-        return service_id_obj
-
-    def GetConfigRule(self, ip_o, ip_d, port_o, port_d):
-        config_rule = ConfigRule()
-        config_rule_custom = ConfigRule_Custom()
-        config_rule.action = ConfigActionEnum.CONFIGACTION_SET
-        config_rule_custom.resource_key = "acl"
-        config_rule_custom.resource_value = json.dumps(self.GenerateRuleValue(ip_o, ip_d, port_o, port_d))
-        config_rule.custom.CopyFrom(config_rule_custom)
-
-        return config_rule
-
     def configure_acl_rule(
         self,
         context_uuid: str,
@@ -224,8 +184,10 @@ class l3_attackmitigatorServiceServicerImpl(L3AttackmitigatorServicer):
 
         return Empty(message=f"OK, received values: {last_tag} with confidence {last_value}.")
 
+"""
     def GetMitigation(self, request, context):
         logging.info("Returning mitigation strategy...")
         k = self.last_value * 2
 
         return Empty(message=f"Mitigation with double confidence = {k}")
+"""
diff --git a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
index 37fa9ce53..2de768810 100644
--- a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
+++ b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
@@ -46,6 +46,10 @@ classification_threshold = os.getenv("CAD_CLASSIFICATION_THRESHOLD", 0.5)
 
 
 class l3_centralizedattackdetectorServiceServicerImpl(L3CentralizedattackdetectorServicer):
+
+    """
+    Initialize variables, prediction model and clients of components used by CAD
+    """ 
     def __init__(self):
         LOGGER.info("Creating Centralized Attack Detector Service")
 
@@ -60,6 +64,13 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
         self.attackmitigator_client = l3_attackmitigatorClient()
 
+    """
+    Create the Cryptomining Detector Predicted Class KPI for a service and add it to the Monitoring Client
+        -input: 
+            + client: Monitoring Client object where the KPI will be tracked
+            + service_id: service ID where the KPI will be created
+        -output: KPI identifier representing the Cryptomining Detector Predicted Class KPI
+    """ 
     def create_predicted_class_kpi(self, client: MonitoringClient, service_id):
         kpi_description: KpiDescriptor = KpiDescriptor()
         kpi_description.kpi_description = "Cryptomining Detector Predicted Class (service: {})".format(service_id)
@@ -71,6 +82,13 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
         return new_kpi
 
+    """
+    Create the Cryptomining Detector Prediction KPI for a service and add it to the Monitoring Client
+        -input: 
+            + client: Monitoring Client object where the KPI will be tracked
+            + service_id: service ID where the KPI will be created
+        -output: KPI identifier representing the Cryptomining Detector Prediction KPI
+    """
     def create_class_prob_kpi(self, client: MonitoringClient, service_id):
         kpi_description: KpiDescriptor = KpiDescriptor()
         kpi_description.kpi_description = "Cryptomining Detector Prediction (service: {})".format(service_id)
@@ -82,6 +100,12 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
         return new_kpi
 
+    """
+    Classify connection as standard traffic or cryptomining attack and return results
+        -input: 
+            + request: L3CentralizedattackdetectorMetrics object with connection features information
+        -output: L3AttackmitigatorOutput object with information about the assigned class and prediction confidence
+    """
     def make_inference(self, request):
         x_data = np.array(
             [
@@ -132,6 +156,12 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
         return L3AttackmitigatorOutput(**output_message)
 
+    """
+    Receive features from Attack Mitigator, predict attack and communicate with Attack Mitigator
+        -input: 
+            + request: L3CentralizedattackdetectorMetrics object with connection features information
+        -output: Empty object with a message about the execution of the function
+    """
     def SendInput(self, request, context):
         # Store the data sent in the request
         self.inference_values.append(request)
@@ -173,7 +203,8 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
         self.monitoring_client.IncludeKpi(kpi_class)
         self.monitoring_client.IncludeKpi(kpi_prob)
-
+        
+        # Only notify Attack Mitigator when a cryptomining connection has been detected
         if output.tag_name == "Crypto":
             logging.info("Crypto attack detected")
 
@@ -183,11 +214,6 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
             )
 
             try:
-                """with grpc.insecure_channel("192.168.165.78:10002") as channel:
-                stub = L3AttackmitigatorStub(channel)
-                logging.info("Sending the connection information to the Attack Mitigator component...")
-                response = stub.SendOutput(output)"""
-
                 logging.info("Sending the connection information to the Attack Mitigator component...")
                 response = self.attackmitigator_client.SendOutput(output)
                 logging.info(
@@ -205,9 +231,11 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
 
             return Empty(message="Ok, information received (no attack detected)")
 
+"""
     def GetOutput(self, request, context):
         logging.info("Returning inference output...")
         k = np.multiply(self.inference_values, [2])
         k = np.sum(k)
 
         return self.make_inference(k)
+"""
-- 
GitLab