diff --git a/proto/l3_attackmitigator.proto b/proto/l3_attackmitigator.proto
index 39333718a5904d1617ba827d35149687ff903b65..532f2b6fdf3f555e06c6dd4bc995f60dc65bca07 100644
--- a/proto/l3_attackmitigator.proto
+++ b/proto/l3_attackmitigator.proto
@@ -27,13 +27,16 @@ service L3Attackmitigator{
message L3AttackmitigatorOutput {
float confidence = 1;
string timestamp = 2;
- string ip_o = 3;
- string tag_name = 4;
- int32 tag = 5;
- string flow_id = 6;
- string protocol = 7;
- string port_d = 8;
- string ml_id = 9;
- float time_start = 10;
- float time_end = 11;
+ string ip_o = 3;
+ string ip_d = 4;
+ string tag_name = 5;
+ int32 tag = 6;
+ string flow_id = 7;
+ string protocol = 8;
+ string port_o = 9;
+ string port_d = 10;
+ string ml_id = 11;
+ string service_id = 12;
+ float time_start = 13;
+ float time_end = 14;
}
diff --git a/proto/l3_centralizedattackdetector.proto b/proto/l3_centralizedattackdetector.proto
index 3cb1b0991b1dc4df2c268d511c0ebd6f9f9d80aa..e3358dcd705978f62e9ce500d3e0ddce7b7428f7 100644
--- a/proto/l3_centralizedattackdetector.proto
+++ b/proto/l3_centralizedattackdetector.proto
@@ -43,9 +43,10 @@ message L3CentralizedattackdetectorMetrics {
string ip_d = 11;
string port_d = 12;
string flow_id = 13;
- string protocol = 14;
- float time_start = 15;
- float time_end = 16;
+ string service_id = 14;
+ string protocol = 15;
+ float time_start = 16;
+ float time_end = 17;
}
message Empty {
diff --git a/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py b/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
index 8664704524ecef779235af3ca3dc765af7af4898..e53bcd214f57cb351cb2f3d24787898dce8bf155 100644
--- a/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
+++ b/src/l3_attackmitigator/service/l3_attackmitigatorServiceServicerImpl.py
@@ -14,41 +14,261 @@
from __future__ import print_function
import logging
-from common.proto.l3_attackmitigator_pb2 import (
- EmptyMitigator
+from common.proto.l3_centralizedattackdetector_pb2 import (
+ Empty
)
from common.proto.l3_attackmitigator_pb2_grpc import (
L3AttackmitigatorServicer,
)
+from common.proto.context_pb2 import (
+ Service, ServiceId, ServiceConfig, ServiceTypeEnum, ServiceStatusEnum, ServiceStatus, Context, ContextId, Uuid, Timestamp, ConfigRule, ConfigRule_Custom, ConfigActionEnum, Device, DeviceId, DeviceConfig, DeviceOperationalStatusEnum, DeviceDriverEnum, EndPoint, Link, LinkId, EndPoint, EndPointId, Topology, TopologyId
+)
+from common.proto.context_pb2_grpc import (
+ ContextServiceStub
+)
+from common.proto.service_pb2_grpc import (
+ ServiceServiceStub
+)
+from datetime import datetime
+import grpc
LOGGER = logging.getLogger(__name__)
+CONTEXT_CHANNEL = "192.168.165.78:1010"
+SERVICE_CHANNEL = "192.168.165.78:3030"
class l3_attackmitigatorServiceServicerImpl(L3AttackmitigatorServicer):
+ def GetNewService(self, service_id):
+ service = Service()
+ service_id_obj = self.GenerateServiceId(service_id)
+ """
+ ServiceId()
+ context_id = ContextId()
+ uuid = Uuid()
+ uuid.uuid = service_id
+ context_id.context_uuid.CopyFrom(uuid)
+ service_id_obj.context_id.CopyFrom(context_id)
+ service_id_obj.service_uuid.CopyFrom(uuid)
+ """
+ service.service_id.CopyFrom(service_id_obj)
+ service.service_type = ServiceTypeEnum.SERVICETYPE_L3NM
+ service_status = ServiceStatus()
+ service_status.service_status = ServiceStatusEnum.SERVICESTATUS_ACTIVE
+ service.service_status.CopyFrom(service_status)
+ timestamp = Timestamp()
+ timestamp.timestamp = datetime.timestamp(datetime.now())
+ service.timestamp.CopyFrom(timestamp)
+ return service
+
+ def GetNewContext(self, service_id):
+ context = Context()
+ context_id = ContextId()
+ uuid = Uuid()
+ uuid.uuid = service_id
+ context_id.context_uuid.CopyFrom(uuid)
+ context.context_id.CopyFrom(context_id)
+ return context
+
+ def GetNewDevice(self, service_id):
+ device = Device()
+ device_id = DeviceId()
+ uuid = Uuid()
+ uuid.uuid = service_id
+ device_id.device_uuid.CopyFrom(uuid)
+ device.device_type="test"
+ device.device_id.CopyFrom(device_id)
+ device.device_operational_status = DeviceOperationalStatusEnum.DEVICEOPERATIONALSTATUS_ENABLED
+ return device
+
+ def GetNewLink(self, service_id):
+ link = Link()
+ link_id = LinkId()
+ uuid = Uuid()
+ uuid.uuid = service_id
+ link_id.link_uuid.CopyFrom(uuid)
+ link.link_id.CopyFrom(link_id)
