diff --git a/cad_log.txt b/cad_log.txt index 1bc94597b2aeaa3ba63664c43d22677bd0f4c744..3acbc926c66a32837c5f5e7ade31755da0c40a08 100644 --- a/cad_log.txt +++ b/cad_log.txt @@ -1,17 +1,207 @@ +INFO:__main__:Starting... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorService:Starting Service (tentative endpoint: 0.0.0.0:10001, max_workers: 10)... +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Creating Centralized Attack Detector Service +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Features: [3.0, 5.0, 7.0, 8.0, 9.0, 17.0, 19.0, 21.0, 22.0, 23.0] +DEBUG:monitoring.client.MonitoringClient:Creating channel to 10.152.183.5:7070... +DEBUG:monitoring.client.MonitoringClient:Channel created +DEBUG:l3_attackmitigator.client.l3_attackmitigatorClient:Creating channel to l3-attackmitigatorservice:10002... +DEBUG:l3_attackmitigator.client.l3_attackmitigatorClient:Channel created +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorService:Listening on 0.0.0.0:10001... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorService:Service started +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:GetFeaturesIds request: {"message": ""} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:GetFeaturesIds reply: {"auto_features": [3.0, 5.0, 7.0, 8.0, 9.0, 17.0, 19.0, 21.0, 22.0, 23.0]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:GetScalabilityConfig request: {"max_connection_time": 0.8, "time_to_stabilize": 1.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Received scalability config request +E0421 10:39:05.237784321 92 fork_posix.cc:76] Other threads are currently calling into gRPC, skipping fork() handlers +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:GetScalabilityConfig reply: {"message": "CSV generated"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Starting async prediction accuracy analysis 2 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Correct csv load: True +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.05719923973083496 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 1 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Creating KPIs for service context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:monitoring.client.MonitoringClient:SetKpi: {"kpi_description": "L3 - Confidence of the cryptomining detector in the security status in the last time interval of the service 635973d9-976c-4c6f-bb6d-cadca6dd2147", "kpi_id_list": [], "kpi_sample_type": "KPISAMPLETYPE_L3_SECURITY_STATUS_CRYPTO", "service_id": {"service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}} +DEBUG:monitoring.client.MonitoringClient:SetKpi result: {"kpi_id": {"uuid": "13"}} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPI l3_security_status +DEBUG:monitoring.client.MonitoringClient:SetKpi: {"kpi_description": "L3 - Security status of the service in a time interval of the service 635973d9-976c-4c6f-bb6d-cadca6dd2147 (\u201c0\u201d if no attack has been detected on the service and \u201c1\u201d if a cryptomining attack has been detected)", "kpi_id_list": [], "kpi_sample_type": "KPISAMPLETYPE_ML_CONFIDENCE", "service_id": {"service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}} +DEBUG:monitoring.client.MonitoringClient:SetKpi result: {"kpi_id": {"uuid": "14"}} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPI l3_ml_model_confidence +DEBUG:monitoring.client.MonitoringClient:SetKpi: {"kpi_description": "L3 - Number of attack connections detected in a time interval of the service 635973d9-976c-4c6f-bb6d-cadca6dd2147 (attacks of the same connection [origin IP, origin port, destination IP and destination port] are only considered once)", "kpi_id_list": [], "kpi_sample_type": "KPISAMPLETYPE_L3_UNIQUE_ATTACK_CONNS", "service_id": {"service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}} +DEBUG:monitoring.client.MonitoringClient:SetKpi result: {"kpi_id": {"uuid": "15"}} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPI l3_unique_attack_conns +DEBUG:monitoring.client.MonitoringClient:SetKpi: {"kpi_description": "L3 - Number of unique compromised clients of the service in a time interval of the service 635973d9-976c-4c6f-bb6d-cadca6dd2147 (attacks from the same origin IP are only considered once)", "kpi_id_list": [], "kpi_sample_type": "KPISAMPLETYPE_L3_UNIQUE_COMPROMISED_CLIENTS", "service_id": {"service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}} +DEBUG:monitoring.client.MonitoringClient:SetKpi result: {"kpi_id": {"uuid": "16"}} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPI l3_unique_compromised_clients +DEBUG:monitoring.client.MonitoringClient:SetKpi: {"kpi_description": "L3 - number of unique attackers of the service in a time interval of the service 635973d9-976c-4c6f-bb6d-cadca6dd2147 (attacks from the same destination IP are only considered once)", "kpi_id_list": [], "kpi_sample_type": "KPISAMPLETYPE_L3_UNIQUE_ATTACKERS", "service_id": {"service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}} +DEBUG:monitoring.client.MonitoringClient:SetKpi result: {"kpi_id": {"uuid": "17"}} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPI l3_unique_attackers +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Created KPIs for service context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:self.time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval: 60 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:0:01:00 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.674563 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:No KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0007340908050537109 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.0046796798706 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0006234645843505859 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 2 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.681895 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073545.6827891 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073545.6827891 +} +kpi_value { + floatVal: 1 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073545.6827891 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073545.6827891 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073545.6827891 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.682789}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.378348}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 1.0}, "timestamp": {"timestamp": 1682073545.682789}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.378348}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.682789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.682789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.682789}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04236602783203125 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:52944:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '52944', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.062409162521362305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -31,122 +221,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975274801254272 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 736.8120934963226 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.07375955581665 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037508543212317957 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013569552639101628 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026459404034540057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0032253265380859375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00042819976806640625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7425 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.428412 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 3 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.749488 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.428951 + timestamp: 1682073545.749773 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.428951 + timestamp: 1682073545.749773 } kpi_value { - floatVal: 0.999999583 + floatVal: 1 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.428951 + timestamp: 1682073545.749773 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.428951 + timestamp: 1682073545.749773 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.428951 + timestamp: 1682073545.749773 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.428951}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.749773}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.428951}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 1.0}, "timestamp": {"timestamp": 1682073545.749773}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.428951}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.749773}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.428951}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.749773}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.428951}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.749773}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04822707176208496 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03148508071899414 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -166,122 +351,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975278377532959 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 736.8683547973633 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.1104040145874 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000375062644155834 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013568653165070747 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026454852195456624 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002385377883911133 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005080699920654297 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7426 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.483665 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 4 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.785591 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.4838779 + timestamp: 1682073545.7858281 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.4838779 + timestamp: 1682073545.7858281 } kpi_value { - floatVal: 0.999999583 + floatVal: 1 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.4838779 + timestamp: 1682073545.7858281 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.4838779 + timestamp: 1682073545.7858281 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.4838779 + timestamp: 1682073545.7858281 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.483878}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.785828}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.483878}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 1.0}, "timestamp": {"timestamp": 1682073545.785828}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.483878}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.785828}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.483878}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.785828}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.483878}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.785828}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02221226692199707 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03724169731140137 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -301,122 +481,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975281357765198 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 736.8975443840027 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.15265393257141 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 331.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003750286131047798 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013567771359669452 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002645030035637319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002225160598754883 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004820823669433594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7427 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.511359 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 5 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.829454 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.511586 + timestamp: 1682073545.82967 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.511586 + timestamp: 1682073545.82967 } kpi_value { - floatVal: 0.999999583 + floatVal: 1 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.511586 + timestamp: 1682073545.82967 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.511586 + timestamp: 1682073545.82967 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.511586 + timestamp: 1682073545.82967 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.511586}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.82967}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.511586}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 1.0}, "timestamp": {"timestamp": 1682073545.82967}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.511586}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.82967}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.511586}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.82967}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.511586}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.82967}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06377553939819336 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.054526567459106445 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -436,122 +611,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975284934043884 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 736.9667754173279 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.2134485244751 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 7.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 398.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003750124207764135 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013566865219961114 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004604816436767578 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00044655799865722656 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7428 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.583953 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 6 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.888435 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.5843151 + timestamp: 1682073545.8888209 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.5843151 + timestamp: 1682073545.8888209 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999572933 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.5843151 + timestamp: 1682073545.8888209 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.5843151 + timestamp: 1682073545.8888209 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.5843151 + timestamp: 1682073545.8888209 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.584315}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.888821}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.584315}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957293}, "timestamp": {"timestamp": 1682073545.888821}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.584315}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.888821}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.584315}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.888821}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.584315}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.888821}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03940248489379883 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03772783279418945 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -571,122 +741,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975288510322571 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.0150806903839 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.25556015968323 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 8.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 465.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003749882816674276 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013565968040207283 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026803016662597656 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004100799560546875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7429 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.629842 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:05.930577 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.6300881 + timestamp: 1682073545.930809 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.6300881 + timestamp: 1682073545.930809 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999288201 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.6300881 + timestamp: 1682073545.930809 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.6300881 + timestamp: 1682073545.930809 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.6300881 + timestamp: 1682073545.930809 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.630088}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.930809}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.630088}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9992882}, "timestamp": {"timestamp": 1682073545.930809}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.630088}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.930809}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.630088}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.930809}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.630088}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073545.930809}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.09805011749267578 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04091477394104004 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:05', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -706,122 +871,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997529149055481 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.1195316314697 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.30091595649719 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 532.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003749791653478997 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013565057366761281 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003282308578491211 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001332998275756836 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7430 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.737021 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 8 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.245691 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.737277 + timestamp: 1682073546.246686 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.737277 + timestamp: 1682073546.246686 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99908483 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.737277 + timestamp: 1682073546.246686 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.737277 + timestamp: 1682073546.246686 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.737277 + timestamp: 1682073546.246686 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.737277}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.246686}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.737277}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99908483}, "timestamp": {"timestamp": 1682073546.246686}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.737277}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.246686}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.737277}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.246686}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.737277}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.246686}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03847861289978027 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03935599327087402 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -841,122 +1001,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975295066833496 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.1671261787415 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.61547470092773 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 532.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003749596388826189 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013564155044455727 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0030846595764160156 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008025169372558594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7431 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.786129 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 9 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.292862 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.7864339 + timestamp: 1682073546.293942 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.7864339 + timestamp: 1682073546.293942 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999199212 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.7864339 + timestamp: 1682073546.293942 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.7864339 + timestamp: 1682073546.293942 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.7864339 + timestamp: 1682073546.293942 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.786434}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.293942}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.786434}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9991992}, "timestamp": {"timestamp": 1682073546.293942}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.786434}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.293942}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.786434}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.293942}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.786434}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.293942}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02551126480102539 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04586052894592285 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -976,122 +1131,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975298643112183 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.2032861709595 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.66817998886108 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 532.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037493949213548413 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013563253581901323 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446598349139094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003973484039306641 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00042057037353515625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7432 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.820330 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 10 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.343196 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.820919 + timestamp: 1682073546.343446 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.820919 + timestamp: 1682073546.343446 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999288201 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.820919 + timestamp: 1682073546.343446 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.820919 + timestamp: 1682073546.343446 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.820919 + timestamp: 1682073546.343446 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.820919}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.343446}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.820919}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9992882}, "timestamp": {"timestamp": 1682073546.343446}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.820919}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.343446}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.820919}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.343446}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.820919}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.343446}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.09114289283752441 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03568291664123535 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1111,122 +1261,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975301623344421 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.3031227588654 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.7083158493042 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 532.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003749204378508179 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001356235113160558 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003102540969848633 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004875659942626953 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7433 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.918789 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 11 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.383840 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.9192791 + timestamp: 1682073546.3840361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.9192791 + timestamp: 1682073546.3840361 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999359369 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.9192791 + timestamp: 1682073546.3840361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.9192791 + timestamp: 1682073546.3840361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.9192791 + timestamp: 1682073546.3840361 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.919279}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.384036}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.919279}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99935937}, "timestamp": {"timestamp": 1682073546.384036}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.919279}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.384036}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.919279}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.384036}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.919279}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.384036}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.030182838439941406 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02691936492919922 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1246,122 +1391,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975305199623108 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.3406460285187 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.74018263816833 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 532.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003749072292916961 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013561443698191422 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446598349139094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026710033416748047 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004227161407470703 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7434 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:20.956457 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 12 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.415048 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725080.9566841 + timestamp: 1682073546.41528 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725080.9566841 + timestamp: 1682073546.41528 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999417603 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725080.9566841 + timestamp: 1682073546.41528 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725080.9566841 + timestamp: 1682073546.41528 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725080.9566841 + timestamp: 1682073546.41528 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.956684}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.41528}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725080.956684}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994176}, "timestamp": {"timestamp": 1682073546.41528}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.956684}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.41528}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.956684}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.41528}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725080.956684}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.41528}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04319596290588379 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:20', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027428150177001953 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1381,122 +1521,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975308775901794 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.391529083252 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.7727518081665 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 11.0}, {"feature": 10.0}, {"feature": 524.0}, {"feature": 7.0}, {"feature": 857.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003748897745157514 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001356054001838609 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004405498504638672 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007052421569824219 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7435 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.009972 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 13 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.481513 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.010345 + timestamp: 1682073546.4820261 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.010345 + timestamp: 1682073546.4820261 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999466121 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.010345 + timestamp: 1682073546.4820261 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.010345 + timestamp: 1682073546.4820261 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.010345 + timestamp: 1682073546.4820261 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.010345}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.482026}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.010345}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994661}, "timestamp": {"timestamp": 1682073546.482026}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.010345}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.482026}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.010345}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.482026}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.010345}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.482026}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02516484260559082 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.036804914474487305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1516,122 +1651,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975311756134033 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.426860332489 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.84843802452087 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41294:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41294", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 16.0}, {"feature": 15.0}, {"feature": 1244.0}, {"feature": 8.0}, {"feature": 1723.0}, {"feature": 16.0}, {"feature": 16.0}, {"feature": 1446.0}, {"feature": 6.0}, {"feature": 2027.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003748720421633273 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355963679145601 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644584747031331 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0024716854095458984 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007724761962890625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7436 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.041834 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 14 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.524725 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.042058 + timestamp: 1682073546.5252969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.042058 + timestamp: 1682073546.5252969 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999507189 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.042058 + timestamp: 1682073546.5252969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.042058 + timestamp: 1682073546.5252969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.042058 + timestamp: 1682073546.5252969 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.042058}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.525297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.042058}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995072}, "timestamp": {"timestamp": 1682073546.525297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.042058}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.525297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.042058}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.525297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.042058}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.525297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.051283836364746094 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41294:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41294', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06318283081054688 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1651,122 +1781,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997531533241272 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.4847633838654 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.91736316680908 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41294:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41294", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 16.0}, {"feature": 15.0}, {"feature": 1244.0}, {"feature": 8.0}, {"feature": 1723.0}, {"feature": 17.0}, {"feature": 17.0}, {"feature": 1446.0}, {"feature": 7.0}, {"feature": 2457.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037487519140640434 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013558725399259845 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028128623962402344 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004677772521972656 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7437 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.100205 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 15 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.592105 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.1004381 + timestamp: 1682073546.5923891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.1004381 + timestamp: 1682073546.5923891 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999360263 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.1004381 + timestamp: 1682073546.5923891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.1004381 + timestamp: 1682073546.5923891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.1004381 + timestamp: 1682073546.5923891 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.100438}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.592389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.100438}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99936026}, "timestamp": {"timestamp": 1682073546.592389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.100438}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.592389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.100438}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.592389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.100438}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.592389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024719715118408203 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41294:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41294', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02838921546936035 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1786,122 +1911,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975318908691406 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.5165696144104 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 101.95126247406006 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41294:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41294", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 17.0}, {"feature": 16.0}, {"feature": 1244.0}, {"feature": 8.0}, {"feature": 1723.0}, {"feature": 17.0}, {"feature": 17.0}, {"feature": 1446.0}, {"feature": 7.0}, {"feature": 2457.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003748525334072619 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355782799954048 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644584747031331 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002314329147338867 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009121894836425781 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7438 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.130843 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 16 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.676651 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.131048 + timestamp: 1682073546.677588 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.131048 + timestamp: 1682073546.677588 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99940294 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.131048 + timestamp: 1682073546.677588 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.131048 + timestamp: 1682073546.677588 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.131048 + timestamp: 1682073546.677588 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.131048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.677588}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.131048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99940294}, "timestamp": {"timestamp": 1682073546.677588}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.131048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.677588}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.131048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.677588}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.131048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.677588}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07859992980957031 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41294:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41294', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03514742851257324 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -1921,122 +2041,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975321888923645 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.6011502742767 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.04250073432922 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41294:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41294", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 18.0}, {"feature": 17.0}, {"feature": 1244.0}, {"feature": 8.0}, {"feature": 1723.0}, {"feature": 17.0}, {"feature": 17.0}, {"feature": 1446.0}, {"feature": 7.0}, {"feature": 2457.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037483999710551325 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013556921013335292 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0032639503479003906 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009233951568603516 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7439 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.217441 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 17 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.719191 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.217716 + timestamp: 1682073546.7200871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.217716 + timestamp: 1682073546.7200871 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999440253 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.217716 + timestamp: 1682073546.7200871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.217716 + timestamp: 1682073546.7200871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.217716 + timestamp: 1682073546.7200871 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.217716}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.720087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.217716}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99944025}, "timestamp": {"timestamp": 1682073546.720087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.217716}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.720087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.217716}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.720087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.217716}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.720087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07285952568054199 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41294:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41294', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0707697868347168 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2056,122 +2171,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975325465202332 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.6819558143616 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.1208438873291 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41294:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41294", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 19.0}, {"feature": 18.0}, {"feature": 1267.0}, {"feature": 9.0}, {"feature": 1746.0}, {"feature": 17.0}, {"feature": 17.0}, {"feature": 1446.0}, {"feature": 7.0}, {"feature": 2457.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037482638662006277 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013556014982080155 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446598349139094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0024695396423339844 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009217262268066406 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7440 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.296549 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 18 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.801212 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.2967551 + timestamp: 1682073546.8034639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.2967551 + timestamp: 1682073546.8034639 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999473155 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.2967551 + timestamp: 1682073546.8034639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.2967551 + timestamp: 1682073546.8034639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.2967551 + timestamp: 1682073546.8034639 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.296755}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.803464}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.296755}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99947315}, "timestamp": {"timestamp": 1682073546.803464}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.296755}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.803464}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.296755}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.803464}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.296755}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.803464}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027693510055541992 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41294:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41294', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07662439346313477 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2191,122 +2301,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975329041481018 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.7158424854279 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.20833945274353 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42096:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42096", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 8.0}, {"feature": 7.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 23.0}, {"feature": 23.0}, {"feature": 4593.0}, {"feature": 18.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003748049804434669 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355511662668694 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002269744873046875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008838176727294922 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7441 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.330287 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 19 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.885967 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.330492 + timestamp: 1682073546.8869109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.330492 + timestamp: 1682073546.8869109 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99950242 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.330492 + timestamp: 1682073546.8869109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.330492 + timestamp: 1682073546.8869109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.330492 + timestamp: 1682073546.8869109 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.330492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.886911}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.330492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995024}, "timestamp": {"timestamp": 1682073546.886911}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.330492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.886911}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.330492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.886911}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.330492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.886911}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0609278678894043 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42096:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42096', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04272580146789551 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2326,122 +2431,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975332617759705 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.7828378677368 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.25909328460693 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42096:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42096", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 8.0}, {"feature": 7.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 24.0}, {"feature": 24.0}, {"feature": 4593.0}, {"feature": 18.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003747896708467852 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355421231237711 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644584747031331 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025463104248046875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007226467132568359 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7442 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.399365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 20 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.936234 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.399605 + timestamp: 1682073546.93678 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.399605 + timestamp: 1682073546.93678 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999528646 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.399605 + timestamp: 1682073546.93678 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.399605 + timestamp: 1682073546.93678 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.399605 + timestamp: 1682073546.93678 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.399605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.93678}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.399605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99952865}, "timestamp": {"timestamp": 1682073546.93678}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.399605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.93678}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.399605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.93678}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.399605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.93678}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.031781911849975586 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42096:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42096', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04621720314025879 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2461,122 +2561,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975335597991943 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.8231346607208 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.31261372566223 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 10.0}, {"feature": 8.0}, {"feature": 524.0}, {"feature": 4.0}, {"feature": 656.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037476643375484553 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355331657200299 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644549822434783 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003267049789428711 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007355213165283203 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7443 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.438712 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 21 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:06.989205 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.438942 + timestamp: 1682073546.9899039 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.438942 + timestamp: 1682073546.9899039 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99955219 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.438942 + timestamp: 1682073546.9899039 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.438942 + timestamp: 1682073546.9899039 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.438942 + timestamp: 1682073546.9899039 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.438942}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.989904}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.438942}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995522}, "timestamp": {"timestamp": 1682073546.989904}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.438942}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.989904}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.438942}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.989904}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.438942}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073546.989904}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06354856491088867 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.047254085540771484 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:06', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2596,122 +2691,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997533917427063 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.8952939510345 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.36659336090088 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 11.0}, {"feature": 9.0}, {"feature": 524.0}, {"feature": 4.0}, {"feature": 656.