exp1_results/response_times_l3-centralizedattackdetectorservice-6f68d67f85-bjq75.csv

-timestamp_first_req,timestamp_last_req,total_time,batch_size
-1684439500.7262454,1684439518.696577,17.97033166885376,256
-1684439518.7009058,1684439536.8979518,18.197046041488647,256
-1684439536.9033403,1684439573.1907332,36.28739285469055,256
-1684439573.1981168,1684439591.7938573,18.59574055671692,256
-1684439591.801213,1684439626.0076125,34.20639944076538,256
-1684439626.0122116,1684439660.0969336,34.08472204208374,256
-1684439660.1023145,1684439694.6814883,34.57917380332947,256
-1684439694.6866412,1684439713.177154,18.49051284790039,256
-1684439713.183632,1684439748.8026614,35.61902952194214,256
-1684439748.8648906,1684439768.0725336,19.207643032073975,256
-1684439768.0773811,1684439786.7156172,18.638236045837402,256
-1684439786.7640705,1684439805.4091456,18.64507508277893,256
-1684439805.4138126,1684439841.2038834,35.79007077217102,256
-1684439841.2108314,1684439860.10726,18.89642858505249,256
-1684439860.1131806,1684439878.264643,18.15146231651306,256
-1684439878.2704298,1684439896.9845712,18.714141368865967,256
-1684439897.0112722,1684439915.293344,18.282071828842163,256
-1684439915.2984266,1684439934.505506,19.20707941055298,256
-1684439934.5113277,1684439952.389038,17.877710342407227,256

run_cad_metrics_extraction.sh

-folder_name="exp1_results"
-
-echo "Output folder: $folder_name"
-
-if [ -d "$folder_name" ]; then
-    echo "Output folder '$folder_name' already exists."
-    echo "Removing all files in '$folder_name'..."
-    rm -r "$folder_name"/*
-else
-    echo "Creating output folder '$folder_name'..."
-    mkdir "$folder_name"
-fi
-
-# Write column names to csv file
-echo "number_active_pods,cpu_usage" > $folder_name/pod_info.csv
-
-echo "Starting collection of CAD metrics..."
-while true; do
-    list=($(kubectl get pods --namespace tfs | grep l3-centralized | awk '{print $1}'))
-    #kubectl -n "tfs" cp $pod_name:exp_1.csv $folder_name/$pod_name.csv -c server
-    echo "Currently running pods:"
-
-    for item in "${list[@]}"; do
-        echo "Pod: $item"
-        echo "Copying CAD metrics csv file to $folder_name/response_times_$item.csv"
-        kubectl -n "tfs" cp $item:response_times.csv $folder_name/response_times_$item.csv -c server
-    done
-    
-    echo "Getting number of currently active pods and CPU usage..."
-    number_pods=$(kubectl get pods --namespace tfs | grep l3-centralized | wc -l)
-    cpu_usage=$(kubectl --namespace tfs get all | grep autoscaling/l3-centralizedattackdetectorservice-hpa  | awk '{print $3}')
-
-    # check that cpu_usage does not contain "unknown"
-    if [[ $cpu_usage == *"unknown"* ]]; then
-        cpu_usage=0
-    fi
-
-    echo
-    echo "Number of currently active pods: $number_pods"
-    echo "CPU usage: $cpu_usage"
-    echo
-    
-    echo "Writing number of currently active pods and CPU usage to $folder_name/pod_info.csv"
-    echo "$number_pods,$cpu_usage" >> $folder_name/pod_info.csv
-    sleep 1
-
-    # check if file "stop_exp1" exists
-    if [ -f "stop_exp1" ]; then
-        echo "File 'stop_exp1' found. Stopping experiment."
-        break
-    fi
-done
-
-echo "Collection of CAD metrics stopped."
-rm stop_exp1