+ return link
+
+ def GetNewTopology(self,context_id, device_id, link_id):
+ topology = Topology()
+ topology_id = TopologyId()
+ topology_id.context_id.CopyFrom(context_id)
+ uuid = Uuid()
+ uuid.uuid = "test_crypto"
+ topology_id.topology_uuid.CopyFrom(uuid)
+ topology.topology_id.CopyFrom(topology_id)
+ topology.device_ids.extend([device_id])
+ topology.link_ids.extend([link_id])
+ return topology
+
+ def GetNewEndpoint(self, topology_id, device_id, uuid_name):
+ endpoint = EndPoint()
+ endpoint_id = EndPointId()
+ endpoint_id.topology_id.CopyFrom(topology_id)
+ endpoint_id.device_id.CopyFrom(device_id)
+ uuid = Uuid()
+ uuid.uuid = uuid_name
+ endpoint_id.endpoint_uuid.CopyFrom(uuid)
+ endpoint.endpoint_id.CopyFrom(endpoint_id)
+ endpoint.endpoint_type = "test"
+ return endpoint
+
+
def __init__(self):
LOGGER.debug("Creating Servicer...")
self.last_value = -1
self.last_tag = 0
-
+
+ context = self.GetNewContext("test_crypto")
+ print(context, flush=True)
+ print(self.SetContext(context))
+
+ service = self.GetNewService("test_crypto")
+ print("This is the new service", self.CreateService(service), flush = True)
+
+ ip_o = "127.0.0.1"
+ ip_d = "127.0.0.2"
+ port_o = "123"
+ port_d = "124"
+
+ service_id = self.GenerateServiceId("test_crypto")
+
+ config_rule = self.GetConfigRule(ip_o, ip_d, port_o, port_d)
+
+ service = self.GetService(service_id)
+ print("Service obtained from id", service, flush=True)
+
+ config_rule = self.GetConfigRule(ip_o, ip_d, port_o, port_d)
+
+ #service_config = service.service_config
+ #service_config.append(config_rule)
+
+ service_config = ServiceConfig()
+ service_config.config_rules.extend([config_rule])
+ service.service_config.CopyFrom(service_config)
+
+ device = self.GetNewDevice("test_crypto")
+ print("New device", device, flush=True)
+ device_id = self.SetDevice(device)
+
+ link = self.GetNewLink("test_crypto")
+ print("New link", link, flush=True)
+ link_id = self.SetLink(link)
+
+ topology = self.GetNewTopology(context.context_id, device.device_id, link.link_id)
+ print("New topology", topology, flush=True)
+ topology_id = self.SetTopology(topology)
+
+ endpoint = self.GetNewEndpoint(topology.topology_id, device.device_id, "test_crypto")
+ print("New endpoint", endpoint, flush=True)
+ link.link_endpoint_ids.extend([endpoint.endpoint_id])
+
+ self.SetLink(link)
+
+ print("Service with new rule", service, flush=True)
+ self.UpdateService(service)
+
+ service2 = self.GetService(service_id)
+ print("Service obtained from id after updating", service2, flush=True)
+
+
+ def GenerateRuleValue(self, ip_o, ip_d, port_o, port_d):
+ value = {
+ 'ipv4:source-address': ip_o,
+ 'ipv4:destination-address': ip_d,
+ 'transport:source-port': port_o,
+ 'transport:destination-port': port_d,
+ 'forwarding-action': 'DROP',
+ }
+ return value
+
+ def GetConfigRule(self, ip_o, ip_d, port_o, port_d):
+ config_rule = ConfigRule()
+ config_rule_custom = ConfigRule_Custom()
+ config_rule.action = ConfigActionEnum.CONFIGACTION_SET
+ config_rule_custom.resource_key = 'test'
+ config_rule_custom.resource_value = str(self.GenerateRuleValue(ip_o, ip_d, port_o, port_d))
+ config_rule.custom.CopyFrom(config_rule_custom)
+ return config_rule
+
+ def GenerateServiceId(self, service_id):
+ service_id_obj = ServiceId()
+ context_id = ContextId()
+ uuid = Uuid()
+ uuid.uuid = service_id
+ context_id.context_uuid.CopyFrom(uuid)
+ service_id_obj.context_id.CopyFrom(context_id)
+ service_id_obj.service_uuid.CopyFrom(uuid)
+ return service_id_obj
+
def SendOutput(self, request, context):
# SEND CONFIDENCE TO MITIGATION SERVER
- logging.debug("")
- print("Server received mitigation values...", request.confidence)
+ print("Server received mitigation values...", request.confidence, flush=True)
+
last_value = request.confidence
last_tag = request.tag
+
+ ip_o = request.ip_o
+ ip_d = request.ip_d
+ port_o = request.port_o
+ port_d = request.port_d
+
+ service_id = self.GenerateServiceId(request.service_id)
+
+ config_rule = self.GetConfigRule(ip_o, ip_d, port_o, port_d)
+
+ service = GetService(service_id)
+ print(service)
+ #service.config_rules.append(config_rule)
+ #UpdateService(service)
+
# RETURN OK TO THE CALLER
- return EmptyMitigator(
+ return Empty(
message=f"OK, received values: {last_tag} with confidence {last_value}."