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1854:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1854", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037474333603147264 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001355242083976757 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026444598915986717 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003720998764038086 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00080108642578125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7444 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.512485 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 22 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.043885 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.513046 + timestamp: 1682073547.0443871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.513046 + timestamp: 1682073547.0443871 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999573529 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.513046 + timestamp: 1682073547.0443871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.513046 + timestamp: 1682073547.0443871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.513046 + timestamp: 1682073547.0443871 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.513046}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.044387}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.513046}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995735}, "timestamp": {"timestamp": 1682073547.044387}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.513046}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.044387}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.513046}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.044387}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.513046}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.044387}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0639491081237793 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05295968055725098 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1854:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1854', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2731,122 +2821,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975342750549316 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 737.9680941104889 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.42733860015869 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 11.0}, {"feature": 9.0}, {"feature": 524.0}, {"feature": 4.0}, {"feature": 656.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037473116754607375 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013551514706787587 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644549822434783 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0038917064666748047 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007297992706298828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7445 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.585490 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 23 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.104193 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.58653 + timestamp: 1682073547.107657 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.58653 + timestamp: 1682073547.107657 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.9995929 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.58653 + timestamp: 1682073547.107657 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.58653 + timestamp: 1682073547.107657 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.58653 + timestamp: 1682073547.107657 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.58653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.107657}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.58653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995929}, "timestamp": {"timestamp": 1682073547.107657}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.58653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.107657}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.58653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.107657}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.58653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.107657}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03218531608581543 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.044928550720214844 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -2866,122 +2951,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975345730781555 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.010707616806 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.4799427986145 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 12.0}, {"feature": 10.0}, {"feature": 524.0}, {"feature": 4.0}, {"feature": 656.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003747062199002218 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013550621787608104 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026444598915986717 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003691434860229492 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008497238159179688 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7446 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.627733 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 24 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.156764 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.6284161 + timestamp: 1682073547.157696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.6284161 + timestamp: 1682073547.157696 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999610603 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.6284161 + timestamp: 1682073547.157696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.6284161 + timestamp: 1682073547.157696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.6284161 + timestamp: 1682073547.157696 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.628416}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.157696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.628416}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996106}, "timestamp": {"timestamp": 1682073547.157696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.628416}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.157696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.628416}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.157696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.628416}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.157696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05566596984863281 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.037650108337402344 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3001,122 +3081,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975349307060242 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.0751059055328 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.52520966529846 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 849.0}, {"feature": 5.0}, {"feature": 981.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037467882722929844 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013549732570277122 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026443699607625604 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0046842098236083984 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008652210235595703 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7447 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.693206 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 25 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.202368 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.694494 + timestamp: 1682073547.203377 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.694494 + timestamp: 1682073547.203377 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999626815 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.694494 + timestamp: 1682073547.203377 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.694494 + timestamp: 1682073547.203377 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.694494 + timestamp: 1682073547.203377 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.694494}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.203377}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.694494}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996268}, "timestamp": {"timestamp": 1682073547.203377}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.694494}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.203377}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.694494}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.203377}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.694494}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.203377}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03887677192687988 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.053139686584472656 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3136,122 +3211,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975352883338928 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.1253077983856 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.58569812774658 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 849.0}, {"feature": 5.0}, {"feature": 981.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746660620873323 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013548827395698465 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026444598915986717 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003027677536010742 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001283884048461914 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7448 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.742032 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 26 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.279321 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.7423229 + timestamp: 1682073547.28033 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.7423229 + timestamp: 1682073547.28033 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999641776 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.7423229 + timestamp: 1682073547.28033 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.7423229 + timestamp: 1682073547.28033 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.7423229 + timestamp: 1682073547.28033 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.742323}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.28033}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.742323}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996418}, "timestamp": {"timestamp": 1682073547.28033}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.742323}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.28033}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.742323}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.28033}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.742323}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.28033}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07634115219116211 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06280875205993652 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3271,122 +3341,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975355863571167 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.2112176418304 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.67292833328247 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 14.0}, {"feature": 12.0}, {"feature": 849.0}, {"feature": 6.0}, {"feature": 1306.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746713831932491 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013547918704115978 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644549822434783 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005460500717163086 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0012831687927246094 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7449 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.831729 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 27 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.350187 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.832943 + timestamp: 1682073547.351022 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.832943 + timestamp: 1682073547.351022 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999655545 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.832943 + timestamp: 1682073547.351022 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.832943 + timestamp: 1682073547.351022 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.832943 + timestamp: 1682073547.351022 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.832943}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.351022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.832943}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99965554}, "timestamp": {"timestamp": 1682073547.351022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.832943}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.351022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.832943}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.351022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.832943}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.351022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04543018341064453 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03785443305969238 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3406,122 +3471,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975359439849854 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.2701966762543 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.71730756759644 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:60330:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "60330", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 14.0}, {"feature": 12.0}, {"feature": 849.0}, {"feature": 6.0}, {"feature": 1306.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 1016.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037466877320587583 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013547009604597399 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644584747031331 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003590822219848633 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.000392913818359375 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7450 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.887343 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 28 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.392013 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.8887191 + timestamp: 1682073547.392216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.8887191 + timestamp: 1682073547.392216 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.9996683 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.8887191 + timestamp: 1682073547.392216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.8887191 + timestamp: 1682073547.392216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.8887191 + timestamp: 1682073547.392216 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.888719}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.392216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.888719}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996683}, "timestamp": {"timestamp": 1682073547.392216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.888719}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.392216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.888719}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.392216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.888719}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.392216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04587697982788086 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:60330:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '60330', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03467965126037598 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3541,122 +3601,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975362420082092 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.325519323349 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.7560670375824 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746572558580229 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013546104148522762 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002644619671627879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004166841506958008 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.000408172607421875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7451 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.943671 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 29 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.433653 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.9444749 + timestamp: 1682073547.433851 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.9444749 + timestamp: 1682073547.433851 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999680161 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.9444749 + timestamp: 1682073547.433851 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.9444749 + timestamp: 1682073547.433851 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.9444749 + timestamp: 1682073547.433851 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.944475}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.433851}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.944475}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99968016}, "timestamp": {"timestamp": 1682073547.433851}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.944475}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.433851}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.944475}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.433851}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.944475}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.433851}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04163622856140137 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06872105598449707 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3676,122 +3731,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975365996360779 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.3784563541412 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.83178544044495 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037466293912964823 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013545196115894616 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446598349139094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0041713714599609375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004565715789794922 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7452 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:21.996909 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 30 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.506697 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725081.997288 + timestamp: 1682073547.506927 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725081.997288 + timestamp: 1682073547.506927 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999617517 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725081.997288 + timestamp: 1682073547.506927 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725081.997288 + timestamp: 1682073547.506927 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725081.997288 + timestamp: 1682073547.506927 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.997288}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.506927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725081.997288}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996175}, "timestamp": {"timestamp": 1682073547.506927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.997288}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.506927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.997288}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.506927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725081.997288}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.506927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03710031509399414 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:21', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02979445457458496 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3811,122 +3861,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975369572639465 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.4259631633759 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.86587142944336 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 4593.0}, {"feature": 3.0}, {"feature": 5991.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746564840204643 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013544288524057308 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003921985626220703 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007021427154541016 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7453 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.044473 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 31 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.546302 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.04557 + timestamp: 1682073547.5464871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.04557 + timestamp: 1682073547.5464871 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999559104 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.04557 + timestamp: 1682073547.5464871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.04557 + timestamp: 1682073547.5464871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.04557 + timestamp: 1682073547.5464871 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.04557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.546487}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.04557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995591}, "timestamp": {"timestamp": 1682073547.546487}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.04557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.546487}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.04557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.546487}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.04557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.546487}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.11488556861877441 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03605771064758301 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -3946,122 +3991,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975372552871704 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.5510947704315 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.91171479225159 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 4593.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746575142790046 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013543379997935797 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003619670867919922 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00035452842712402344 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7454 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.168777 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 32 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.586327 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.16927 + timestamp: 1682073547.5865531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.16927 + timestamp: 1682073547.5865531 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957335 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.16927 + timestamp: 1682073547.5865531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.16927 + timestamp: 1682073547.5865531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.16927 + timestamp: 1682073547.5865531 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.16927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.586553}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.16927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957335}, "timestamp": {"timestamp": 1682073547.586553}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.16927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.586553}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.16927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.586553}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.16927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.586553}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.025696277618408203 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03951144218444824 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4081,122 +4121,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975376129150391 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.5861308574677 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 102.95520663261414 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 331.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 4593.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746341241368715 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001354248668202164 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0048177242279052734 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004210472106933594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7455 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.203134 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 33 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.633078 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.203789 + timestamp: 1682073547.6332829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.203789 + timestamp: 1682073547.6332829 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999586642 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.203789 + timestamp: 1682073547.6332829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.203789 + timestamp: 1682073547.6332829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.203789 + timestamp: 1682073547.6332829 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.203789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.633283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.203789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99958664}, "timestamp": {"timestamp": 1682073547.633283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.203789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.633283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.203789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.633283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.203789}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.633283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03687167167663574 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.08220291137695312 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4216,122 +4251,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975379705429077 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.6316959857941 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.04473519325256 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 331.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746288185878612 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013541579266084208 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003061532974243164 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005619525909423828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7456 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.247273 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 34 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.720001 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.247571 + timestamp: 1682073547.720192 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.247571 + timestamp: 1682073547.720192 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999599159 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.247571 + timestamp: 1682073547.720192 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.247571 + timestamp: 1682073547.720192 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.247571 + timestamp: 1682073547.720192 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.247571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.720192}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.247571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99959916}, "timestamp": {"timestamp": 1682073547.720192}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.247571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.720192}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.247571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.720192}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.247571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.720192}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.052098989486694336 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.045018672943115234 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4351,122 +4381,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975382685661316 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.6914064884186 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.09440326690674 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 398.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003746115241207975 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013540679492692893 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003818035125732422 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00039196014404296875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7457 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.308527 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 35 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.771188 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.3089459 + timestamp: 1682073547.77137 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.3089459 + timestamp: 1682073547.77137 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99961096 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.3089459 + timestamp: 1682073547.77137 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.3089459 + timestamp: 1682073547.77137 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.3089459 + timestamp: 1682073547.77137 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.308946}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.77137}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.308946}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99961096}, "timestamp": {"timestamp": 1682073547.77137}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.308946}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.77137}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.308946}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.77137}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.308946}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.77137}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.062422990798950195 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04595041275024414 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4486,122 +4511,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975386261940002 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.762672662735 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.14657735824585 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 8.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 398.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037459830053140165 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013539776481917766 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0029566287994384766 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00037980079650878906 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7458 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.377514 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 36 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.824540 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.3779271 + timestamp: 1682073547.824733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.3779271 + timestamp: 1682073547.824733 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99954927 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.3779271 + timestamp: 1682073547.824733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.3779271 + timestamp: 1682073547.824733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.3779271 + timestamp: 1682073547.824733 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.377927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.824733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.377927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99954927}, "timestamp": {"timestamp": 1682073547.824733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.377927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.824733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.377927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.824733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.377927}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.824733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.022769927978515625 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06346774101257324 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4621,122 +4641,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975389838218689 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.7918953895569 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.21739792823792 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 8.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 398.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 1398.0}, {"feature": 1.0}, {"feature": 1398.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003745612553093582 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013538906636543777 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018999576568603516 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004856586456298828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7459 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.405715 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 37 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.898615 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.410059 + timestamp: 1682073547.8988221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.410059 + timestamp: 1682073547.8988221 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999561787 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.410059 + timestamp: 1682073547.8988221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.410059 + timestamp: 1682073547.8988221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.410059 + timestamp: 1682073547.8988221 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.410059}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.898822}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.410059}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995618}, "timestamp": {"timestamp": 1682073547.898822}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.410059}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.898822}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.410059}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.898822}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.410059}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.898822}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03608298301696777 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02777576446533203 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4756,122 +4771,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975392818450928 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.8349227905273 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.25573563575745 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 11.0}, {"feature": 9.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 465.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037454471693389196 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013538006707684122 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446598349139094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025463104248046875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003600120544433594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7460 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.476250 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 38 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:07.930490 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.4766271 + timestamp: 1682073547.930691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.4766271 + timestamp: 1682073547.930691 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999573588 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.4766271 + timestamp: 1682073547.930691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.4766271 + timestamp: 1682073547.930691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.4766271 + timestamp: 1682073547.930691 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.476627}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.930691}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.476627}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995736}, "timestamp": {"timestamp": 1682073547.930691}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.476627}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.930691}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.476627}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.930691}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.476627}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073547.930691}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04099726676940918 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.10343289375305176 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:07', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -4891,122 +4901,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975396394729614 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.909764289856 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.3633382320404 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 10.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 465.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 4593.0}, {"feature": 6.0}, {"feature": 10185.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037453654487600463 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001353710126591364 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026446999981999397 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0033724308013916016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00041747093200683594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7461 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.527558 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 39 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.271710 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.5277989 + timestamp: 1682073548.271935 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.5277989 + timestamp: 1682073548.271935 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999528646 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.5277989 + timestamp: 1682073548.271935 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.5277989 + timestamp: 1682073548.271935 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.5277989 + timestamp: 1682073548.271935 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.527799}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.271935}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.527799}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99952865}, "timestamp": {"timestamp": 1682073548.271935}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.527799}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.271935}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.527799}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.271935}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.527799}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.271935}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05908489227294922 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024494409561157227 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5026,122 +5031,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975399971008301 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 738.9784059524536 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.62559819221497 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 10.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 465.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 4593.0}, {"feature": 5.0}, {"feature": 8787.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003745334581004571 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013536194428878246 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.011383771896362305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00035643577575683594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7462 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.602470 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 40 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.303179 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.6027579 + timestamp: 1682073548.3033891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.6027579 + timestamp: 1682073548.3033891 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999540746 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.6027579 + timestamp: 1682073548.3033891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.6027579 + timestamp: 1682073548.3033891 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.6027579 + timestamp: 1682073548.3033891 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.602758}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.303389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.602758}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99954075}, "timestamp": {"timestamp": 1682073548.303389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.602758}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.303389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.602758}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.303389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.602758}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.303389}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.032053470611572266 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02233719825744629 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5161,122 +5161,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997540295124054 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.02663397789 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.65501809120178 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 524.0}, {"feature": 6.0}, {"feature": 790.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 11583.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003745213461585336 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013535291555318233 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002645030035637319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0029675960540771484 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00041031837463378906 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7463 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.642893 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 41 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.330042 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.6431749 + timestamp: 1682073548.3303721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.6431749 + timestamp: 1682073548.3303721 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99955219 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.6431749 + timestamp: 1682073548.3303721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.6431749 + timestamp: 1682073548.3303721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.6431749 + timestamp: 1682073548.3303721 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.643175}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.330372}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.643175}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995522}, "timestamp": {"timestamp": 1682073548.330372}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.643175}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.330372}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.643175}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.330372}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.643175}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.330372}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05556631088256836 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0238797664642334 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5296,122 +5291,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975406527519226 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.0901908874512 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.68326473236084 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 524.0}, {"feature": 6.0}, {"feature": 790.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037453106891437225 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013534387426288226 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026454852195456624 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003385782241821289 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003445148468017578 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7464 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.706489 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 42 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.372864 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.706754 + timestamp: 1682073548.3732829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.706754 + timestamp: 1682073548.3732829 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999563098 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.706754 + timestamp: 1682073548.3732829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.706754 + timestamp: 1682073548.3732829 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.706754 + timestamp: 1682073548.3732829 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.706754}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.373283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.706754}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995631}, "timestamp": {"timestamp": 1682073548.373283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.706754}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.373283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.706754}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.373283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.706754}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.373283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.042838335037231445 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.039108991622924805 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5431,122 +5421,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975410103797913 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.1409955024719 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.74136233329773 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 524.0}, {"feature": 6.0}, {"feature": 790.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 4.0}, {"feature": 873.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037452256347864305 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013533482867910437 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026459404034540057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00606536865234375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009891986846923828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7465 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.765636 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 43 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.417949 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.76644 + timestamp: 1682073548.418189 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.76644 + timestamp: 1682073548.418189 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999573529 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.76644 + timestamp: 1682073548.418189 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.76644 + timestamp: 1682073548.418189 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.76644 + timestamp: 1682073548.418189 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.76644}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.418189}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.76644}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995735}, "timestamp": {"timestamp": 1682073548.418189}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.76644}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.418189}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.76644}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.418189}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.76644}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.418189}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04642343521118164 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.053772687911987305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5566,122 +5551,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975413084030151 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.203773021698 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.80123543739319 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42102:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42102", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 21.0}, {"feature": 21.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037451917175857207 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013532576813914832 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003635406494140625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005631446838378906 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7466 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.820350 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 44 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.477164 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.8205659 + timestamp: 1682073548.4775479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.8205659 + timestamp: 1682073548.4775479 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999583423 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.8205659 + timestamp: 1682073548.4775479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.8205659 + timestamp: 1682073548.4775479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.8205659 + timestamp: 1682073548.4775479 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.820566}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.477548}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.820566}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995834}, "timestamp": {"timestamp": 1682073548.477548}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.820566}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.477548}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.820566}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.477548}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.820566}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.477548}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06209921836853027 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42102:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42102', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.030374526977539062 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5701,122 +5681,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975416660308838 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.2741656303406 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.8376932144165 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42102:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42102", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 6.