set_exp1_params.sh

-#!/bin/bash
-
-export BATCH_SIZE=${1:-10}
-export TARGET_CPU_UTIL=${2:-80}
-
-echo "exp1 parameters set to:"
-echo "BATCH_SIZE: $BATCH_SIZE"
-echo "TARGET_CPU_UTIL: $TARGET_CPU_UTIL"
-
-CAD_manifest="./manifests/l3_centralizedattackdetectorservice.yaml"
-
-# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# apiVersion: apps/v1
-# kind: Deployment
-# metadata:
-#   name: l3-centralizedattackdetectorservice
-# spec:
-#   selector:
-#     matchLabels:
-#       app: l3-centralizedattackdetectorservice
-#   template:
-#     metadata:
-#       labels:
-#         app: l3-centralizedattackdetectorservice
-#     spec:
-#       terminationGracePeriodSeconds: 5
-#       containers:
-#       - name: server
-#         image: labs.etsi.org:5050/tfs/controller/l3_centralizedattackdetector:latest
-#         imagePullPolicy: Always
-#         ports:
-#         - containerPort: 10001
-#         - containerPort: 9192
-#         env:
-#             - name: LOG_LEVEL
-#               value: "DEBUG"
-#             - name: BATCH_SIZE
-#               value: "10"
-#             - name: CAD_CLASSIFICATION_THRESHOLD
-
-
-# Update BATCH_SIZE value in the CAD manifest
-echo "Updating BATCH_SIZE value in the CAD manifest to $BATCH_SIZE"
-found=0
-line_num=0
-
-while read line; do
-    line_num=$((line_num+1))
-
-    if [[ $line == *"name: BATCH_SIZE"* ]]; then
-        found=1
-    fi
-
-    if [[ $found == 1 ]]; then
-        if [[ $line == *"value"* ]]; then
-            echo "Found BATCH_SIZE value in the CAD manifest at line $line_num"
-            sed -i "${line_num}s/\(value: \).*/\1\"$BATCH_SIZE\"/" $CAD_manifest
-            break
-        fi
-    fi
-done < $CAD_manifest
-
-# Update averageUtilization value in the CAD manifest to TARGET_CPU_UTIL
-echo "Updating averageUtilization value in the CAD manifest to $TARGET_CPU_UTIL"
-sed -i "s/\(averageUtilization: \).*/\1$TARGET_CPU_UTIL/" $CAD_manifest
\ No newline at end of file

src/tests/scenario3/l3/README.md

-# Scripts to automatically run the "Attack Detection & Mitigation at the L3 Layer" workflow (Scenario 3).
-"launch_l3_attack_detection_and_mitigation.sh" launches the TeraFlow OS components, which includes the CentralizedAttackDetector and AttackMitigator componentes necessary to perform this workflow.
-"launch_l3_attack_detection_and_mitigation_complete.sh" also launches the DistributedAttackDetector, which monitors the network data plane and passively collects traffic packets and aggregates them in network flows, which are then provided to the CentralizedAttackDetector to detect attacks that may be occurring in the network.
+# Demonstration of a L3 Cybersecurity Components for Attack Detection and Mitigation
+
+__Authors__: Partners of Universidad Politécnica de Madrid and Telefónica I+D
+
+## Executing
+
+```bash
+python src/tests/scenario3/l3/run.sh
+```
\ No newline at end of file

src/tests/scenario3/l3/complete_deploy.sh

-#!/bin/bash
-# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-./src/tests/ofc22/run_test_03_delete_service.sh
-./src/tests/ofc22/run_test_04_cleanup.sh
-source src/tests/ofc22/deploy_specs.sh
-source my_deploy.sh
-./deploy/all.sh
-source tfs_runtime_env_vars.sh
-ofc22/run_test_01_bootstrap.sh
-ofc22/run_test_02_create_service.sh

src/tests/scenario3/l3/launch_l3_attack_detection_and_mitigation.sh → src/tests/scenario3/l3/deploy.sh