)
+
+ def SetDevice(self, device):
+ with grpc.insecure_channel(CONTEXT_CHANNEL) as channel:
+ stub = ContextServiceStub(channel)
+ return stub.SetDevice(device)
+
+ def SetLink(self, link):
+ with grpc.insecure_channel(CONTEXT_CHANNEL) as channel:
+ stub = ContextServiceStub(channel)
+ return stub.SetLink(link)
+
+ def SetTopology(self, link):
+ with grpc.insecure_channel(CONTEXT_CHANNEL) as channel:
+ stub = ContextServiceStub(channel)
+ return stub.SetTopology(link)
+
+
+ def GetService(self, service_id):
+ with grpc.insecure_channel(CONTEXT_CHANNEL) as channel:
+ stub = ContextServiceStub(channel)
+ return stub.GetService(service_id)
+
+ def SetContext(self, context):
+ with grpc.insecure_channel(CONTEXT_CHANNEL) as channel:
+ stub = ContextServiceStub(channel)
+ return stub.SetContext(context)
+
+ def UpdateService(self, service):
+ with grpc.insecure_channel(SERVICE_CHANNEL) as channel:
+ stub = ServiceServiceStub(channel)
+ stub.UpdateService(service)
+
+ def CreateService(self, service):
+ with grpc.insecure_channel(SERVICE_CHANNEL) as channel:
+ stub = ServiceServiceStub(channel)
+ stub.CreateService(service)
def GetMitigation(self, request, context):
# GET OR PERFORM MITIGATION STRATEGY
logging.debug("")
print("Returing mitigation strategy...")
k = self.last_value * 2
- return EmptyMitigator(
+ return Empty(
message=f"Mitigation with double confidence = {k}"
)
-
-
diff --git a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
index ad05b0ee62e87ce9028dc043b693c1b4cae008b3..a84ac181ee70c66908e5fbd1a1254eb56d9a3c9b 100644
--- a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
+++ b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
@@ -70,12 +70,15 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
"confidence": None,
"timestamp": datetime.now().strftime("%d/%m/%Y %H:%M:%S"),
"ip_o": request.ip_o,
+ "ip_d": request.ip_d,
"tag_name": None,
"tag": None,
"flow_id": request.flow_id,
"protocol": request.protocol,
+ "port_o": request.port_o,
"port_d": request.port_d,
"ml_id": "RandomForest",
+ "service_id": request.service_id,
"time_start": request.time_start,
"time_end": request.time_end,
}
@@ -93,7 +96,7 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
def SendInput(self, request, context):
# PERFORM INFERENCE WITH SENT INPUTS
logging.debug("")
- print("Inferencing ...")
+ print("Inferencing ...", flush=True)
# STORE VALUES
self.inference_values.append(request)
@@ -102,22 +105,27 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
output = self.make_inference(request)
# SEND INFO TO MITIGATION SERVER
+
+
try:
- with grpc.insecure_channel("localhost:10002") as channel:
- stub = L3AttackmitigatorStub(channel)
- print("Sending to mitigator...")
- response = stub.SendOutput(output)
- print("Sent output to mitigator and received: ", response.message)
+ with grpc.insecure_channel("192.168.165.78:10002") as channel:
+ stub = L3AttackmitigatorStub(channel)
+ print("Sending to mitigator...")
+ response = stub.SendOutput(output)
+ #print("Response received", response, "Hola", flush=True)
+ #print("Sent output to mitigator and received: ", response.message) #FIX No message received
# RETURN "OK" TO THE CALLER
- return Empty(
- message="OK, information received and mitigator notified"
- )
- except:
+ return Empty(
+ message="OK, information received and mitigator notified"
+ )
+ except Exception as e:
+ print("This is an exception", repr(e), flush=True)
print('Couldnt find l3_attackmitigator')
return Empty(
message="Mitigator Not found"
)
+
def GetOutput(self, request, context):
logging.debug("")