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 21.0}, {"feature": 21.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037451415513145103 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00135316713189602 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003144502639770508 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0006783008575439453 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7467 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.892046 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 45 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.513469 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.892303 + timestamp: 1682073548.5141361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.892303 + timestamp: 1682073548.5141361 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.9995929 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.892303 + timestamp: 1682073548.5141361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.892303 + timestamp: 1682073548.5141361 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.892303 + timestamp: 1682073548.5141361 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.892303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.514136}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.892303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995929}, "timestamp": {"timestamp": 1682073548.514136}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.892303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.514136}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.892303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.514136}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.892303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.514136}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03746223449707031 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42102:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42102', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06506204605102539 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5836,122 +5811,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975419640541077 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.3212263584137 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.9080183506012 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42102:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42102", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 6.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 22.0}, {"feature": 22.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003745115520050984 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001353076549868206 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0031545162200927734 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00038242340087890625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7468 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.937004 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 46 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.582782 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.9373009 + timestamp: 1682073548.5831339 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.9373009 + timestamp: 1682073548.5831339 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99960196 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.9373009 + timestamp: 1682073548.5831339 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.9373009 + timestamp: 1682073548.5831339 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.9373009 + timestamp: 1682073548.5831339 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.937301}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.583134}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.937301}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99960196}, "timestamp": {"timestamp": 1682073548.583134}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.937301}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.583134}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.937301}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.583134}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.937301}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.583134}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03387737274169922 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42102:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42102', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027065038681030273 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -5971,122 +5941,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975423216819763 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.3625888824463 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 103.93975734710693 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41964:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41964", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003745082577782505 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013529859972869621 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0031867027282714844 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0006437301635742188 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7469 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:22.983661 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 47 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.615697 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725082.98393 + timestamp: 1682073548.616353 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725082.98393 + timestamp: 1682073548.616353 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999610603 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725082.98393 + timestamp: 1682073548.616353 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725082.98393 + timestamp: 1682073548.616353 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725082.98393 + timestamp: 1682073548.616353 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.98393}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.616353}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725082.98393}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996106}, "timestamp": {"timestamp": 1682073548.616353}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.98393}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.616353}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.98393}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.616353}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725082.98393}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.616353}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03157973289489746 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:22', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41964:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41964', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06240200996398926 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6106,122 +6071,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997542679309845 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.406888961792 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.00854516029358 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41964:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41964", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003744994643003427 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013528956463909456 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003019571304321289 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009441375732421875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7470 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.022140 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 48 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.685503 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.0224259 + timestamp: 1682073548.6865289 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.0224259 + timestamp: 1682073548.6865289 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999618888 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.0224259 + timestamp: 1682073548.6865289 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.0224259 + timestamp: 1682073548.6865289 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.0224259 + timestamp: 1682073548.6865289 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.022426}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.686529}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.022426}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996189}, "timestamp": {"timestamp": 1682073548.686529}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.022426}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.686529}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.022426}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.686529}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.022426}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.686529}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.09490060806274414 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41964:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41964', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03384256362915039 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6241,122 +6201,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975429773330688 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.5087492465973 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.04965162277222 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41964:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41964", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:47311:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "47311", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037451152701566343 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013528055019580384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004134416580200195 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0011494159698486328 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7471 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.128011 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 49 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.726805 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.128298 + timestamp: 1682073548.7278819 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.128298 + timestamp: 1682073548.7278819 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999626815 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.128298 + timestamp: 1682073548.7278819 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.128298 + timestamp: 1682073548.7278819 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.128298 + timestamp: 1682073548.7278819 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.128298}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.727882}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.128298}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996268}, "timestamp": {"timestamp": 1682073548.727882}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.128298}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.727882}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.128298}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.727882}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.128298}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.727882}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05276203155517578 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41964:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41964', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05777692794799805 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:47311:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '47311', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6376,122 +6331,4407 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975433349609375 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.5724337100983 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.11553716659546 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:41964:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "41964", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1439:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1439", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037449621350833014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001352715621512985 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0035750865936279297 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008885860443115234 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7472 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.188655 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 50 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.792995 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.189074 + timestamp: 1682073548.794131 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.189074 + timestamp: 1682073548.794131 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999634445 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.189074 + timestamp: 1682073548.794131 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.189074 + timestamp: 1682073548.794131 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" + } +} +timestamp { + timestamp: 1682073548.794131 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.794131}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963444}, "timestamp": {"timestamp": 1682073548.794131}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.794131}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.794131}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.794131}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03307461738586426 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1439:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1439', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.15635848045349 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007641315460205078 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 51 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.833305 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073548.8340471 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073548.8340471 +} +kpi_value { + floatVal: 0.999641776 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073548.8340471 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073548.8340471 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073548.8340471 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.834047}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996418}, "timestamp": {"timestamp": 1682073548.834047}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.834047}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.834047}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.834047}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0560450553894043 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.21976137161255 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008673667907714844 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 52 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.896738 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073548.897553 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073548.897553 +} +kpi_value { + floatVal: 0.999648809 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073548.897553 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073548.897553 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073548.897553 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.897553}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996488}, "timestamp": {"timestamp": 1682073548.897553}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.897553}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.897553}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.897553}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.040788888931274414 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.26710915565491 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005183219909667969 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 53 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.943598 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073548.943857 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073548.943857 +} +kpi_value { + floatVal: 0.999655545 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073548.943857 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073548.943857 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073548.943857 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.943857}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99965554}, "timestamp": {"timestamp": 1682073548.943857}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.943857}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.943857}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.943857}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03673982620239258 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.30973792076111 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00039267539978027344 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 54 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:08.984679 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073548.9849441 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073548.9849441 +} +kpi_value { + floatVal: 0.999621749 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073548.9849441 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073548.9849441 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073548.9849441 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.984944}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99962175}, "timestamp": {"timestamp": 1682073548.984944}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.984944}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.984944}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073548.984944}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.039724111557006836 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:08', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.35377621650696 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003688335418701172 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 55 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.028388 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.0286491 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.0286491 +} +kpi_value { + floatVal: 0.999628782 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.0286491 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.0286491 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.0286491 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.028649}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996288}, "timestamp": {"timestamp": 1682073549.028649}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.028649}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.028649}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.028649}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07369112968444824 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.43153929710388 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00039768218994140625 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 56 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.108116 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.108336 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.108336 +} +kpi_value { + floatVal: 0.999635518 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.108336 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.108336 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.108336 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.108336}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996355}, "timestamp": {"timestamp": 1682073549.108336}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.108336}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.108336}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.108336}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03917527198791504 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.47666907310486 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003800392150878906 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 57 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.151230 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.1515009 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.1515009 +} +kpi_value { + floatVal: 0.999642 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.1515009 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.1515009 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.1515009 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.151501}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999642}, "timestamp": {"timestamp": 1682073549.151501}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.151501}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.151501}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.151501}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.022464513778686523 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.50316333770752 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007410049438476562 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 58 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.178312 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.17856 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.17856 +} +kpi_value { + floatVal: 0.999610841 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.17856 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.17856 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.17856 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.17856}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99961084}, "timestamp": {"timestamp": 1682073549.17856}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.17856}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.17856}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.17856}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02449321746826172 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.5330913066864 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007669925689697266 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 59 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.208966 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.209677 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.209677 +} +kpi_value { + floatVal: 0.999573588 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.209677 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.209677 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.209677 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.209677}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995736}, "timestamp": {"timestamp": 1682073549.209677}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.209677}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.209677}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.209677}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06258773803710938 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.60179018974304 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 4593.0}, {"feature": 5.0}, {"feature": 10185.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008032321929931641 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 60 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.542621 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.54335 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.54335 +} +kpi_value { + floatVal: 0.999544621 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.54335 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.54335 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.54335 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.54335}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995446}, "timestamp": {"timestamp": 1682073549.54335}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.54335}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.54335}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.54335}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0863800048828125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 104.95847010612488 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 4593.0}, {"feature": 1.0}, {"feature": 4593.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00048804283142089844 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 61 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.634778 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.6352069 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.6352069 +} +kpi_value { + floatVal: 0.99955219 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.6352069 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.6352069 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.6352069 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.635207}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995522}, "timestamp": {"timestamp": 1682073549.635207}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.635207}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.635207}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.635207}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06885051727294922 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.03303265571594 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00045609474182128906 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 62 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.709178 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.7094359 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.7094359 +} +kpi_value { + floatVal: 0.999559522 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.7094359 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.7094359 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.7094359 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.709436}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995595}, "timestamp": {"timestamp": 1682073549.709436}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.709436}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.709436}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.709436}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.042671918869018555 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.0812451839447 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003979206085205078 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 63 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.756381 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.7566049 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.7566049 +} +kpi_value { + floatVal: 0.999525547 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.7566049 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.7566049 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.7566049 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.756605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99952555}, "timestamp": {"timestamp": 1682073549.756605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.756605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.756605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.756605}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0343320369720459 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.12037968635559 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 4593.0}, {"feature": 4.0}, {"feature": 8787.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0006389617919921875 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 64 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.796543 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.7968819 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.7968819 +} +kpi_value { + floatVal: 0.999499142 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.7968819 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.7968819 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.7968819 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.796882}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99949914}, "timestamp": {"timestamp": 1682073549.796882}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.796882}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.796882}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.796882}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06329512596130371 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.18936276435852 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 5991.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004868507385253906 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 65 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.865105 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.865567 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.865567 +} +kpi_value { + floatVal: 0.999507 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.865567 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.865567 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.865567 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.865567}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999507}, "timestamp": {"timestamp": 1682073549.865567}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.865567}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.865567}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.865567}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05353856086730957 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.24921774864197 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 4593.0}, {"feature": 3.0}, {"feature": 7389.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014903545379638672 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 66 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.927551 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.9285331 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.9285331 +} +kpi_value { + floatVal: 0.99951458 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.9285331 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.9285331 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.9285331 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.928533}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995146}, "timestamp": {"timestamp": 1682073549.928533}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.928533}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.928533}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.928533}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04619765281677246 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.30403566360474 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0008482933044433594 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 67 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:09.980594 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073549.9814961 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073549.9814961 +} +kpi_value { + floatVal: 0.999521911 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073549.9814961 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073549.9814961 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073549.9814961 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.981496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995219}, "timestamp": {"timestamp": 1682073549.981496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.981496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.981496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073549.981496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.031026124954223633 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:09', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.34139585494995 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005903244018554688 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 68 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.017040 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.0176 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.0176 +} +kpi_value { + floatVal: 0.999493241 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.0176 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.0176 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.0176 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.0176}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99949324}, "timestamp": {"timestamp": 1682073550.0176}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.0176}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.0176}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.0176}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.026513338088989258 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.37334203720093 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005779266357421875 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 69 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.048573 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.0490489 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.0490489 +} +kpi_value { + floatVal: 0.999500692 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.0490489 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.0490489 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.0490489 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.049049}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995007}, "timestamp": {"timestamp": 1682073550.049049}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.049049}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.049049}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.049049}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05797839164733887 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.43680453300476 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0009441375732421875 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 70 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.113626 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.1145511 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.1145511 +} +kpi_value { + floatVal: 0.999507904 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.1145511 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.1145511 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.1145511 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.114551}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995079}, "timestamp": {"timestamp": 1682073550.114551}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.114551}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.114551}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.114551}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.036062002182006836 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.48022389411926 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0010247230529785156 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 71 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.157497 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.171592 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.171592 +} +kpi_value { + floatVal: 0.999514937 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.171592 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.171592 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.171592 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.171592}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99951494}, "timestamp": {"timestamp": 1682073550.171592}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.171592}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.171592}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.171592}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04987907409667969 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.53936171531677 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0010821819305419922 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 72 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.216365 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.217406 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.217406 +} +kpi_value { + floatVal: 0.999521792 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.217406 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.217406 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.217406 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.217406}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995218}, "timestamp": {"timestamp": 1682073550.217406}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.217406}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.217406}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.217406}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05605292320251465 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.60440444946289 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015058517456054688 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 73 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.284718 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.2856531 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.2856531 +} +kpi_value { + floatVal: 0.999528408 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.2856531 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.2856531 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.2856531 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.285653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995284}, "timestamp": {"timestamp": 1682073550.285653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.285653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.285653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.285653}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05547499656677246 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.6701488494873 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007672309875488281 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 74 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.347351 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.348002 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.348002 +} +kpi_value { + floatVal: 0.999502 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.348002 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.348002 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.348002 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.348002}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999502}, "timestamp": {"timestamp": 1682073550.348002}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.348002}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.348002}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.348002}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04725027084350586 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.72403264045715 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00046896934509277344 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 75 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.399306 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.3995321 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.3995321 +} +kpi_value { + floatVal: 0.99947983 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.3995321 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.3995321 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.3995321 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.399532}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99947983}, "timestamp": {"timestamp": 1682073550.399532}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.399532}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.399532}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.399532}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024295568466186523 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.75297379493713 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004329681396484375 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 76 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.427766 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.4279661 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.4279661 +} +kpi_value { + floatVal: 0.99945277 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.4279661 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.4279661 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.4279661 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.427966}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99945277}, "timestamp": {"timestamp": 1682073550.427966}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.427966}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.427966}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.427966}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.020854711532592773 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.77802276611328 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003516674041748047 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 77 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.453277 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.4715061 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.4715061 +} +kpi_value { + floatVal: 0.99946 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.4715061 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.4715061 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.4715061 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.471506}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99946}, "timestamp": {"timestamp": 1682073550.471506}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.471506}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.471506}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.471506}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04744839668273926 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.83016347885132 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00044274330139160156 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 78 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.504971 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.505183 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.505183 +} +kpi_value { + floatVal: 0.999467 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.505183 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.505183 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.505183 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.505183}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999467}, "timestamp": {"timestamp": 1682073550.505183}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.505183}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.505183}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.505183}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027480602264404297 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.86193108558655 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005371570587158203 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 79 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.575489 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.575959 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.575959 +} +kpi_value { + floatVal: 0.99947387 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.575959 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.575959 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.575959 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.575959}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99947387}, "timestamp": {"timestamp": 1682073550.575959}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.575959}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.575959}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.575959}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04580569267272949 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 105.95093870162964 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004937648773193359 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 80 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.625851 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.626085 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.626085 +} +kpi_value { + floatVal: 0.999450088 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.626085 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.626085 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.626085 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.626085}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994501}, "timestamp": {"timestamp": 1682073550.626085}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.626085}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.626085}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.626085}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0456843376159668 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.0009696483612 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 12981.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005488395690917969 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 81 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.676270 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.6765051 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.6765051 +} +kpi_value { + floatVal: 0.999425113 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.6765051 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.6765051 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.6765051 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.676505}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994251}, "timestamp": {"timestamp": 1682073550.676505}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.676505}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.676505}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.676505}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.028163671493530273 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.03410816192627 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005137920379638672 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 82 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:10.709426 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073550.7096341 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073550.7096341 +} +kpi_value { + floatVal: 0.999432206 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073550.7096341 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073550.7096341 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" + } +} +timestamp { + timestamp: 1682073550.7096341 +} +kpi_value { + int32Val: 0 +} + +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.709634}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994322}, "timestamp": {"timestamp": 1682073550.709634}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.709634}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.709634}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073550.709634}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06771063804626465 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:10', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} +, 'endpoint_id': topology_id { + context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } + } + topology_uuid { + uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" + } +} +device_id { + device_uuid { + uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" + } +} +endpoint_uuid { + uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" +} +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 + +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.10656237602234 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence +INFO:root:No attack detected +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +INFO:root:Performing inference... +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0007152557373046875 seconds +INFO:root:Inference performed correctly +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 83 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.023360 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { + context_uuid { + uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" + } +} +service_uuid { + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { + kpi_id { + uuid: "13" + } +} +timestamp { + timestamp: 1682073551.0238161 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { + kpi_id { + uuid: "14" + } +} +timestamp { + timestamp: 1682073551.0238161 +} +kpi_value { + floatVal: 0.999413073 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { + kpi_id { + uuid: "15" + } +} +timestamp { + timestamp: 1682073551.0238161 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { + kpi_id { + uuid: "16" + } +} +timestamp { + timestamp: 1682073551.0238161 +} +kpi_value { + int32Val: 0 +} + +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { + kpi_id { + uuid: "17" } } timestamp { - timestamp: 1681725083.189074 + timestamp: 1682073551.0238161 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.189074}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.023816}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.189074}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994131}, "timestamp": {"timestamp": 1682073551.023816}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.189074}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.023816}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.189074}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.023816}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.189074}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.023816}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03807353973388672 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:41964:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '41964', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03484797477722168 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6511,122 +10751,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975436925888062 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.6185088157654 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.38761138916016 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:26984:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "26984", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374485651057557 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013526254197664192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004912137985229492 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004699230194091797 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7473 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.236792 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 84 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.064444 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.2378321 + timestamp: 1682073551.0646379 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.2378321 + timestamp: 1682073551.0646379 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999420166 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.2378321 + timestamp: 1682073551.0646379 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.2378321 + timestamp: 1682073551.0646379 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.2378321 + timestamp: 1682073551.0646379 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.237832}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.064638}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.237832}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99942017}, "timestamp": {"timestamp": 1682073551.064638}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.237832}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.064638}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.237832}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.064638}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.237832}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.064638}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.039269447326660156 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:26984:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '26984', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.026336669921875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6646,122 +10881,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.99754399061203 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.667783498764 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.4205310344696 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:26984:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "26984", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374464688967235 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013525361419243864 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0033435821533203125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005767345428466797 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7474 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.283641 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 85 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.096283 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.283895 + timestamp: 1682073551.0964689 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.283895 + timestamp: 1682073551.0964689 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99942708 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.283895 + timestamp: 1682073551.0964689 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.283895 + timestamp: 1682073551.0964689 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.283895 + timestamp: 1682073551.0964689 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.283895}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.096469}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.283895}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994271}, "timestamp": {"timestamp": 1682073551.096469}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.283895}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.096469}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.283895}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.096469}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.283895}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.096469}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.029442310333251953 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:26984:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '26984', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.029632091522216797 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6781,122 +11011,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975443482398987 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.7047779560089 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.45533800125122 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:26984:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "26984", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003744478338946243 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013524464532439638 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003014802932739258 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005307197570800781 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7475 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.320981 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 86 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.130995 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.321239 + timestamp: 1682073551.131376 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.321239 + timestamp: 1682073551.131376 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999433815 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.321239 + timestamp: 1682073551.131376 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.321239 + timestamp: 1682073551.131376 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.321239 + timestamp: 1682073551.131376 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.321239}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.131376}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.321239}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994338}, "timestamp": {"timestamp": 1682073551.131376}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.321239}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.131376}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.321239}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.131376}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.321239}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.131376}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05560731887817383 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:26984:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '26984', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06275343894958496 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -6916,122 +11141,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975446462631226 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.7682571411133 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.52313494682312 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:26984:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "26984", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 11.0}, {"feature": 8.