@@ -13,12 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-cd /home/ubuntu/tfs-ctrl
-source my_deploy.sh
-./deploy.sh
-./show_deploy.sh
-
+source deploy_specs.sh
+./deploy/all.sh
 source tfs_runtime_env_vars.sh
-
 ofc22/run_test_01_bootstrap.sh
 ofc22/run_test_02_create_service.sh

src/tests/scenario3/l3/deploy_l3_component.sh

-#!/bin/bash
-# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-component=$1
-
-source "my_deploy.sh"
-
-echo "Deploying $component..."
-
-# check if component == "CAD"
-if [ $component == "CAD" ]; then
-    # find kubernetes pod that contains "centralizedattackdetectorservice"
-    pod=$(kubectl --namespace $TFS_K8S_NAMESPACE get pods | grep l3-centralizedattackdetectorservice | awk '{print $1}')
-    
-    # delete pod
-    kubectl --namespace $TFS_K8S_NAMESPACE delete pod $pod --force --grace-period=0
-    
-    # # wait for pod to be deleted
-    # while [ $(kubectl --namespace $TFS_K8S_NAMESPACE get pods | grep l3-centralizedattackdetectorservice | wc -l) -gt 0 ]; do
-    #     sleep 1
-    # done
-    
-    # deploy l3_centralizedattackdetector component
-    ./deploy_component.sh "l3_centralizedattackdetector"
-fi
-
-# check if component == "AM"
-if [ $component == "AM" ]; then
-    # find kubernetes pod that contains "l3-attackmitigatorservice"
-    pod=$(kubectl --namespace $TFS_K8S_NAMESPACE get pods | grep l3-attackmitigatorservice | awk '{print $1}')
-    
-    # delete pod
-    kubectl --namespace $TFS_K8S_NAMESPACE delete pod $pod --force --grace-period=0
-    
-    # # wait for pod to be deleted
-    # while [ $(kubectl --namespace $TFS_K8S_NAMESPACE get pods | grep l3-attackmitigatorservice | wc -l) -gt 0 ]; do
-    #     sleep 1
-    # done
-    
-    # deploy l3_attackmitigator component
-    ./deploy_component.sh "l3_attackmitigator"
-fi
-
-echo "Component $component deployed"
-
-echo "Restarting DAD..."
-sshpass -p "ubuntu" ssh -o StrictHostKeyChecking=no -n -f ubuntu@192.168.165.73 "sh -c 'nohup /home/ubuntu/TeraflowDockerDistributed/restart.sh > /dev/null 2>&1 &'"
-echo "DAD restarted"