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50995:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50995", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037442973399197973 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013523569030781653 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.006214141845703125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005276203155517578 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7476 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.387225 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 87 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.198001 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.3875811 + timestamp: 1682073551.198215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.3875811 + timestamp: 1682073551.198215 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999440372 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.3875811 + timestamp: 1682073551.198215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.3875811 + timestamp: 1682073551.198215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.3875811 + timestamp: 1682073551.198215 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.387581}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.198215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.387581}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994404}, "timestamp": {"timestamp": 1682073551.198215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.387581}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.198215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.387581}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.198215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.387581}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.198215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04198789596557617 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:26984:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '26984', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.023943424224853516 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50995:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50995', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7051,122 +11271,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975450038909912 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.8212671279907 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.55130934715271 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:26984:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "26984", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 9.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037441456123254324 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013522671019596658 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0031256675720214844 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00042819976806640625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7477 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.437213 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 88 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.242122 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.437705 + timestamp: 1682073551.242317 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.437705 + timestamp: 1682073551.242317 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999446809 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.437705 + timestamp: 1682073551.242317 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.437705 + timestamp: 1682073551.242317 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.437705 + timestamp: 1682073551.242317 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.437705}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.242317}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.437705}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994468}, "timestamp": {"timestamp": 1682073551.242317}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.437705}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.242317}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.437705}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.242317}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.437705}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.242317}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.054611921310424805 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:26984:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '26984', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05256819725036621 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7186,122 +11401,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975453615188599 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.8836150169373 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.6240873336792 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14004:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14004", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037439268886576963 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001352178005256793 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005770206451416016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00037598609924316406 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7478 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.504168 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 89 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.298743 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.5055721 + timestamp: 1682073551.299051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.5055721 + timestamp: 1682073551.299051 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999453127 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.5055721 + timestamp: 1682073551.299051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.5055721 + timestamp: 1682073551.299051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.5055721 + timestamp: 1682073551.299051 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.505572}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.299051}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.505572}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994531}, "timestamp": {"timestamp": 1682073551.299051}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.505572}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.299051}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.505572}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.299051}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.505572}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.299051}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.053069114685058594 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14004:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14004', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04795384407043457 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7321,122 +11531,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975456595420837 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 739.9512143135071 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.67608666419983 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14004:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14004", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003743805392916266 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013520880121189172 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005804777145385742 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00037479400634765625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7479 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.570855 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 90 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.350677 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.571496 + timestamp: 1682073551.3509691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.571496 + timestamp: 1682073551.3509691 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999459267 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.571496 + timestamp: 1682073551.3509691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.571496 + timestamp: 1682073551.3509691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.571496 + timestamp: 1682073551.3509691 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.571496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.350969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.571496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99945927}, "timestamp": {"timestamp": 1682073551.350969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.571496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.350969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.571496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.350969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.571496}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.350969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04500627517700195 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14004:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14004', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02584528923034668 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7456,122 +11661,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975460171699524 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.0082232952118 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.70607256889343 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14004:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14004", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374361067422962 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013519986775867362 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005547046661376953 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00035071372985839844 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7480 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.628289 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 91 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.381435 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.630698 + timestamp: 1682073551.3825319 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.630698 + timestamp: 1682073551.3825319 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999465287 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.630698 + timestamp: 1682073551.3825319 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.630698 + timestamp: 1682073551.3825319 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.630698 + timestamp: 1682073551.3825319 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.630698}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.382532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.630698}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994653}, "timestamp": {"timestamp": 1682073551.382532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.630698}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.382532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.630698}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.382532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.630698}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.382532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06663322448730469 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14004:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14004', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0315394401550293 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7591,122 +11791,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997546374797821 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.0882096290588 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.74323654174805 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14004:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14004", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003743594998374652 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013519083192022499 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003968715667724609 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004878044128417969 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7481 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.705989 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 92 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.418176 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.7063041 + timestamp: 1682073551.41837 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.7063041 + timestamp: 1682073551.41837 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999471128 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.7063041 + timestamp: 1682073551.41837 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.7063041 + timestamp: 1682073551.41837 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.7063041 + timestamp: 1682073551.41837 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.706304}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.41837}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.706304}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994711}, "timestamp": {"timestamp": 1682073551.41837}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.706304}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.41837}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.706304}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.41837}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.706304}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.41837}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03515052795410156 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14004:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14004', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.053781986236572266 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7726,122 +11921,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975466728210449 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.133546590805 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.80134463310242 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42090:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42090", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 9.0}, {"feature": 8.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 23.0}, {"feature": 23.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037434471107544357 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013518185773029924 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.006236553192138672 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003676414489746094 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7482 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.754994 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 93 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.476413 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.756722 + timestamp: 1682073551.476696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.756722 + timestamp: 1682073551.476696 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99947691 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.756722 + timestamp: 1682073551.476696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.756722 + timestamp: 1682073551.476696 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.756722 + timestamp: 1682073551.476696 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.756722}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.476696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.756722}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994769}, "timestamp": {"timestamp": 1682073551.476696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.756722}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.476696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.756722}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.476696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.756722}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.476696}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04907822608947754 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42090:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42090', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02832174301147461 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7861,122 +12051,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975470304489136 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.2010045051575 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.83411407470703 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:21494:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "21494", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 9.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 528.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037433758549345925 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013517283888279865 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0037217140197753906 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003941059112548828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7483 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.818856 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 94 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.514983 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.8195 + timestamp: 1682073551.5152619 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.8195 + timestamp: 1682073551.5152619 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999482512 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.8195 + timestamp: 1682073551.5152619 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.8195 + timestamp: 1682073551.5152619 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.8195 + timestamp: 1682073551.5152619 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.8195}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.515262}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.8195}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994825}, "timestamp": {"timestamp": 1682073551.515262}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.8195}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.515262}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.8195}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.515262}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.8195}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.515262}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03548550605773926 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:21494:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '21494', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06173539161682129 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -7996,122 +12181,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975473284721375 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.2467148303986 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.90616512298584 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:21494:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "21494", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 9.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 528.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037435172224161724 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013516386311310407 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005984783172607422 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004100799560546875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7484 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.867695 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 95 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.581079 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.8713789 + timestamp: 1682073551.5812969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.8713789 + timestamp: 1682073551.5812969 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999488 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.8713789 + timestamp: 1682073551.5812969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.8713789 + timestamp: 1682073551.5812969 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.8713789 + timestamp: 1682073551.5812969 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.871379}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.581297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.871379}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999488}, "timestamp": {"timestamp": 1682073551.581297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.871379}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.581297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.871379}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.581297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.871379}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.581297}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03982877731323242 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:21494:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '21494', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03541421890258789 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8131,122 +12311,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975476861000061 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.2994360923767 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.94589471817017 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:21494:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "21494", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 9.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 528.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003743504922160146 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013515483424823332 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004422187805175781 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00036072731018066406 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7485 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.917650 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 96 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.620716 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.9188449 + timestamp: 1682073551.6209691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.9188449 + timestamp: 1682073551.6209691 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99949342 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.9188449 + timestamp: 1682073551.6209691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.9188449 + timestamp: 1682073551.6209691 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.9188449 + timestamp: 1682073551.6209691 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.918845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.620969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.918845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9994934}, "timestamp": {"timestamp": 1682073551.620969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.918845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.620969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.918845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.620969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.918845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.620969}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06904292106628418 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:21494:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '21494', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04053783416748047 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8266,122 +12441,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975480437278748 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.3800251483917 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 106.99067783355713 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:21494:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "21494", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 10.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 528.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 396.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037434863855561175 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013514580772526212 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004013776779174805 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003840923309326172 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7486 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:23.998524 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 97 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.665095 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725083.998935 + timestamp: 1682073551.66531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725083.998935 + timestamp: 1682073551.66531 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999498665 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725083.998935 + timestamp: 1682073551.66531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725083.998935 + timestamp: 1682073551.66531 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725083.998935 + timestamp: 1682073551.66531 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.998935}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.66531}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725083.998935}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99949867}, "timestamp": {"timestamp": 1682073551.66531}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.998935}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.66531}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.998935}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.66531}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725083.998935}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.66531}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02906513214111328 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:23', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:21494:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '21494', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.039103031158447266 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8401,122 +12571,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975483417510986 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.4198627471924 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.03363108634949 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:21494:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "21494", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 14.0}, {"feature": 11.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 528.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 146.0}, {"feature": 3.0}, {"feature": 438.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037434948794556183 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013513678225922396 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.01213526725769043 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0003731250762939453 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7487 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.044950 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 98 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.708481 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.0452139 + timestamp: 1682073551.70869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.0452139 + timestamp: 1682073551.70869 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999503851 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.0452139 + timestamp: 1682073551.70869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.0452139 + timestamp: 1682073551.70869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.0452139 + timestamp: 1682073551.70869 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.045214}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.70869}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.045214}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99950385}, "timestamp": {"timestamp": 1682073551.70869}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.045214}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.70869}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.045214}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.70869}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.045214}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.70869}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04754447937011719 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:21494:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '21494', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.037935733795166016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8536,122 +12701,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975486993789673 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.4857566356659 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.07582473754883 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:15205:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "15205", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:50756:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "50756", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037433425363543263 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013512782269665775 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003448009490966797 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0005419254302978516 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7488 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.102710 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 99 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.751181 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.103241 + timestamp: 1682073551.751451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.103241 + timestamp: 1682073551.751451 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999508917 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.103241 + timestamp: 1682073551.751451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.103241 + timestamp: 1682073551.751451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.103241 + timestamp: 1682073551.751451 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.103241}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.751451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.103241}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995089}, "timestamp": {"timestamp": 1682073551.751451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.103241}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.751451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.103241}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.751451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.103241}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.751451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.032521963119506836 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:15205:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '15205', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.043598175048828125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:50756:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '50756', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8671,122 +12831,117 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975489974021912 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.5269014835358 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.12436723709106 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:15205:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "15205", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374328181629652 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013511881085813526 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0050334930419921875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0004582405090332031 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7489 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.144998 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 100 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.799542 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.146018 + timestamp: 1682073551.7998259 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.146018 + timestamp: 1682073551.7998259 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999513865 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.146018 + timestamp: 1682073551.7998259 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.146018 + timestamp: 1682073551.7998259 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.146018 + timestamp: 1682073551.7998259 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.146018}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.799826}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.146018}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99951386}, "timestamp": {"timestamp": 1682073551.799826}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.146018}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.799826}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.146018}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.799826}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.146018}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.799826}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.042333126068115234 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:15205:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '15205', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02598714828491211 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8806,122 +12961,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975493550300598 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.5798466205597 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.15537428855896 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:15205:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "15205", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003743068896155078 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00135109916253309 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002652883529663086 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0008045835742662051 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005533438473263436 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023665900005198637 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.08170819282531738 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7490 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.195463 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 101 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.911413 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.1957321 + timestamp: 1682073551.911664 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.1957321 + timestamp: 1682073551.911664 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999518752 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.1957321 + timestamp: 1682073551.911664 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.1957321 + timestamp: 1682073551.911664 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.1957321 + timestamp: 1682073551.911664 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.195732}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.911664}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.195732}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99951875}, "timestamp": {"timestamp": 1682073551.911664}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.195732}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.911664}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.195732}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.911664}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.195732}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.911664}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0467371940612793 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:15205:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '15205', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03120136260986328 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -8941,122 +13096,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975497126579285 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.6344311237335 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.2720673084259 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:15205:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "15205", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003742926007544739 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013510095439918188 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00792694091796875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000799789813734552 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005506457720908178 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023701200001369216 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019505023956298828 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7491 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.257259 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 102 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.948641 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.25877 + timestamp: 1682073551.9488871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.25877 + timestamp: 1682073551.9488871 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99952352 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.25877 + timestamp: 1682073551.9488871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.25877 + timestamp: 1682073551.9488871 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.25877 + timestamp: 1682073551.9488871 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.25877}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.948887}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.25877}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995235}, "timestamp": {"timestamp": 1682073551.948887}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.25877}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.948887}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.25877}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.948887}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.25877}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.948887}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06876111030578613 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:15205:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '15205', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.028454065322875977 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9076,122 +13231,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975500106811523 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.7178790569305 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.30653929710388 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.15:59224:91.121.140.167:443", "ip_d": "91.121.140.167", "ip_o": "10.100.200.15", "port_d": "443", "port_o": "59224", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 13.0}, {"feature": 12.0}, {"feature": 1489.0}, {"feature": 5.0}, {"feature": 1489.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 3552.0}, {"feature": 7.0}, {"feature": 3552.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037430714886338195 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013509199643100527 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004292964935302734 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007939586310769601 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00547997860596847 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023665900005198637 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014851093292236328 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7492 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.335620 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 103 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:11.983498 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.3364921 + timestamp: 1682073551.983721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.3364921 + timestamp: 1682073551.983721 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99952817 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.3364921 + timestamp: 1682073551.983721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.3364921 + timestamp: 1682073551.983721 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.3364921 + timestamp: 1682073551.983721 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.336492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.983721}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.336492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99952817}, "timestamp": {"timestamp": 1682073551.983721}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.336492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.983721}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.336492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.983721}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.336492}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073551.983721}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0575101375579834 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9999995827674866, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.15', 'ip_d': '91.121.140.167', 'tag_name': 'Crypto', 'tag': 1, 'flow_id': '10.100.200.15:59224:91.121.140.167:443', 'protocol': 'TCP', 'port_o': '59224', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02396845817565918 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:11', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9211,122 +13366,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997550368309021 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9999995827674866 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.7853901386261 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.33690977096558 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.15:59224:91.121.140.167:443", "ip_d": "91.121.140.167", "ip_o": "10.100.200.15", "port_d": "443", "port_o": "59224", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 13.0}, {"feature": 12.0}, {"feature": 1489.0}, {"feature": 5.0}, {"feature": 1489.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 3644.0}, {"feature": 8.0}, {"feature": 3644.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003742838198741423 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013508313250769712 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005113124847412109 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007878615192402969 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005453919960167072 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023618900002020382 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014514923095703125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7493 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.403679 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 104 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.012621 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.40423 + timestamp: 1682073552.012876 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.40423 + timestamp: 1682073552.012876 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999532759 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.40423 + timestamp: 1682073552.012876 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.40423 + timestamp: 1682073552.012876 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.40423 + timestamp: 1682073552.012876 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.40423}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.012876}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.40423}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99953276}, "timestamp": {"timestamp": 1682073552.012876}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.40423}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.012876}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.40423}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.012876}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.40423}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.012876}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0422210693359375 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9999995827674866, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.15', 'ip_d': '91.121.140.167', 'tag_name': 'Crypto', 'tag': 1, 'flow_id': '10.100.200.15:59224:91.121.140.167:443', 'protocol': 'TCP', 'port_o': '59224', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06539154052734375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9346,122 +13501,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997550368309021 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9999995827674866 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.8375720977783 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.40744352340698 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.15:59224:91.121.140.167:443", "ip_d": "91.121.140.167", "ip_o": "10.100.200.15", "port_d": "443", "port_o": "59224", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 14.0}, {"feature": 13.0}, {"feature": 1489.0}, {"feature": 5.0}, {"feature": 1489.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 3644.0}, {"feature": 8.0}, {"feature": 3644.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003742715199207049 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001350741614170559 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025222301483154297 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007822722666755258 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005428186054050292 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023571899998842127 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001468658447265625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7494 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.452402 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 105 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.083211 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.4526379 + timestamp: 1682073552.083451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.4526379 + timestamp: 1682073552.083451 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99953723 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.4526379 + timestamp: 1682073552.083451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.4526379 + timestamp: 1682073552.083451 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.4526379 + timestamp: 1682073552.083451 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.452638}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.083451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.452638}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995372}, "timestamp": {"timestamp": 1682073552.083451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.452638}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.083451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.452638}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.083451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.452638}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.083451}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.052217960357666016 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9999995827674866, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.15', 'ip_d': '91.121.140.167', 'tag_name': 'Crypto', 'tag': 1, 'flow_id': '10.100.200.15:59224:91.121.140.167:443', 'protocol': 'TCP', 'port_o': '59224', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02665543556213379 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9481,122 +13636,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997550368309021 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9999995827674866 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.8963150978088 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.43924236297607 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42104:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42104", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 21.0}, {"feature": 21.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:58060:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "58060", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037425492451854893 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013506522656902766 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026035308837890625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007764966698198135 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0054028448761534705 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023378599996703997 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0013682842254638672 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7495 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.511395 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 106 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.115850 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.5116451 + timestamp: 1682073552.1160879 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.5116451 + timestamp: 1682073552.1160879 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99954164 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.5116451 + timestamp: 1682073552.1160879 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.5116451 + timestamp: 1682073552.1160879 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.5116451 + timestamp: 1682073552.1160879 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.511645}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.116088}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.511645}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99954164}, "timestamp": {"timestamp": 1682073552.116088}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.511645}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.116088}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.511645}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.116088}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.511645}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.116088}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0668189525604248 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42104:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42104', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06540560722351074 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:58060:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '58060', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9616,122 +13771,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997550368309021 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 740.9699139595032 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.51072931289673 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42104:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42104", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 6.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 21.0}, {"feature": 21.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037424119747603627 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013505626940068262 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028688907623291016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007709838785125035 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00537783819032174 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023185299994565867 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014998912811279297 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7496 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.594220 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 107 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.186459 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.594481 + timestamp: 1682073552.1867139 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.594481 + timestamp: 1682073552.1867139 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999546 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.594481 + timestamp: 1682073552.1867139 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.594481 + timestamp: 1682073552.1867139 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.594481 + timestamp: 1682073552.1867139 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.594481}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.186714}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.594481}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999546}, "timestamp": {"timestamp": 1682073552.186714}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.594481}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.186714}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.594481}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.186714}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.594481}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.186714}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05774974822998047 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42104:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42104', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03486323356628418 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9751,122 +13906,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975506663322449 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.0451452732086 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.55076837539673 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42104:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42104", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 6.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 22.0}, {"feature": 22.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 10.0}, {"feature": 7.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 331.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037422698363562387 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013504731781683987 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646499779075384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002554655075073242 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007671081851920344 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0053530330170350054 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023378599996703997 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018050670623779297 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7497 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.660640 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 108 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.226884 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.6608591 + timestamp: 1682073552.227114 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.6608591 + timestamp: 1682073552.227114 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999550223 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.6608591 + timestamp: 1682073552.227114 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.6608591 + timestamp: 1682073552.227114 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.6608591 + timestamp: 1682073552.227114 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.660859}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.227114}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.660859}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995502}, "timestamp": {"timestamp": 1682073552.227114}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.660859}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.227114}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.660859}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.227114}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.660859}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.227114}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03920769691467285 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42104:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42104', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04462313652038574 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -9886,122 +14041,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975510239601135 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.091605424881 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.6009635925293 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:63655:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "63655", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 13.0}, {"feature": 12.0}, {"feature": 1043.0}, {"feature": 7.0}, {"feature": 2019.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 1016.0}, {"feature": 5.0}, {"feature": 1597.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003742205432535314 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013503832347448658 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646819921210408 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.012952804565429688 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007615637889974747 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005328732764266404 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023185299994565867 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015850067138671875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7498 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.717992 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 109 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.276848 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.7187631 + timestamp: 1682073552.2770751 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.7187631 + timestamp: 1682073552.2770751 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999554396 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.7187631 + timestamp: 1682073552.2770751 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.7187631 + timestamp: 1682073552.2770751 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.7187631 + timestamp: 1682073552.2770751 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.718763}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.277075}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.718763}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995544}, "timestamp": {"timestamp": 1682073552.277075}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.718763}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.277075}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.718763}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.277075}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.718763}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.277075}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07028627395629883 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:63655:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '63655', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.045337677001953125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10021,122 +14176,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975513815879822 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.1803958415985 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.65164065361023 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:63655:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "63655", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 14.0}, {"feature": 13.0}, {"feature": 1043.0}, {"feature": 7.0}, {"feature": 2019.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 1016.0}, {"feature": 5.0}, {"feature": 1597.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 10.0}, {"feature": 7.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 331.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374204105391623 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013502939443904688 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646499779075384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002146005630493164 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007578076545521319 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005304600905748552 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023378599996703997 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019533634185791016 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7499 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.796182 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 110 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.328202 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.796428 + timestamp: 1682073552.328454 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.796428 + timestamp: 1682073552.328454 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999558449 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.796428 + timestamp: 1682073552.328454 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.796428 + timestamp: 1682073552.328454 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.796428 + timestamp: 1682073552.328454 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.796428}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.328454}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.796428}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99955845}, "timestamp": {"timestamp": 1682073552.328454}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.796428}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.328454}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.796428}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.328454}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.796428}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.328454}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03128790855407715 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:63655:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '63655', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.052083492279052734 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10156,122 +14311,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997551679611206 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.2191429138184 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.70975708961487 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42092:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42092", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 9.0}, {"feature": 8.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 23.0}, {"feature": 23.0}, {"feature": 4593.0}, {"feature": 17.0}, {"feature": 25563.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037418140217972297 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013502053531516468 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002956390380859375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007532283964030432 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0052808706485102394 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023571899998842127 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0016765594482421875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7500 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.834280 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 111 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.402393 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.834573 + timestamp: 1682073552.4026649 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.834573 + timestamp: 1682073552.4026649 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999562502 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.834573 + timestamp: 1682073552.4026649 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.834573 + timestamp: 1682073552.4026649 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.834573 + timestamp: 1682073552.4026649 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.834573}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.402665}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.834573}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995625}, "timestamp": {"timestamp": 1682073552.402665}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.834573}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.402665}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.834573}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.402665}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.834573}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.402665}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.037624359130859375 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42092:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42092', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027202367782592773 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10291,122 +14446,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975520372390747 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.2638623714447 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.75947618484497 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003741549244565213 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001350117295710205 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025522708892822266 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000749697035720333 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005257374121224018 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023618900002020382 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0016865730285644531 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7501 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.878996 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 112 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.435865 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.879282 + timestamp: 1682073552.4361739 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.879282 + timestamp: 1682073552.4361739 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999566436 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.879282 + timestamp: 1682073552.4361739 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.879282 + timestamp: 1682073552.4361739 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.879282 + timestamp: 1682073552.4361739 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.879282}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.436174}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.879282}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99956644}, "timestamp": {"timestamp": 1682073552.436174}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.879282}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.436174}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.879282}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.436174}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.879282}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.436174}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0910639762878418 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.042996883392333984 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10426,122 +14581,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975523352622986 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.3617346286774 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.80818128585815 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:62055:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "62055", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 5.0}, {"feature": 132.0}, {"feature": 2.0}, {"feature": 264.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003741387322548652 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00135002803726781 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003168821334838867 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007453584070857027 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005234261102425426 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023665900005198637 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018470287322998047 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7502 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:24.978725 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 113 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.484808 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725084.9789629 + timestamp: 1682073552.4852231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725084.9789629 + timestamp: 1682073552.4852231 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957031 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725084.9789629 + timestamp: 1682073552.4852231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725084.9789629 + timestamp: 1682073552.4852231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725084.9789629 + timestamp: 1682073552.4852231 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.978963}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.485223}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725084.978963}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995703}, "timestamp": {"timestamp": 1682073552.485223}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.978963}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.485223}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.978963}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.485223}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725084.978963}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.485223}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06751513481140137 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:24', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.035677433013916016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:62055:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '62055', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10561,122 +14716,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975526928901672 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.4379298686981 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.84995818138123 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 7.0}, {"feature": 5.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 15.0}, {"feature": 15.0}, {"feature": 4593.0}, {"feature": 12.0}, {"feature": 19971.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374135151056442 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013499381040232331 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004343271255493164 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007425611754450457 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0052113380819138345 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023701200001369216 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025322437286376953 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7503 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.057540 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 114 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.527372 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.057786 + timestamp: 1682073552.5276351 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.057786 + timestamp: 1682073552.5276351 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999574125 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.057786 + timestamp: 1682073552.5276351 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.057786 + timestamp: 1682073552.5276351 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.057786 + timestamp: 1682073552.5276351 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.057786}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.527635}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.057786}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995741}, "timestamp": {"timestamp": 1682073552.527635}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.057786}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.527635}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.057786}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.527635}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.057786}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.527635}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05711984634399414 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06293749809265137 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10696,122 +14851,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975529909133911 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.5067148208618 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.91980814933777 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:30677:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "30677", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 621.0}, {"feature": 7.0}, {"feature": 1019.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 3.0}, {"feature": 727.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 12981.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374122831603956 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013498485749212947 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004431247711181641 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007392041478327803 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005188754420159593 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023736499997539795 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019617080688476562 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7504 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.129381 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 115 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.596733 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.1299281 + timestamp: 1682073552.5970571 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.1299281 + timestamp: 1682073552.5970571 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957782 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.1299281 + timestamp: 1682073552.5970571 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.1299281 + timestamp: 1682073552.5970571 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.1299281 + timestamp: 1682073552.5970571 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.129928}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.597057}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.129928}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995778}, "timestamp": {"timestamp": 1682073552.597057}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.129928}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.597057}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.129928}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.597057}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.129928}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.597057}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06844496726989746 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:30677:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '30677', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03054356575012207 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10831,122 +14986,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975533485412598 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.5895373821259 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 107.95677733421326 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:30677:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "30677", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 621.0}, {"feature": 7.0}, {"feature": 1019.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 581.0}, {"feature": 4.0}, {"feature": 1162.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 12981.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374110276934298 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013497590801180904 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646499779075384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003641366958618164 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007359760948343686 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005166456663532461 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002382654999451006 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001931905746459961 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7505 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.208840 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 116 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.671614 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.2090671 + timestamp: 1682073552.671989 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.2090671 + timestamp: 1682073552.671989 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999581516 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.2090671 + timestamp: 1682073552.671989 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.2090671 + timestamp: 1682073552.671989 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.2090671 + timestamp: 1682073552.671989 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.209067}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.671989}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.209067}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995815}, "timestamp": {"timestamp": 1682073552.671989}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.209067}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.671989}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.209067}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.671989}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.209067}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.671989}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.047472476959228516 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:30677:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '30677', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04100370407104492 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -10966,122 +15121,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975537061691284 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.6480083465576 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.04217100143433 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38723:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38723", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 4593.0}, {"feature": 10.0}, {"feature": 17175.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003740906969611497 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013496702310164224 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002683877944946289 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007322075641093403 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005144490525776758 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00023916599991480325 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019283294677734375 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7506 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.263374 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 117 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.719045 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.2636321 + timestamp: 1682073552.719331 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.2636321 + timestamp: 1682073552.719331 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999585092 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.2636321 + timestamp: 1682073552.719331 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.2636321 + timestamp: 1682073552.719331 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.2636321 + timestamp: 1682073552.719331 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.263632}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.719331}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.263632}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995851}, "timestamp": {"timestamp": 1682073552.719331}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.263632}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.719331}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.263632}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.719331}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.263632}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.719331}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0439298152923584 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38723:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38723', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.056168556213378906 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11101,122 +15256,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975540041923523 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.6995627880096 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.10480189323425 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38723:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38723", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 14.0}, {"feature": 14.0}, {"feature": 4593.0}, {"feature": 11.0}, {"feature": 18573.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037407160881647213 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013495813471361172 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0029811859130859375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007282890084812314 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005122820806869793 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024043549990437896 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027027130126953125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7507 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.314689 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 118 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.784451 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.314898 + timestamp: 1682073552.785166 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.314898 + timestamp: 1682073552.785166 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999588668 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.314898 + timestamp: 1682073552.785166 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.314898 + timestamp: 1682073552.785166 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.314898 + timestamp: 1682073552.785166 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.314898}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.785166}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.314898}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99958867}, "timestamp": {"timestamp": 1682073552.785166}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.314898}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.785166}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.314898}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.785166}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.314898}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.785166}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04022812843322754 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38723:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38723', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03986239433288574 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11236,122 +15391,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997554361820221 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.7466127872467 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.1537971496582 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14005:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14005", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 14379.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003740545878257279 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013494922737372712 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0029723644256591797 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007243965042078787 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005101426176350048 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024170499989395466 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019211769104003906 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7508 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.362299 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 119 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.830807 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.3705831 + timestamp: 1682073552.8310549 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.3705831 + timestamp: 1682073552.8310549 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999592125 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.3705831 + timestamp: 1682073552.8310549 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.3705831 + timestamp: 1682073552.8310549 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.3705831 + timestamp: 1682073552.8310549 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.370583}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.831055}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.370583}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995921}, "timestamp": {"timestamp": 1682073552.831055}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.370583}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.831055}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.370583}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.831055}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.370583}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.831055}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03914690017700195 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14005:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14005', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04577517509460449 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11371,122 +15526,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975546598434448 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.7939233779907 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.20598268508911 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14005:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14005", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 4593.0}, {"feature": 9.0}, {"feature": 15777.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000374024582292896 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013494049171200611 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0032868385314941406 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007205090333390747 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005080302763610731 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017342567443847656 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7509 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.409889 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 120 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.882416 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.4105711 + timestamp: 1682073552.8827081 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.4105711 + timestamp: 1682073552.8827081 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999595582 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.4105711 + timestamp: 1682073552.8827081 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.4105711 + timestamp: 1682073552.8827081 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.4105711 + timestamp: 1682073552.8827081 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.410571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.882708}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.410571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995956}, "timestamp": {"timestamp": 1682073552.882708}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.410571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.882708}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.410571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.882708}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.410571}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.882708}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0611722469329834 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14005:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14005', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.030486106872558594 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11506,122 +15661,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975550174713135 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.8631310462952 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.24232912063599 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14005:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14005", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42012:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42012", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 4593.0}, {"feature": 6.0}, {"feature": 11583.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037400739912480643 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001349315895159707 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0030434131622314453 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007157016033110913 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005059540303230886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024170499989395466 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005707740783691406 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7510 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.488375 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 121 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.924784 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.4888439 + timestamp: 1682073552.9250181 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.4888439 + timestamp: 1682073552.9250181 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99959892 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.4888439 + timestamp: 1682073552.9250181 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.4888439 + timestamp: 1682073552.9250181 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.4888439 + timestamp: 1682073552.9250181 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.488844}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.925018}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.488844}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995989}, "timestamp": {"timestamp": 1682073552.925018}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.488844}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.925018}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.488844}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.925018}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.488844}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.925018}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03671979904174805 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14005:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14005', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0620880126953125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42012:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42012', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11641,122 +15796,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975553154945374 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.9167461395264 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.31627917289734 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:14005:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "14005", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 132.0}, {"feature": 1.0}, {"feature": 132.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 2.0}, {"feature": 292.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 708.0}, {"feature": 1.0}, {"feature": 708.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003739840286815989 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013492275895701721 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026586055755615234 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007119301475462575 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0050389325978869555 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014910697937011719 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7511 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.531914 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 122 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:12.992431 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.5321529 + timestamp: 1682073552.9926491 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.5321529 + timestamp: 1682073552.9926491 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999602258 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.5321529 + timestamp: 1682073552.9926491 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.5321529 + timestamp: 1682073552.9926491 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.5321529 + timestamp: 1682073552.9926491 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.532153}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.992649}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.532153}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99960226}, "timestamp": {"timestamp": 1682073552.992649}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.532153}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.992649}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.532153}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.992649}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.532153}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073552.992649}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0460050106048584 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:14005:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '14005', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04216909408569336 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:12', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11776,122 +15931,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997555673122406 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 741.9695558547974 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.36521363258362 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42080:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42080", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681724900.0}, "features": [{"feature": 11.0}, {"feature": 10.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 24.0}, {"feature": 24.0}, {"feature": 4593.0}, {"feature": 16.0}, {"feature": 24165.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 708.0}, {"feature": 1.0}, {"feature": 708.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037397003652934823 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013491383267428153 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003001689910888672 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007076560813064178 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.005018629371737875 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024170499989395466 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0033538341522216797 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7512 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.587002 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 123 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.046467 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.587275 + timestamp: 1682073553.0470769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.587275 + timestamp: 1682073553.0470769 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999605536 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.587275 + timestamp: 1682073553.0470769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.587275 + timestamp: 1682073553.0470769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.587275 + timestamp: 1682073553.0470769 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.587275}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.047077}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.587275}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99960554}, "timestamp": {"timestamp": 1682073553.047077}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.587275}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.047077}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.587275}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.047077}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.587275}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.047077}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06568288803100586 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42080:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42080', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05014514923095703 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -11911,122 +16066,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681724928.