src/tests/scenario3/l3/deploy_specs.sh

+#!/bin/bash
+# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# ----- TeraFlowSDN ------------------------------------------------------------
+
+# Set the URL of the internal MicroK8s Docker registry where the images will be uploaded to.
+export TFS_REGISTRY_IMAGES="http://localhost:32000/tfs/"
+
+# Set the list of components, separated by spaces, you want to build images for, and deploy.
+export TFS_COMPONENTS="context device pathcomp service slice compute webui load_generator monitoring automation l3_attackmitigator l3_centralizedattackdetector"
+
+# Set the tag you want to use for your images.
+export TFS_IMAGE_TAG="dev"
+
+# Set the name of the Kubernetes namespace to deploy TFS to.
+export TFS_K8S_NAMESPACE="tfs"
+
+# Set additional manifest files to be applied after the deployment
+export TFS_EXTRA_MANIFESTS="manifests/nginx_ingress_http.yaml manifests/servicemonitors.yaml"
+
+# Set the new Grafana admin password
+export TFS_GRAFANA_PASSWORD="admin123+"
+
+# Disable skip-build flag to rebuild the Docker images.
+export TFS_SKIP_BUILD=""
+
+
+# ----- CockroachDB ------------------------------------------------------------
+
+# Set the namespace where CockroackDB will be deployed.
+export CRDB_NAMESPACE="crdb"
+
+# Set the external port CockroackDB Postgre SQL interface will be exposed to.
+export CRDB_EXT_PORT_SQL="26257"
+
+# Set the external port CockroackDB HTTP Mgmt GUI interface will be exposed to.
+export CRDB_EXT_PORT_HTTP="8081"
+
+# Set the database username to be used by Context.
+export CRDB_USERNAME="tfs"
+
+# Set the database user's password to be used by Context.
+export CRDB_PASSWORD="tfs123"
+
+# Set the database name to be used by Context.
+export CRDB_DATABASE="tfs"
+
+# Set CockroachDB installation mode to 'single'. This option is convenient for development and testing.
+# See ./deploy/all.sh or ./deploy/crdb.sh for additional details
+export CRDB_DEPLOY_MODE="single"
+
+# Disable flag for dropping database, if it exists.
+export CRDB_DROP_DATABASE_IF_EXISTS="YES"
+
+# Disable flag for re-deploying CockroachDB from scratch.
+export CRDB_REDEPLOY="YES"
+
+
+# ----- NATS -------------------------------------------------------------------
+
+# Set the namespace where NATS will be deployed.
+export NATS_NAMESPACE="nats"
+
+# Set the external port NATS Client interface will be exposed to.
+export NATS_EXT_PORT_CLIENT="4222"
+
+# Set the external port NATS HTTP Mgmt GUI interface will be exposed to.
+export NATS_EXT_PORT_HTTP="8222"
+
+# Disable flag for re-deploying NATS from scratch.
+export NATS_REDEPLOY="YES"
+
+
+# ----- QuestDB ----------------------------------------------------------------
+
+# Set the namespace where QuestDB will be deployed.
+export QDB_NAMESPACE="qdb"
+
+# Set the external port QuestDB Postgre SQL interface will be exposed to.
+export QDB_EXT_PORT_SQL="8812"
+
+# Set the external port QuestDB Influx Line Protocol interface will be exposed to.
+export QDB_EXT_PORT_ILP="9009"
+
+# Set the external port QuestDB HTTP Mgmt GUI interface will be exposed to.
+export QDB_EXT_PORT_HTTP="9000"
+
+# Set the database username to be used for QuestDB.
+export QDB_USERNAME="admin"
+
+# Set the database user's password to be used for QuestDB.
+export QDB_PASSWORD="quest"
+
+# Set the table name to be used by Monitoring for KPIs.
+export QDB_TABLE_MONITORING_KPIS="tfs_monitoring_kpis"
+
+# Set the table name to be used by Slice for plotting groups.
+export QDB_TABLE_SLICE_GROUPS="tfs_slice_groups"
+
+# Disable flag for dropping tables if they exist.
+export QDB_DROP_TABLES_IF_EXIST="YES"
+
+# Disable flag for re-deploying QuestDB from scratch.
+export QDB_REDEPLOY="YES"
+
+
+# ----- K8s Observability ------------------------------------------------------
+
+# Set the external port Prometheus Mgmt HTTP GUI interface will be exposed to.
+export PROM_EXT_PORT_HTTP="9090"
+
+# Set the external port Grafana HTTP Dashboards will be exposed to.
+export GRAF_EXT_PORT_HTTP="3000"

src/tests/scenario3/l3/launch_webui.sh

-#!/bin/bash
-# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ssh -L 12345:localhost:80 ubuntu@192.168.165.78

src/tests/scenario3/l3/launch_l3_attack_detection_and_mitigation_complete.sh → src/tests/scenario3/l3/run.sh

@@ -13,14 +13,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-cd /home/ubuntu/tfs-ctrl
-source my_deploy.sh
+# Deploy TeraFlowSDN with L3 Cybersecurity Components for Attack Detection and Mitigation
+echo "Deploying TFS with L3 Cybersecurity Components for Attack Detection and Mitigation..."
 ./deploy.sh
-./show_deploy.sh
+echo "TFS deployed."
 
-source tfs_runtime_env_vars.sh
+# Deploy Distributed Attack Detector
+if $DAD_NODE_PASSWORD == "" || $DAD_NODE_IP == ""; then
+    echo "Please set the DAD_NODE_PASSWORD and DAD_NODE_IP environment variables."
+    exit 1
+fi
 
-ofc22/run_test_01_bootstrap.sh
-ofc22/run_test_02_create_service.sh
-
-sshpass -p "ubuntu" ssh -o StrictHostKeyChecking=no -n -f ubuntu@192.168.165.73 "sh -c 'nohup /home/ubuntu/TeraflowDockerDistributed/restart.sh > /dev/null 2>&1 &'"
+echo "Deploying Distributed Attack Detector..."
+sshpass -p $DAD_NODE_PASSWORD ssh -o StrictHostKeyChecking=no -n -f ubuntu@$DAD_NODE_IP "sh -c 'nohup /home/ubuntu/TeraflowDockerDistributed/restart.sh > /dev/null 2>&1 &'"
+echo "Distributed Attack Detector deployed."
\ No newline at end of file