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975560307502747 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.0444192886353 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.42619562149048 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037394988918437727 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013490496669736388 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002627849578857422 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007049378871023061 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004998442907090589 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019834041595458984 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7513 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.659579 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 124 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.104185 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.659816 + timestamp: 1682073553.1044061 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.659816 + timestamp: 1682073553.1044061 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999608755 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.659816 + timestamp: 1682073553.1044061 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.659816 + timestamp: 1682073553.1044061 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.659816 + timestamp: 1682073553.1044061 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.659816}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.104406}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.659816}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99960876}, "timestamp": {"timestamp": 1682073553.104406}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.659816}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.104406}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.659816}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.104406}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.659816}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.104406}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03230762481689453 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.033791542053222656 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12046,122 +16201,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975563287734985 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.0835876464844 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.46750736236572 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:55705:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "55705", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003739347967049858 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013489605292268526 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0030736923217773438 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0007010144080059035 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004978600693048191 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024170499989395466 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001806020736694336 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7514 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:25.958625 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 125 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.145850 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725085.9589131 + timestamp: 1682073553.1460869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725085.9589131 + timestamp: 1682073553.1460869 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999611855 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725085.9589131 + timestamp: 1682073553.1460869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725085.9589131 + timestamp: 1682073553.1460869 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725085.9589131 + timestamp: 1682073553.1460869 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.958913}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.146087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725085.958913}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99961185}, "timestamp": {"timestamp": 1682073553.146087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.958913}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.146087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.958913}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.146087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725085.958913}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.146087}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05261516571044922 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '17/04/2023 09:51:25', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04781079292297363 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:55705:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '55705', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12181,122 +16336,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975566864013672 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.4029774665833 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.52341771125793 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 12981.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037395546898426747 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001348871965316571 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028121471405029297 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006977368650856829 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0049589403779117264 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002241373062133789 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7515 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.021278 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 126 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.201195 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.0215371 + timestamp: 1682073553.2015951 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.0215371 + timestamp: 1682073553.2015951 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999615 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.0215371 + timestamp: 1682073553.2015951 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.0215371 + timestamp: 1682073553.2015951 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.0215371 + timestamp: 1682073553.2015951 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.021537}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.201595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.021537}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999615}, "timestamp": {"timestamp": 1682073553.201595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.021537}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.201595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.021537}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.201595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.021537}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.201595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.047949790954589844 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07639193534851074 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12316,122 +16471,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975569844245911 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.460874080658 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.60755944252014 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 17.0}, {"feature": 17.0}, {"feature": 4593.0}, {"feature": 14.0}, {"feature": 21369.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003739448398592802 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00134878254370526 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00395655632019043 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006943828740223959 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004939521884819404 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018630027770996094 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7516 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.079099 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 127 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.284880 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.079556 + timestamp: 1682073553.2858231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.079556 + timestamp: 1682073553.2858231 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999618053 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.079556 + timestamp: 1682073553.2858231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.079556 + timestamp: 1682073553.2858231 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.079556 + timestamp: 1682073553.2858231 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.079556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.285823}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.079556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99961805}, "timestamp": {"timestamp": 1682073553.285823}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.079556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.285823}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.079556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.285823}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.079556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.285823}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.031320810317993164 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03150367736816406 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12451,122 +16606,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975573420524597 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.502897977829 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.64702653884888 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 15.0}, {"feature": 15.0}, {"feature": 4593.0}, {"feature": 12.0}, {"feature": 18573.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003739289226276445 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013486935311978656 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005128622055053711 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006906185937562981 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004920371916196121 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001505136489868164 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.127499 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 128 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.330477 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.12773 + timestamp: 1682073553.330704 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.12773 + timestamp: 1682073553.330704 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999621034 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.12773 + timestamp: 1682073553.330704 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.12773 + timestamp: 1682073553.330704 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.12773 + timestamp: 1682073553.330704 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.12773}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.330704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.12773}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99962103}, "timestamp": {"timestamp": 1682073553.330704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.12773}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.330704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.12773}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.330704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.12773}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.330704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07750988006591797 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0725100040435791 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12586,122 +16741,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975576400756836 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.5966894626617 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.7324287891388 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 4593.0}, {"feature": 1.0}, {"feature": 4593.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 16.0}, {"feature": 16.0}, {"feature": 4593.0}, {"feature": 13.0}, {"feature": 19971.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037390777140550554 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001348605077398914 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028934478759765625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006872393953551372 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0049014127087243595 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00177001953125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7518 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.211846 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 129 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.409493 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.212148 + timestamp: 1682073553.40971 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.212148 + timestamp: 1682073553.40971 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999624 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.212148 + timestamp: 1682073553.40971 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.212148 + timestamp: 1682073553.40971 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.212148 + timestamp: 1682073553.40971 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.212148}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.40971}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.212148}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999624}, "timestamp": {"timestamp": 1682073553.40971}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.212148}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.40971}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.212148}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.40971}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.212148}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.40971}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06821775436401367 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03263139724731445 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12721,122 +16876,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975579977035522 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.6720635890961 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.77171397209167 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 4593.0}, {"feature": 1.0}, {"feature": 4593.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 14.0}, {"feature": 14.0}, {"feature": 4593.0}, {"feature": 11.0}, {"feature": 17175.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003738909586920342 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013485161825384103 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026459404034540057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0038940906524658203 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006836661461604238 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004882693396872448 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024184049993891676 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0021190643310546875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7519 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.295079 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 130 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.449165 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.295701 + timestamp: 1682073553.4715149 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.295701 + timestamp: 1682073553.4715149 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999626935 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.295701 + timestamp: 1682073553.4715149 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.295701 + timestamp: 1682073553.4715149 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.295701 + timestamp: 1682073553.4715149 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.295701}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.471515}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.295701}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99962693}, "timestamp": {"timestamp": 1682073553.471515}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.295701}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.471515}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.295701}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.471515}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.295701}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.471515}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.026861906051635742 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0655515193939209 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12856,122 +17011,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975583553314209 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.7137312889099 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.84425640106201 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 5991.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 4593.0}, {"feature": 10.0}, {"feature": 15777.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003738574386126005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013484296502308342 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026454852195456624 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027294158935546875 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006806096106931419 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004864146305811404 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019321441650390625 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7520 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.370738 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 131 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.523982 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.3711741 + timestamp: 1682073553.524256 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.3711741 + timestamp: 1682073553.524256 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999629796 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.3711741 + timestamp: 1682073553.524256 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.3711741 + timestamp: 1682073553.524256 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.3711741 + timestamp: 1682073553.524256 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.371174}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.524256}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.371174}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996298}, "timestamp": {"timestamp": 1682073553.524256}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.371174}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.524256}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.371174}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.524256}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.371174}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.524256}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02918720245361328 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06040143966674805 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -12991,122 +17146,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975586533546448 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.7917449474335 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.9140088558197 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 4593.0}, {"feature": 3.0}, {"feature": 7389.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42010:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42010", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 12981.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003738389799743222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013483409530848536 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002645030035637319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004061222076416016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006778531894000976 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0048457891814462735 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0021698474884033203 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7521 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.408917 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 132 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.591348 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.409204 + timestamp: 1682073553.591733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.409204 + timestamp: 1682073553.591733 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999632597 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.409204 + timestamp: 1682073553.591733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.409204 + timestamp: 1682073553.591733 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.409204 + timestamp: 1682073553.591733 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.409204}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.591733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.409204}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996326}, "timestamp": {"timestamp": 1682073553.591733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.409204}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.591733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.409204}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.591733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.409204}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.591733}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024341821670532227 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04262042045593262 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42010:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42010', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13126,122 +17281,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975590109825134 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.8249912261963 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 108.96339702606201 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 4593.0}, {"feature": 4.0}, {"feature": 8787.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037382030262964923 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013482522965954427 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026448650169186294 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003731966018676758 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006744969022612626 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004827691559723495 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005751848220825195 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7522 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.478511 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 133 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.646659 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.478821 + timestamp: 1682073553.6469309 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.478821 + timestamp: 1682073553.6469309 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999635398 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.478821 + timestamp: 1682073553.6469309 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.478821 + timestamp: 1682073553.6469309 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.478821 + timestamp: 1682073553.6469309 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.478821}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.646931}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.478821}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996354}, "timestamp": {"timestamp": 1682073553.646931}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.478821}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.646931}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.478821}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.646931}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.478821}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.646931}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.043547630310058594 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0576024055480957 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13261,122 +17416,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975593090057373 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.9139022827148 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.03370547294617 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 4593.0}, {"feature": 5.0}, {"feature": 10185.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003738210928325161 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013481626866729132 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002645030035637319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003677845001220703 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006716885373190229 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004809753097752739 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001943349838256836 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7523 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.531253 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 134 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.710873 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.5315559 + timestamp: 1682073553.7111051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.5315559 + timestamp: 1682073553.7111051 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99963814 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.5315559 + timestamp: 1682073553.7111051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.5315559 + timestamp: 1682073553.7111051 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.5315559 + timestamp: 1682073553.7111051 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.531556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.711105}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.531556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963814}, "timestamp": {"timestamp": 1682073553.711105}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.531556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.711105}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.531556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.711105}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.531556}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.711105}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06407546997070312 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.050287723541259766 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13396,122 +17551,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997559666633606 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 742.9871060848236 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.09058737754822 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 4593.0}, {"feature": 6.0}, {"feature": 11583.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003738133607642425 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013480732596905477 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026454852195456624 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0038492679595947266 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006685171777833064 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004792046707232525 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015914440155029297 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7524 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.603557 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 135 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.766476 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.6039491 + timestamp: 1682073553.766705 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.6039491 + timestamp: 1682073553.766705 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999640822 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.6039491 + timestamp: 1682073553.766705 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.6039491 + timestamp: 1682073553.766705 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.6039491 + timestamp: 1682073553.766705 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.603949}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.766705}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.603949}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996408}, "timestamp": {"timestamp": 1682073553.766705}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.603949}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.766705}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.603949}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.766705}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.603949}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.766705}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02600884437561035 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.046700477600097656 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13531,122 +17686,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975599646568298 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.0213723182678 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.14264345169067 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 12981.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037378022410872815 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013479867481796292 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002645030035637319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.040727853775024414 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006653122426523423 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004774541600051807 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015583038330078125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7525 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.674152 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 136 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.818584 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.6747479 + timestamp: 1682073553.818831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.6747479 + timestamp: 1682073553.818831 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999627709 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.6747479 + timestamp: 1682073553.818831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.6747479 + timestamp: 1682073553.818831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.6747479 + timestamp: 1682073553.818831 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.674748}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.818831}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.674748}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996277}, "timestamp": {"timestamp": 1682073553.818831}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.674748}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.818831}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.674748}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.818831}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.674748}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.818831}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03516745567321777 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0441591739654541 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13666,122 +17821,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975603222846985 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.1013243198395 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.19217228889465 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 12981.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737660104154807 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013478977538206281 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026454852195456624 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0036699771881103516 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006621564890565423 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0047572267044700975 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001463174819946289 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7526 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.718340 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 137 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.867759 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.718703 + timestamp: 1682073553.867995 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.718703 + timestamp: 1682073553.867995 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999630451 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.718703 + timestamp: 1682073553.867995 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.718703 + timestamp: 1682073553.867995 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.718703 + timestamp: 1682073553.867995 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.718703}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.867995}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.718703}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963045}, "timestamp": {"timestamp": 1682073553.867995}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.718703}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.867995}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.718703}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.867995}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.718703}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.867995}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0837550163269043 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05415463447570801 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13801,122 +17956,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975606203079224 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.1941120624542 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.25174331665039 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 12981.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737726312475775 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001347808335717214 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026459404034540057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.005310773849487305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006598902681216516 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004740033256285914 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0039064884185791016 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7527 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.817823 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 138 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.930981 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.8182271 + timestamp: 1682073553.9333079 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.8182271 + timestamp: 1682073553.9333079 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999633133 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.8182271 + timestamp: 1682073553.9333079 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.8182271 + timestamp: 1682073553.9333079 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.8182271 + timestamp: 1682073553.9333079 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.818227}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.933308}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.818227}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963313}, "timestamp": {"timestamp": 1682073553.933308}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.818227}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.933308}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.818227}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.933308}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.818227}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.933308}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.034902095794677734 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04488849639892578 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -13936,122 +18091,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997560977935791 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.2446978092194 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.30550575256348 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 14379.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737590656776375 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001347719326950081 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003062725067138672 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000658054834537933 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0047230012162986735 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0022869110107421875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7528 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.860971 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 139 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:13.985121 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.8613031 + timestamp: 1682073553.9858479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.8613031 + timestamp: 1682073553.9858479 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999635756 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.8613031 + timestamp: 1682073553.9858479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.8613031 + timestamp: 1682073553.9858479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.8613031 + timestamp: 1682073553.9858479 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.861303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.985848}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.861303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963576}, "timestamp": {"timestamp": 1682073553.985848}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.861303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.985848}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.861303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.985848}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.861303}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073553.985848}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.040178775787353516 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.035338401794433594 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:13', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14071,122 +18226,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975613355636597 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.2928037643433 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.3505642414093 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42118:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42118", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 5.0}, {"feature": 4.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 4593.0}, {"feature": 9.0}, {"feature": 15777.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037374569722137697 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013476303212587022 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026311874389648438 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006552717928627772 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004706217507525139 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024307000001044798 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0025322437286376953 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7529 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.908354 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 140 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.028084 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.908622 + timestamp: 1682073554.029283 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.908622 + timestamp: 1682073554.029283 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999638379 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.908622 + timestamp: 1682073554.029283 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.908622 + timestamp: 1682073554.029283 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.908622 + timestamp: 1682073554.029283 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.908622}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.029283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.908622}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996384}, "timestamp": {"timestamp": 1682073554.029283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.908622}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.029283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.908622}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.029283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.908622}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.029283}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024234533309936523 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42118:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42118', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.033883094787597656 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14206,122 +18361,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975616335868835 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.324371099472 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.39212274551392 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 266.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737500960648599 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013475408882583188 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.03471231460571289 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006758344893674119 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004695806343436414 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024355499999728636 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.006090402603149414 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7530 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:26.971172 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 141 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.073638 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725086.971421 + timestamp: 1682073554.0740671 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725086.971421 + timestamp: 1682073554.0740671 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999641 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725086.971421 + timestamp: 1682073554.0740671 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725086.971421 + timestamp: 1682073554.0740671 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725086.971421 + timestamp: 1682073554.0740671 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.971421}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.074067}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725086.971421}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999641}, "timestamp": {"timestamp": 1682073554.074067}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.971421}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.074067}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.971421}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.074067}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725086.971421}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.074067}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06070756912231445 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:26', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07786178588867188 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14341,122 +18496,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975619912147522 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.4235284328461 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.48132658004761 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 266.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037373478002427013 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013474520744807283 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004130363464355469 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006730921760620245 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0046793559042860085 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002436794999880476 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015711784362792969 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7531 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.041714 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 142 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.178799 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.043376 + timestamp: 1682073554.1790221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.043376 + timestamp: 1682073554.1790221 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999643505 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.043376 + timestamp: 1682073554.1790221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.043376 + timestamp: 1682073554.1790221 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.043376 + timestamp: 1682073554.1790221 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.043376}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.179022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.043376}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996435}, "timestamp": {"timestamp": 1682073554.179022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.043376}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.179022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.043376}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.179022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.043376}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.179022}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.050766944885253906 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05831551551818848 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14476,122 +18631,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975622892379761 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.4842581748962 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.56687641143799 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 3.0}, {"feature": 266.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037371801132892927 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001347363408864609 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003867626190185547 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006706976713347968 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004663053117584441 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024380399997880886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002888917922973633 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7532 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.100983 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 143 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.246779 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.101306 + timestamp: 1682073554.2472479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.101306 + timestamp: 1682073554.2472479 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999646068 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.101306 + timestamp: 1682073554.2472479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.101306 + timestamp: 1682073554.2472479 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.101306 + timestamp: 1682073554.2472479 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.101306}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.247248}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.101306}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99964607}, "timestamp": {"timestamp": 1682073554.247248}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.101306}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.247248}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.101306}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.247248}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.101306}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.247248}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04351305961608887 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05585193634033203 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14611,122 +18766,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975626468658447 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.5361700057983 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.6320116519928 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 588.0}, {"feature": 4.0}, {"feature": 655.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737019647328712 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013472746949284072 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026459404034540057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003319263458251953 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006675781111174691 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004646983490087884 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002436794999880476 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014226436614990234 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7533 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.152095 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 144 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.312385 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.152365 + timestamp: 1682073554.312587 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.152365 + timestamp: 1682073554.312587 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999648511 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.152365 + timestamp: 1682073554.312587 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.152365 + timestamp: 1682073554.312587 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.152365 + timestamp: 1682073554.312587 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.152365}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.312587}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.152365}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996485}, "timestamp": {"timestamp": 1682073554.312587}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.152365}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.312587}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.152365}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.312587}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.152365}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.312587}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04453682899475098 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.13454985618591309 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14746,122 +18901,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975629448890686 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.5883841514587 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.77635669708252 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 588.0}, {"feature": 4.0}, {"feature": 655.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13457:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13457", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003736888172735643 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001347185762261945 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0030868053436279297 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006952916827654478 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004642857561152089 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024380399997880886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.006523847579956055 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7534 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.206789 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 145 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.471502 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.2083621 + timestamp: 1682073554.4719 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.2083621 + timestamp: 1682073554.4719 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999650955 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.2083621 + timestamp: 1682073554.4719 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.2083621 + timestamp: 1682073554.4719 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.2083621 + timestamp: 1682073554.4719 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.208362}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.4719}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.208362}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99965096}, "timestamp": {"timestamp": 1682073554.4719}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.208362}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.4719}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.208362}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.4719}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.208362}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.4719}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06412529945373535 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04880189895629883 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13457:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13457', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -14881,122 +19036,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975633025169373 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.6626441478729 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.84968662261963 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 588.0}, {"feature": 4.0}, {"feature": 655.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:45128:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "45128", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003737003451019189 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013470967357030854 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0033540725708007812 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006937119109662266 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004626969148987392 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024382850000392864 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0020902156829833984 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7535 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.279436 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 146 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.537106 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.2796991 + timestamp: 1682073554.537313 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.2796991 + timestamp: 1682073554.537313 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999638617 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.2796991 + timestamp: 1682073554.537313 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.2796991 + timestamp: 1682073554.537313 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.2796991 + timestamp: 1682073554.537313 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.279699}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.537313}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.279699}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996386}, "timestamp": {"timestamp": 1682073554.537313}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.279699}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.537313}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.279699}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.537313}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.279699}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.537313}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03451895713806152 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04632091522216797 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:45128:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '45128', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15016,122 +19171,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975636005401611 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.7056684494019 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 109.91298389434814 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 10.0}, {"feature": 8.0}, {"feature": 588.0}, {"feature": 4.0}, {"feature": 655.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 7.0}, {"feature": 3.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003736802781804147 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013470084815759705 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003106355667114258 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006906530476263921 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004611352424684762 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024385300002904842 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018596649169921875 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7536 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.321204 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 147 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.801848 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.321708 + timestamp: 1682073554.8020921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.321708 + timestamp: 1682073554.8020921 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999626458 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.321708 + timestamp: 1682073554.8020921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.321708 + timestamp: 1682073554.8020921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.321708 + timestamp: 1682073554.8020921 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.321708}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.802092}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.321708}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99962646}, "timestamp": {"timestamp": 1682073554.802092}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.321708}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.802092}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.321708}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.802092}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.321708}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.802092}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.065155029296875 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.036870479583740234 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15151,122 +19306,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975639581680298 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.7780430316925 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.16820907592773 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 11.0}, {"feature": 9.0}, {"feature": 977.0}, {"feature": 5.0}, {"feature": 1044.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037366863863073864 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013469194978897546 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026509761810302734 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006876848243318573 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004595888028552806 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002439560000198071 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017180442810058594 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7537 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.393291 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 148 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.845079 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.3935211 + timestamp: 1682073554.845541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.3935211 + timestamp: 1682073554.845541 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999629 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.3935211 + timestamp: 1682073554.845541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.3935211 + timestamp: 1682073554.845541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.3935211 + timestamp: 1682073554.845541 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.393521}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.845541}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.393521}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999629}, "timestamp": {"timestamp": 1682073554.845541}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.393521}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.845541}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.393521}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.845541}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.393521}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.845541}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.030178308486938477 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0464329719543457 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15286,122 +19441,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975642561912537 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.8151438236237 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.2209644317627 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 10.0}, {"feature": 977.0}, {"feature": 6.0}, {"feature": 1433.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:25890:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "25890", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037365319227789147 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001346830820545685 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646145294420421 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027582645416259766 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006845032281953597 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004580603155286983 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024385300002904842 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0022780895233154297 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7538 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.430271 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 149 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.898973 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.4305141 + timestamp: 1682073554.899164 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.4305141 + timestamp: 1682073554.899164 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999631524 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.4305141 + timestamp: 1682073554.899164 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.4305141 + timestamp: 1682073554.899164 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.4305141 + timestamp: 1682073554.899164 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.430514}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.899164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.430514}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996315}, "timestamp": {"timestamp": 1682073554.899164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.430514}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.899164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.430514}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.899164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.430514}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.899164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.060011863708496094 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.040961265563964844 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:25890:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '25890', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15421,122 +19576,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975646138191223 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.8819608688354 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.26944375038147 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 11.0}, {"feature": 977.0}, {"feature": 7.0}, {"feature": 1822.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13457:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13457", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037364422501702147 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013467417183889773 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027844905853271484 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006820250266741823 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0045654091651662915 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002439560000198071 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0020258426666259766 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7539 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.497021 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 150 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.950678 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.49729 + timestamp: 1682073554.9509449 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.49729 + timestamp: 1682073554.9509449 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999634 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.49729 + timestamp: 1682073554.9509449 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.49729 + timestamp: 1682073554.9509449 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.49729 + timestamp: 1682073554.9509449 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.49729}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.950945}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.49729}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999634}, "timestamp": {"timestamp": 1682073554.950945}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.49729}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.950945}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.49729}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.950945}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.49729}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.950945}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0232999324798584 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03810691833496094 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13457:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13457', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15556,122 +19711,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975649118423462 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.9119410514832 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.31835198402405 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:1449:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "1449", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 14.0}, {"feature": 12.0}, {"feature": 977.0}, {"feature": 8.0}, {"feature": 2211.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13457:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13457", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037363205283858 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001346652823677059 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027844905853271484 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006791943576234382 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004550398872098457 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002440590000105658 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0022439956665039062 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7540 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.526701 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 151 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:14.995080 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.526921 + timestamp: 1682073554.9953711 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.526921 + timestamp: 1682073554.9953711 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999636471 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.526921 + timestamp: 1682073554.9953711 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.526921 + timestamp: 1682073554.9953711 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.526921 + timestamp: 1682073554.9953711 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.526921}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.995371}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.526921}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996365}, "timestamp": {"timestamp": 1682073554.995371}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.526921}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.995371}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.526921}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.995371}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.526921}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073554.995371}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.07540130615234375 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:1449:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '1449', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0311431884765625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:14', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13457:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13457', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15691,122 +19846,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975652694702148 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 743.9944920539856 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.35567831993103 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 11.0}, {"feature": 524.0}, {"feature": 8.0}, {"feature": 1182.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 146.0}, {"feature": 1.0}, {"feature": 146.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13457:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13457", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003736141773532079 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013465644265760047 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003546476364135742 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000676240565797427 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004535550993453784 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002439560000198071 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017194747924804688 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7541 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.614094 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 152 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.032390 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.6144929 + timestamp: 1682073555.0327041 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.6144929 + timestamp: 1682073555.0327041 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999638855 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.6144929 + timestamp: 1682073555.0327041 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.6144929 + timestamp: 1682073555.0327041 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.6144929 + timestamp: 1682073555.0327041 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.614493}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.032704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.614493}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99963886}, "timestamp": {"timestamp": 1682073555.032704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.614493}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.032704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.614493}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.032704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.614493}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.032704}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.041167497634887695 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05569100379943848 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13457:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13457', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15826,122 +19981,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975655674934387 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.0472147464752 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.41767835617065 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 12.0}, {"feature": 11.0}, {"feature": 524.0}, {"feature": 8.0}, {"feature": 1182.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13457:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13457", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 2.0}, {"feature": 2.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003736013182707119 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013464756156148663 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.011611700057983398 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006729473071971286 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004520886959597756 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024385300002904842 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018377304077148438 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7542 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.671350 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 153 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.095117 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.67168 + timestamp: 1682073555.0953541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.67168 + timestamp: 1682073555.0953541 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99964124 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.67168 + timestamp: 1682073555.0953541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.67168 + timestamp: 1682073555.0953541 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.67168 + timestamp: 1682073555.0953541 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.67168}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.095354}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.67168}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99964124}, "timestamp": {"timestamp": 1682073555.095354}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.67168}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.095354}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.67168}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.095354}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.67168}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.095354}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.028548717498779297 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03384828567504883 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13457:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13457', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -15961,122 +20116,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975659251213074 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.0918242931366 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.45840120315552 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:23513:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "23513", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 12.0}, {"feature": 524.0}, {"feature": 8.0}, {"feature": 1182.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:45128:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "45128", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037357955871624755 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013463876854660915 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0024747848510742188 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006697959740336046 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004506353439691082 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024382850000392864 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015552043914794922 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7543 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.706764 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 154 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.136582 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.70724 + timestamp: 1682073555.13681 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.70724 + timestamp: 1682073555.13681 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999643564 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.70724 + timestamp: 1682073555.13681 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.70724 + timestamp: 1682073555.13681 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.70724 + timestamp: 1682073555.13681 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.70724}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.13681}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.70724}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99964356}, "timestamp": {"timestamp": 1682073555.13681}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.70724}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.13681}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.70724}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.13681}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.70724}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.13681}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027972936630249023 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:23513:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '23513', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0449678897857666 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:45128:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '45128', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16096,122 +20251,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975662231445312 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.1264035701752 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.51096725463867 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 15.0}, {"feature": 13.0}, {"feature": 524.0}, {"feature": 7.0}, {"feature": 1115.0}, {"feature": 14.0}, {"feature": 14.0}, {"feature": 581.0}, {"feature": 5.0}, {"feature": 1308.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:45128:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "45128", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003735872061801793 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013462986106809324 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004416465759277344 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006669291742010471 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00449193417668313 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024380399997880886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014193058013916016 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7544 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.775594 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 155 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.186740 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.776062 + timestamp: 1682073555.1870911 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.776062 + timestamp: 1682073555.1870911 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999630272 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.776062 + timestamp: 1682073555.1870911 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.776062 + timestamp: 1682073555.1870911 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.776062 + timestamp: 1682073555.1870911 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.776062}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.187091}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.776062}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996303}, "timestamp": {"timestamp": 1682073555.187091}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.776062}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.187091}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.776062}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.187091}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.776062}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.187091}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.027698040008544922 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03312563896179199 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:45128:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '45128', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16231,122 +20386,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975665807723999 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.1959912776947 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.54928302764893 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 16.0}, {"feature": 14.0}, {"feature": 524.0}, {"feature": 7.0}, {"feature": 1115.0}, {"feature": 14.0}, {"feature": 14.0}, {"feature": 581.0}, {"feature": 5.0}, {"feature": 1308.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:43006:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "43006", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000373563391707018 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00134621097885316 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463501853868365 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0035886764526367188 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006639680769309892 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004477665566934759 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002436794999880476 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0016679763793945312 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7545 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.813550 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 156 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.226578 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.8144529 + timestamp: 1682073555.2268291 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.8144529 + timestamp: 1682073555.2268291 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999616206 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.8144529 + timestamp: 1682073555.2268291 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.8144529 + timestamp: 1682073555.2268291 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.8144529 + timestamp: 1682073555.2268291 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.814453}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.226829}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.814453}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996162}, "timestamp": {"timestamp": 1682073555.226829}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.814453}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.226829}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.814453}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.226829}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.814453}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.226829}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0678873062133789 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05352973937988281 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:43006:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '43006', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16366,122 +20521,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975669384002686 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.2737617492676 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.60948491096497 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 17.0}, {"feature": 15.0}, {"feature": 849.0}, {"feature": 8.0}, {"feature": 1440.0}, {"feature": 14.0}, {"feature": 14.0}, {"feature": 581.0}, {"feature": 5.0}, {"feature": 1308.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:43006:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "43006", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037355074521562434 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013461222238078492 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646355133038014 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00486445426940918 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006606685350399544 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004463572957456258 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024355499999728636 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014200210571289062 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7546 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.892606 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 157 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.284988 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.89346 + timestamp: 1682073555.2852769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.89346 + timestamp: 1682073555.2852769 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999603271 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.89346 + timestamp: 1682073555.2852769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.89346 + timestamp: 1682073555.2852769 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.89346 + timestamp: 1682073555.2852769 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.89346}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.285277}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.89346}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9996033}, "timestamp": {"timestamp": 1682073555.285277}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.89346}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.285277}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.89346}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.285277}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.89346}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.285277}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.041249990463256836 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.024839401245117188 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:43006:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '43006', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16501,122 +20656,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975672364234924 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.3262321949005 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.63938808441162 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:57748:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "57748", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 17.0}, {"feature": 15.0}, {"feature": 849.0}, {"feature": 8.0}, {"feature": 1440.0}, {"feature": 15.0}, {"feature": 15.0}, {"feature": 581.0}, {"feature": 5.0}, {"feature": 1308.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:43006:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "43006", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003735549177729384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013460330870512613 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0030667781829833984 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006576130443113182 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004449590015395677 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024307000001044798 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019769668579101562 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7547 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:27.944065 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 158 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.316133 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725087.944351 + timestamp: 1682073555.316453 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725087.944351 + timestamp: 1682073555.316453 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999589562 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725087.944351 + timestamp: 1682073555.316453 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725087.944351 + timestamp: 1682073555.316453 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725087.944351 + timestamp: 1682073555.316453 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.944351}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.316453}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725087.944351}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99958956}, "timestamp": {"timestamp": 1682073555.316453}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.944351}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.316453}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.944351}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.316453}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725087.944351}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.316453}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05317974090576172 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:27', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:57748:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '57748', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.08060741424560547 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:43006:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '43006', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16636,122 +20791,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975675940513611 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.3888986110687 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.726322889328 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42110:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42110", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 19.0}, {"feature": 19.0}, {"feature": 4593.0}, {"feature": 16.0}, {"feature": 24165.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003735472255501902 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013459440851042522 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004483222961425781 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006549520691903052 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0044357016347266005 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003317594528198242 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7548 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.016636 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 159 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.406432 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.016891 + timestamp: 1682073555.4067459 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.016891 + timestamp: 1682073555.4067459 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999578655 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.016891 + timestamp: 1682073555.4067459 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.016891 + timestamp: 1682073555.4067459 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.016891 + timestamp: 1682073555.4067459 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.016891}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.406746}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.016891}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957865}, "timestamp": {"timestamp": 1682073555.406746}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.016891}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.406746}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.016891}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.406746}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.016891}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.406746}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.028089284896850586 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42110:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42110', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04012918472290039 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16771,122 +20926,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.997567892074585 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.4369237422943 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.77595591545105 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42110:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42110", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 6.0}, {"feature": 5.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 20.0}, {"feature": 20.0}, {"feature": 4593.0}, {"feature": 16.0}, {"feature": 24165.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 6.0}, {"feature": 6.0}, {"feature": 4593.0}, {"feature": 4.0}, {"feature": 7389.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003735224007772461 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013458566630944807 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646360080689192 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002638101577758789 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006527262250081378 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004421907414555812 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024307000001044798 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0016582012176513672 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7549 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.051935 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 160 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.473954 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.052192 + timestamp: 1682073555.474215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.052192 + timestamp: 1682073555.474215 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999565303 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.052192 + timestamp: 1682073555.474215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.052192 + timestamp: 1682073555.474215 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.052192 + timestamp: 1682073555.474215 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.052192}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.474215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.052192}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995653}, "timestamp": {"timestamp": 1682073555.474215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.052192}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.474215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.052192}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.474215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.052192}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.474215}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04395937919616699 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42110:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42110', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.028621673583984375 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -16906,122 +21061,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975682497024536 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.487578868866 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.83199286460876 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 26.0}, {"feature": 23.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 21.0}, {"feature": 21.0}, {"feature": 1016.0}, {"feature": 8.0}, {"feature": 2324.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 4593.0}, {"feature": 5.0}, {"feature": 8787.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037351127608296837 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013457678776713359 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028235912322998047 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006498767329277646 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004408300746053349 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014407634735107422 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7550 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.102781 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 161 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.507819 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.103332 + timestamp: 1682073555.5081639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.103332 + timestamp: 1682073555.5081639 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999568 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.103332 + timestamp: 1682073555.5081639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.103332 + timestamp: 1682073555.5081639 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.103332 + timestamp: 1682073555.5081639 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.103332}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.508164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.103332}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999568}, "timestamp": {"timestamp": 1682073555.508164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.103332}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.508164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.103332}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.508164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.103332}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.508164}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03193926811218262 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.023604631423950195 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17041,122 +21196,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975685477256775 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.5264086723328 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.86082100868225 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 26.0}, {"feature": 23.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 22.0}, {"feature": 22.0}, {"feature": 1016.0}, {"feature": 8.0}, {"feature": 2324.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003735008116015616 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013456790700159254 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0031890869140625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006470454753170605 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0043948206498027565 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015113353729248047 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7551 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.143256 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 162 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.573960 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.143873 + timestamp: 1682073555.5742109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.143873 + timestamp: 1682073555.5742109 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999570668 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.143873 + timestamp: 1682073555.5742109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.143873 + timestamp: 1682073555.5742109 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.143873 + timestamp: 1682073555.5742109 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.143873}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.574211}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.143873}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957067}, "timestamp": {"timestamp": 1682073555.574211}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.143873}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.574211}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.143873}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.574211}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.143873}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.574211}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.055737972259521484 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0376737117767334 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17176,122 +21331,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975689053535461 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.5904595851898 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 110.94104552268982 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 26.0}, {"feature": 23.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 23.0}, {"feature": 23.0}, {"feature": 1016.0}, {"feature": 8.0}, {"feature": 2324.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003734791700742913 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001345591286975266 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463702670298517 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0023920536041259766 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006445649202538457 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004381432620209713 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014328956604003906 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7552 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.205319 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 163 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.617145 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.2055571 + timestamp: 1682073555.617532 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.2055571 + timestamp: 1682073555.617532 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957335 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.2055571 + timestamp: 1682073555.617532 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.2055571 + timestamp: 1682073555.617532 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.2055571 + timestamp: 1682073555.617532 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.205557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.617532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.205557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957335}, "timestamp": {"timestamp": 1682073555.617532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.205557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.617532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.205557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.617532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.205557}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.617532}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02657008171081543 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06151080131530762 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17311,122 +21466,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.99756920337677 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.6236083507538 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.00808882713318 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 26.0}, {"feature": 23.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 24.0}, {"feature": 24.0}, {"feature": 1446.0}, {"feature": 9.0}, {"feature": 2754.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 3.0}, {"feature": 3.0}, {"feature": 1398.0}, {"feature": 1.0}, {"feature": 1398.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003734699383509472 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013455024465891252 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0027408599853515625 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006424089451303 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004368140895454471 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002426500000183296 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017197132110595703 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7553 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.270633 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 164 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.685436 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.27119 + timestamp: 1682073555.6856749 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.27119 + timestamp: 1682073555.6856749 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99956286 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.27119 + timestamp: 1682073555.6856749 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.27119 + timestamp: 1682073555.6856749 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.27119 + timestamp: 1682073555.6856749 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.27119}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.685675}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.27119}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99956286}, "timestamp": {"timestamp": 1682073555.685675}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.27119}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.685675}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.27119}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.685675}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.27119}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.685675}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03657388687133789 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03507208824157715 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17446,122 +21601,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975695610046387 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.6992394924164 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.04992914199829 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 27.0}, {"feature": 24.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 24.0}, {"feature": 24.0}, {"feature": 1446.0}, {"feature": 9.0}, {"feature": 2754.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 5.0}, {"feature": 5.0}, {"feature": 4593.0}, {"feature": 3.0}, {"feature": 5991.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003734612007392879 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013454135990013012 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0037436485290527344 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006400811030385794 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004354986020772533 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024271500001304958 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001508474349975586 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7554 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.316163 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 165 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.731625 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.3168941 + timestamp: 1682073555.73188 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.3168941 + timestamp: 1682073555.73188 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999565542 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.3168941 + timestamp: 1682073555.73188 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.3168941 + timestamp: 1682073555.73188 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.3168941 + timestamp: 1682073555.73188 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.316894}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.73188}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.316894}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99956554}, "timestamp": {"timestamp": 1682073555.73188}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.316894}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.73188}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.316894}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.73188}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.316894}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.73188}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.030429363250732422 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03986644744873047 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17581,122 +21736,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975698590278625 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.7385454177856 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.10095691680908 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 27.0}, {"feature": 24.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 25.0}, {"feature": 25.0}, {"feature": 1446.0}, {"feature": 10.0}, {"feature": 3184.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 3.0}, {"feature": 2.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 4593.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037345588595552766 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013453246340873269 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646499779075384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0033588409423828125 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006374422469959251 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004341981091571113 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002426500000183296 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014209747314453125 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7555 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.374052 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 166 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.778246 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.37452 + timestamp: 1682073555.778496 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.37452 + timestamp: 1682073555.778496 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999568164 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.37452 + timestamp: 1682073555.778496 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.37452 + timestamp: 1682073555.778496 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.37452 + timestamp: 1682073555.778496 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.37452}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.778496}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.37452}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99956816}, "timestamp": {"timestamp": 1682073555.778496}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.37452}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.778496}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.37452}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.778496}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.37452}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.778496}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.041022300720214844 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03660702705383301 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17716,122 +21871,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975702166557312 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.8075139522552 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.14423513412476 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 28.0}, {"feature": 25.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 25.0}, {"feature": 25.0}, {"feature": 1446.0}, {"feature": 10.0}, {"feature": 3184.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 4593.0}, {"feature": 2.0}, {"feature": 4593.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003734277426418634 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013452378316520643 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0026483535766601562 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006348289640799886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004329092565180215 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0013747215270996094 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7556 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.423523 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 167 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.819931 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.4241719 + timestamp: 1682073555.820147 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.4241719 + timestamp: 1682073555.820147 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999570727 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.4241719 + timestamp: 1682073555.820147 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.4241719 + timestamp: 1682073555.820147 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.4241719 + timestamp: 1682073555.820147 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.424172}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.820147}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.424172}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995707}, "timestamp": {"timestamp": 1682073555.820147}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.424172}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.820147}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.424172}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.820147}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.424172}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.820147}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04720616340637207 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06598591804504395 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17851,122 +22006,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975705146789551 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.8624036312103 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.21532559394836 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 28.0}, {"feature": 25.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 26.0}, {"feature": 26.0}, {"feature": 1446.0}, {"feature": 11.0}, {"feature": 3614.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 6.0}, {"feature": 4.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 708.0}, {"feature": 1.0}, {"feature": 708.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037339875445056267 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013451511827481245 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004272937774658203 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006324528511986013 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004316298354057385 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014538764953613281 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7557 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.479741 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 168 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.891944 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.48048 + timestamp: 1682073555.89216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.48048 + timestamp: 1682073555.89216 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957335 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.48048 + timestamp: 1682073555.89216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.48048 + timestamp: 1682073555.89216 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.48048 + timestamp: 1682073555.89216 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.48048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.89216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.48048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957335}, "timestamp": {"timestamp": 1682073555.89216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.48048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.89216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.48048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.89216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.48048}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.89216}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03978538513183594 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03180646896362305 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -17986,122 +22141,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975708723068237 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.911235332489 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.2531476020813 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 29.0}, {"feature": 26.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 26.0}, {"feature": 26.0}, {"feature": 1446.0}, {"feature": 11.0}, {"feature": 3614.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:13309:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "13309", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 5.0}, {"feature": 3.0}, {"feature": 100.0}, {"feature": 1.0}, {"feature": 100.0}, {"feature": 4.0}, {"feature": 4.0}, {"feature": 708.0}, {"feature": 1.0}, {"feature": 708.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037339186999103 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013450623243796552 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0038607120513916016 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006303027869906404 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0043035995245943905 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017046928405761719 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7558 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.527630 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 169 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.929572 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.528327 + timestamp: 1682073555.9297831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.528327 + timestamp: 1682073555.9297831 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999575853 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.528327 + timestamp: 1682073555.9297831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.528327 + timestamp: 1682073555.9297831 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.528327 + timestamp: 1682073555.9297831 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.528327}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.929783}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.528327}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957585}, "timestamp": {"timestamp": 1682073555.929783}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.528327}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.929783}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.528327}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.929783}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.528327}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.929783}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06412315368652344 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05157184600830078 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:13309:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '13309', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18121,122 +22276,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975711703300476 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 744.9848291873932 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.31057929992676 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 29.0}, {"feature": 26.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 27.0}, {"feature": 27.0}, {"feature": 1469.0}, {"feature": 12.0}, {"feature": 3637.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 9.0}, {"feature": 7.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037337067131011474 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001344974613163151 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026463804533705115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004483461380004883 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006282414353021897 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0042910068867640875 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002426500000183296 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0018379688262939453 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7559 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.603884 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 170 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:15.986978 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.6047421 + timestamp: 1682073555.98718 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.6047421 + timestamp: 1682073555.98718 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999578357 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.6047421 + timestamp: 1682073555.98718 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.6047421 + timestamp: 1682073555.98718 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.6047421 + timestamp: 1682073555.98718 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.604742}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.98718}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.604742}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99957836}, "timestamp": {"timestamp": 1682073555.98718}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.604742}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.98718}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.604742}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.98718}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.604742}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073555.98718}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04144477844238281 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.02316141128540039 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:15', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18256,122 +22411,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975715279579163 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.0379407405853 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.33960270881653 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 29.0}, {"feature": 26.0}, {"feature": 1361.0}, {"feature": 9.0}, {"feature": 2393.0}, {"feature": 28.0}, {"feature": 28.0}, {"feature": 1469.0}, {"feature": 13.0}, {"feature": 3660.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:61577:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "61577", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 8.0}, {"feature": 6.0}, {"feature": 199.0}, {"feature": 2.0}, {"feature": 199.0}, {"feature": 7.0}, {"feature": 7.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037336171130100313 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013448858824878468 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646440116222948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003987550735473633 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006258809532239372 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004278552381169672 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0019259452819824219 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7560 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.655853 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 171 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.025245 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.6568279 + timestamp: 1682073556.0255921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.6568279 + timestamp: 1682073556.0255921 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99958086 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.6568279 + timestamp: 1682073556.0255921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.6568279 + timestamp: 1682073556.0255921 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.6568279 + timestamp: 1682073556.0255921 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.656828}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.025592}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.656828}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99958086}, "timestamp": {"timestamp": 1682073556.025592}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.656828}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.025592}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.656828}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.025592}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.656828}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.025592}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04855990409851074 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05999040603637695 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:61577:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '61577', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18391,122 +22546,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975718259811401 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.0968668460846 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.41473627090454 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38007:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38007", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 30.0}, {"feature": 27.0}, {"feature": 1384.0}, {"feature": 10.0}, {"feature": 2416.0}, {"feature": 28.0}, {"feature": 28.0}, {"feature": 1469.0}, {"feature": 13.0}, {"feature": 3660.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:49280:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "49280", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037334870525408274 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013447974193047897 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646499779075384 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0028612613677978516 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.000623558918612373 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004266204658755086 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0017499923706054688 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7561 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.712547 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 172 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.096176 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.7128451 + timestamp: 1682073556.0963931 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.7128451 + timestamp: 1682073556.0963931 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999583304 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.7128451 + timestamp: 1682073556.0963931 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.7128451 + timestamp: 1682073556.0963931 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.7128451 + timestamp: 1682073556.0963931 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.712845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.096393}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.712845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995833}, "timestamp": {"timestamp": 1682073556.096393}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.712845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.096393}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.712845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.096393}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.712845}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.096393}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.058348655700683594 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38007:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38007', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.06664395332336426 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9978645443916321, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:49280:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '49280', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18526,122 +22681,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975721836090088 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.1629989147186 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9978645443916321 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.49233222007751 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:30677:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "30677", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 14.0}, {"feature": 12.0}, {"feature": 621.0}, {"feature": 7.0}, {"feature": 1019.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 581.0}, {"feature": 4.0}, {"feature": 1162.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:49280:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "49280", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037336174654952945 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013447089764081607 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002646819921210408 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.004462480545043945 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006223156820881956 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004253887965730146 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002162456512451172 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7562 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.781057 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 173 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.415345 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.78203 + timestamp: 1682073556.4156661 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.78203 + timestamp: 1682073556.4156661 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99957329 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.78203 + timestamp: 1682073556.4156661 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.78203 + timestamp: 1682073556.4156661 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.78203 + timestamp: 1682073556.4156661 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.78203}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.415666}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.78203}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995733}, "timestamp": {"timestamp": 1682073556.415666}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.78203}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.415666}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.78203}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.415666}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.78203}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.415666}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.037203311920166016 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:30677:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '30677', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.04538679122924805 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9974504113197327, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:49280:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '49280', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18661,122 +22816,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975724816322327 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.2110939025879 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9974504113197327 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.79019570350647 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:30677:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "30677", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 15.0}, {"feature": 13.0}, {"feature": 621.0}, {"feature": 7.0}, {"feature": 1019.0}, {"feature": 13.0}, {"feature": 13.0}, {"feature": 581.0}, {"feature": 4.0}, {"feature": 1162.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:49280:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "49280", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 2.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 1.0}, {"feature": 1.0}, {"feature": 0.0}, {"feature": 0.0}, {"feature": 0.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037336375319407437 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013446200842910621 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026471400633454323 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.00529026985168457 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006200219712719319 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004241753824704382 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.001505136489868164 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7563 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.831332 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 174 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.466341 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.8323209 + timestamp: 1682073556.4665949 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.8323209 + timestamp: 1682073556.4665949 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999561 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.8323209 + timestamp: 1682073556.4665949 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.8323209 + timestamp: 1682073556.4665949 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.8323209 + timestamp: 1682073556.4665949 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.832321}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.466595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.832321}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.999561}, "timestamp": {"timestamp": 1682073556.466595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.832321}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.466595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.832321}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.466595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.832321}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.466595}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.0722494125366211 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:30677:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '30677', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.048589468002319336 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 0.9975987672805786, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:49280:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '49280', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18796,122 +22951,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975728392601013 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.2959084510803 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 0.9975987672805786 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.84432911872864 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38366:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38366", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 10.0}, {"feature": 588.0}, {"feature": 5.0}, {"feature": 787.0}, {"feature": 11.0}, {"feature": 11.0}, {"feature": 581.0}, {"feature": 2.0}, {"feature": 581.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 9.0}, {"feature": 9.0}, {"feature": 4593.0}, {"feature": 7.0}, {"feature": 11583.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037335550679502903 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013445313897403948 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002647259971126914 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.003926515579223633 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006180440971502321 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004229697630942129 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002425850000236096 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015649795532226562 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7564 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.913640 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 175 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.522971 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.914381 + timestamp: 1682073556.523186 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.914381 + timestamp: 1682073556.523186 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999549747 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.914381 + timestamp: 1682073556.523186 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.914381 + timestamp: 1682073556.523186 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.914381 + timestamp: 1682073556.523186 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.914381}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.523186}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.914381}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.99954975}, "timestamp": {"timestamp": 1682073556.523186}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.914381}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.523186}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.914381}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.523186}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.914381}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.523186}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.038193702697753906 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38366:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38366', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05288052558898926 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -18931,122 +23086,122 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975731372833252 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.3446867465973 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.90524911880493 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38366:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38366", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 13.0}, {"feature": 10.0}, {"feature": 588.0}, {"feature": 5.0}, {"feature": 787.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 8.0}, {"feature": 8.0}, {"feature": 4593.0}, {"feature": 6.0}, {"feature": 10185.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0003733491305226764 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.0013444426359133115 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.0002647379878908396 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.002865314483642578 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006157495113709191 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.004217773556646403 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024228050000374424 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0015454292297363281 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7565 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:28.961428 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 176 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.581685 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725088.96197 + timestamp: 1682073556.5819271 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725088.96197 + timestamp: 1682073556.5819271 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.99955231 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725088.96197 + timestamp: 1682073556.5819271 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725088.96197 + timestamp: 1682073556.5819271 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725088.96197 + timestamp: 1682073556.5819271 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.96197}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.581927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725088.96197}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995523}, "timestamp": {"timestamp": 1682073556.581927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.96197}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.581927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.96197}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "16"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.581927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725088.96197}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.581927}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.047766685485839844 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:28', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38366:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38366', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.03295326232910156 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '21/04/2023 10:39:16', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.115', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:42014:192.168.1.115:443', 'protocol': 'TCP', 'port_o': '42014', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } , 'endpoint_id': topology_id { context_id { @@ -19066,149 +23221,105 @@ device_id { endpoint_uuid { uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" } -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975734949111938 +, 'time_start': 1682073600.0, 'time_end': 1682073600.0} +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 0.0 INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.4017434120178 +INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 111.94409894943237 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence INFO:root:No attack detected DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:38366:192.168.1.198:443", "ip_d": "192.168.1.198", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "38366", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "0de0f403-7963-468b-b32d-dc4a358696cd"}}, "time_end": 1681725000.0, "time_start": 1681725000.0}, "features": [{"feature": 14.0}, {"feature": 11.0}, {"feature": 588.0}, {"feature": 5.0}, {"feature": 787.0}, {"feature": 12.0}, {"feature": 12.0}, {"feature": 581.0}, {"feature": 3.0}, {"feature": 1016.0}]} +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics request: {"connection_metadata": {"endpoint_id": {"device_id": {"device_uuid": {"uuid": "ed2388eb-5fb9-5888-a4f4-160267d3e19b"}}, "endpoint_uuid": {"uuid": "ff900d5d-2ac0-576c-9628-a2d016681f9d"}, "topology_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "topology_uuid": {"uuid": "c76135e3-24a8-5e92-9bed-c3c9139359c8"}}}, "flow_id": "10.100.200.3:42014:192.168.1.115:443", "ip_d": "192.168.1.115", "ip_o": "10.100.200.3", "port_d": "443", "port_o": "42014", "protocol": "TCP", "service_id": {"context_id": {"context_uuid": {"uuid": "43813baf-195e-5da6-af20-b3d0922e71a7"}}, "service_uuid": {"uuid": "635973d9-976c-4c6f-bb6d-cadca6dd2147"}}, "time_end": 1682073600.0, "time_start": 1682073600.0}, "features": [{"feature": 4.0}, {"feature": 3.0}, {"feature": 293.0}, {"feature": 1.0}, {"feature": 293.0}, {"feature": 10.0}, {"feature": 10.0}, {"feature": 4593.0}, {"feature": 8.0}, {"feature": 12981.0}]} INFO:root:Performing inference... DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:batch_size: 1 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:x_data.shape: (1, 10) -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.00037334568522136416 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.035609282029327005 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 9.599799523130059e-05 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.001344353818725568 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00026474351761862636 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0038442611694335938 seconds +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Average inference time: 0.0006133520904027162 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Max inference time: 0.05613432899997406 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Min inference time: 0.00013735100003486878 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Standard deviation inference time: 0.00420596232330192 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Median inference time: 0.00024197599998387886 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Inference performed in 0.0014452934265136719 seconds INFO:root:Inference performed correctly -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 7566 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-17 09:51:29.018985 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-17 09:50:43.865222 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-17 09:51:43.865222 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:inference_results length: 177 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:current_time: 2023-04-21 10:39:16.620132 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_start: 2023-04-21 10:39:05.579445 +DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:time_interval_end: 2023-04-21 10:40:05.579445 DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:service_id: context_id { context_uuid { uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" } } service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" + uuid: "635973d9-976c-4c6f-bb6d-cadca6dd2147" } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Sending KPIs to monitoring server DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_security_status: kpi_id { kpi_id { - uuid: "17" + uuid: "13" } } timestamp { - timestamp: 1681725089.019727 + timestamp: 1682073556.62037 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_conf: kpi_id { kpi_id { - uuid: "18" + uuid: "14" } } timestamp { - timestamp: 1681725089.019727 + timestamp: 1682073556.62037 } kpi_value { - floatVal: 0.999999583 + floatVal: 0.999554873 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attack_conns: kpi_id { kpi_id { - uuid: "19" + uuid: "15" } } timestamp { - timestamp: 1681725089.019727 + timestamp: 1682073556.62037 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_compromised_clients: kpi_id { kpi_id { - uuid: "20" + uuid: "16" } } timestamp { - timestamp: 1681725089.019727 + timestamp: 1682073556.62037 } kpi_value { - int32Val: 1 + int32Val: 0 } DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:kpi_unique_attackers: kpi_id { kpi_id { - uuid: "21" + uuid: "17" } } timestamp { - timestamp: 1681725089.019727 + timestamp: 1682073556.62037 } kpi_value { - int32Val: 1 + int32Val: 0 } -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "17"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725089.019727}} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "18"}}, "kpi_value": {"floatVal": 0.9999996}, "timestamp": {"timestamp": 1681725089.019727}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "13"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.62037}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "19"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725089.019727}} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "14"}}, "kpi_value": {"floatVal": 0.9995549}, "timestamp": {"timestamp": 1682073556.62037}} DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "20"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725089.019727}} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "21"}}, "kpi_value": {"int32Val": 1}, "timestamp": {"timestamp": 1681725089.019727}} -DEBUG:monitoring.client.MonitoringClient:IncludeKpi result: {} -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:KPIs sent to monitoring server -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Monitoring KPIs performed in 0.05720353126525879 seconds -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:cryptomining_detector_output: {'confidence': 1.0, 'timestamp': '17/04/2023 09:51:29', 'ip_o': '10.100.200.3', 'ip_d': '192.168.1.198', 'tag_name': 'Normal', 'tag': 0, 'flow_id': '10.100.200.3:38366:192.168.1.198:443', 'protocol': 'TCP', 'port_o': '38366', 'port_d': '443', 'ml_id': 'crypto_5g_rf_spider_features.onnx', 'service_id': context_id { - context_uuid { - uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" - } -} -service_uuid { - uuid: "0de0f403-7963-468b-b32d-dc4a358696cd" -} -, 'endpoint_id': topology_id { - context_id { - context_uuid { - uuid: "43813baf-195e-5da6-af20-b3d0922e71a7" - } - } - topology_uuid { - uuid: "c76135e3-24a8-5e92-9bed-c3c9139359c8" - } -} -device_id { - device_uuid { - uuid: "ed2388eb-5fb9-5888-a4f4-160267d3e19b" - } -} -endpoint_uuid { - uuid: "ff900d5d-2ac0-576c-9628-a2d016681f9d" -} -, 'time_start': 1681725056.0, 'time_end': 1681725056.0} -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections Correctly Classified: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Number of Attack Connections: 6 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Overall Detection Accuracy: 0.9975737929344177 - -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Attack Detection Accuracy: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Cryptomining Detector Confidence: 1.0 -INFO:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Time elapsed: 745.4683232307434 -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:Exporting prediction accuracy and confidence -INFO:root:No attack detected -DEBUG:l3_centralizedattackdetector.service.l3_centralizedattackdetectorServiceServicerImpl:AnalyzeConnectionStatistics reply: {"message": "Ok, information received (no attack detected)"} +DEBUG:monitoring.client.MonitoringClient:IncludeKpi: {"kpi_id": {"kpi_id": {"uuid": "15"}}, "kpi_value": {"int32Val": 0}, "timestamp": {"timestamp": 1682073556.62037}} diff --git a/proto/l3_centralizedattackdetector.proto b/proto/l3_centralizedattackdetector.proto index ed99435aa7db6584b381079cb1e3d589fb9998b5..4fc8ab22bcaa22dfe60d46f988de3b9d4376b89e 100644 --- a/proto/l3_centralizedattackdetector.proto +++ b/proto/l3_centralizedattackdetector.proto @@ -25,6 +25,9 @@ service L3Centralizedattackdetector { // Get the list of features used by the ML model in the CAD component rpc GetFeaturesIds (Empty) returns (AutoFeatures) {} + + // Get Scalability Config from the DAD component + rpc GetScalabilityConfig (L3ScalabilityConfig) returns (Empty) {} } message Feature { @@ -63,6 +66,14 @@ message L3CentralizedattackdetectorBatchInput { repeated L3CentralizedattackdetectorMetrics metrics = 1; } +// Exp3 - Scalability Config +message L3ScalabilityConfig { + float time_to_stabilize = 1; + float sampling_rate = 2; + float sampling_interval = 3; + int32 sampling_mode = 4; +} + message Empty { string message = 1; } diff --git a/scalability_accuracy.csv b/scalability_accuracy.csv index 043ac2d1d3ebc1a3673c0c8fde46892f4a82206e..5b08d66cdce302d130a64935a4dba06be34070d9 100644 --- a/scalability_accuracy.csv +++ b/scalability_accuracy.csv @@ -1,2 +1,4 @@ TIME_CONS OVERALL_ACCURACY CRYPTO_ACCURACY TOTAL_PREDICTIONS TOTAL_POSITIVES F_POSITIVES T_NEGATIVES F_NEGATIVES CONFIDENCE TIMESTAMP TIME_TO_STABILIZE 60 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 |18/04/2023 09:11:32| 2 +60 0.998019814491272 1.0 3536.0 3.0 0.0 3533.0 7.0 1.0 |18/04/2023 10:20:22| 5 +0.800000011920929 0.9972761273384094 1.0 2938.0 3.0 0.0 2935.0 8.0 1.0 |19/04/2023 11:53:30| 3.0 diff --git a/src/l3_centralizedattackdetector/client/l3_centralizedattackdetectorClient.py b/src/l3_centralizedattackdetector/client/l3_centralizedattackdetectorClient.py index 2ef33438e77dbe4c3609bd21133fb3a9c95c8bcc..6e05aa9865bba11a627bfb2222d7bd1564f77d62 100644 --- a/src/l3_centralizedattackdetector/client/l3_centralizedattackdetectorClient.py +++ b/src/l3_centralizedattackdetector/client/l3_centralizedattackdetectorClient.py @@ -22,6 +22,7 @@ from common.proto.l3_centralizedattackdetector_pb2 import ( Empty, L3CentralizedattackdetectorBatchInput, L3CentralizedattackdetectorMetrics, + L3ScalabilityConfig, ModelInput, ModelOutput ) @@ -70,5 +71,12 @@ class l3_centralizedattackdetectorClient: response = self.stub.GetOutput(request) LOGGER.debug('GetFeaturesIds result: {}'.format(response)) return response + + @RETRY_DECORATOR + def GetScalabilityConfig(self, request: L3ScalabilityConfig) -> Empty: + LOGGER.debug('GetScalabilityConfig request: {}'.format(request)) + response = self.stub.GetOutput(request) + LOGGER.debug('GetScalabilityConfig result: {}'.format(response)) + return response diff --git a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py index c8a16535ef628c62a48c58b28d36e233021e1953..36f170dbc71a52a59c9ce9ca9509a2ade67cb8ba 100644 --- a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py +++ b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py @@ -21,6 +21,7 @@ import numpy as np import onnxruntime as rt import logging import time +from enum import Enum import csv from multiprocessing import Process @@ -52,13 +53,14 @@ current_dir = os.path.dirname(os.path.abspath(__file__)) # Demo constants DEMO_MODE = True ATTACK_IPS = ["37.187.95.110", "91.121.140.167", "94.23.23.52", "94.23.247.226", "149.202.83.171"] - -TIME_TO_STABILIZE = 2 # minutes TIME_START = time.time() -MAX_CONNECTION_TIME = 60 METRICS_POOL = MetricsPool('l3_centralizedattackdetector', 'RPC') +class SamplingMode(Enum): + FIRST = 1 + LAST = 2 + RANDOM = 3 class ConnectionInfo: def __init__(self, ip_o, port_o, ip_d, port_d): @@ -197,9 +199,10 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto self.confidence = Value('f', 0) self.calculated_csv = False - # Start process to generate accuracy scalability csv asynchronically - p = Process(target=self.generate_accuracy_scalability_csv) - p.start() + self.time_to_stabilize = 2 + self.sampling_rate = 0.8 + self.sampling_interval = 0.2 + self.sampling_mode = "Random" """ Create a monitored KPI for a specific service and add it to the Monitoring Client @@ -291,16 +294,16 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto # assign the timestamp of the first inference result to the time_interval_start if self.time_interval_start is None: self.time_interval_start = monitor_inference_results[0]["timestamp"] - LOGGER.debug("self.time_interval_start: {}".format(self.time_interval_start)) + #LOGGER.debug("self.time_interval_start: {}".format(self.time_interval_start)) # add time_interval to the current time to get the time interval end - LOGGER.debug("time_interval: {}".format(time_interval)) - LOGGER.debug(timedelta(seconds=time_interval)) + #LOGGER.debug("time_interval: {}".format(time_interval)) + #LOGGER.debug(timedelta(seconds=time_interval)) self.time_interval_end = self.time_interval_start + timedelta(seconds=time_interval) current_time = datetime.utcnow() - LOGGER.debug("current_time: {}".format(current_time)) + #LOGGER.debug("current_time: {}".format(current_time)) if current_time >= self.time_interval_end: self.time_interval_start = self.time_interval_end @@ -322,8 +325,8 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto self.l3_non_empty_time_interval = False - LOGGER.debug("time_interval_start: {}".format(self.time_interval_start)) - LOGGER.debug("time_interval_end: {}".format(self.time_interval_end)) + #LOGGER.debug("time_interval_start: {}".format(self.time_interval_start)) + #LOGGER.debug("time_interval_end: {}".format(self.time_interval_end)) def monitor_compute_l3_kpi(self, service_id, monitor_inference_results): # L3 security status @@ -662,24 +665,51 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto f.close() def generate_accuracy_scalability_csv(self): - LOGGER.debug("Starting async prediction accuracy analysis 2") + LOGGER.debug("Starting async prediction accuracy analysis exp 3") LOGGER.debug("Correct csv load: {}".format(os.path.exists("/var/teraflow/scalability_accuracy.csv"))) # Wait for the system to stabilize - time.sleep(TIME_TO_STABILIZE * 60) + time.sleep(self.time_to_stabilize * 60) LOGGER.debug("Scalability csv started") - with open("/var/teraflow/scalability_accuracy.csv", 'a', newline='') as f: + with open("/var/teraflow/scalability_accuracy.csv", 'w', newline='') as f: spamwriter = csv.writer(f, delimiter=' ', quotechar='|', quoting=csv.QUOTE_MINIMAL) - '''spamwriter.writerow(['TIME_CONS', 'OVERALL_ACCURACY', 'CRYPTO_ACCURACY', + spamwriter.writerow(['OVERALL_ACCURACY', 'CRYPTO_ACCURACY', 'TOTAL_PREDICTIONS', 'TOTAL_POSITIVES', 'F_POSITIVES', - 'T_NEGATIVES', 'F_NEGATIVES', 'CONFIDENCE', 'TIMESTAMP', 'TIME_TO_STABILIZE'])''' + 'T_NEGATIVES', 'F_NEGATIVES', 'CONFIDENCE', 'TIMESTAMP', + 'SAMPLING_INTERVAL', 'SAMPLING_RATE', 'SAMPLING_MODE', 'TIME_TO_STABILIZE']) - spamwriter.writerow([MAX_CONNECTION_TIME, self.overall_detection_acc.value, self.cryptomining_attack_detection_acc.value, + spamwriter.writerow([self.overall_detection_acc.value, self.cryptomining_attack_detection_acc.value, self.total_predictions.value, self.attack_connections_len.value, self.false_positives.value, self.total_predictions.value - self.attack_connections_len.value, self.false_negatives.value, - self.confidence.value, datetime.now().strftime("%d/%m/%Y %H:%M:%S"), TIME_TO_STABILIZE]) + self.confidence.value, datetime.now().strftime("%d/%m/%Y %H:%M:%S"), + self.sampling_interval, self.sampling_rate, self.sampling_mode, self.time_to_stabilize]) f.close() + + @safe_and_metered_rpc_method(METRICS_POOL, LOGGER) + def GetScalabilityConfig(self, request, context): + LOGGER.info("Received scalability config request") + + self.time_to_stabilize = request.time_to_stabilize + self.sampling_interval = request.sampling_interval + self.sampling_rate = request.sampling_rate + + if request.sampling_mode == SamplingMode.RANDOM: + self.sampling_mode = "Random" + elif request.sampling_mode == SamplingMode.FIRST: + self.sampling_mode = "First" + else: + self.sampling_mode = "Last" + + LOGGER.debug("Sampling interval: {}".format(self.sampling_interval)) + LOGGER.debug("Sampling rate: {}".format(self.sampling_rate)) + LOGGER.debug("Sampling mode: {}".format(self.sampling_mode)) + + # Start process to generate accuracy scalability csv asynchronically + p = Process(target=self.generate_accuracy_scalability_csv) + p.start() + + return Empty(message="CSV started") def AnalyzeBatchConnectionStatistics(self, request, context): batch_time_start = time.time()