-
Clone repository into Mininet VM home directory
-
Copy contents of
pox_componentsinto~/pox/ext, along with other POX components you want to use -
For training models, place the folder containing the training dataset inside
ml_ids/training_data -
For validating models, place the folder containing the validation dataset inside
ml_ids/validation_data -
Place your custom model training and validation scripts inside the
ml_idsfolder -
If you have your own models, you may place them inside
ml_ids/ids_models -
Place PCAP files inside the
pcapfolder -
If you have your own Python modules for the internal and external network generation, you may place them inside
network/internal_networkandnetwork/external_networkrespectively -
Place your custom test case scripts inside the
test_casesfolder -
Configure framework using the provided config file:
config/config.yml -
Place an
attack_hosts.txtfile inside theconfigfolder that contains the total number of hosts in the first line, and the attack host IP addresses for the next succeeding lines
The framework must have been set up and configured accordingly before it can be used.
Run this command in the terminal:
python tool.py trainRun this command in the terminal:
python tool.py validate-
Start POX one terminal.
-
In another terminal, run this command:
python tool.py createnetwork
The steps are the same with generating the test network, except that several parameters are passed to the createnetwork command.
Run:
python tool.py createnetwork exectest TestCase1 TestCase2 # TestCase3, ...where the parameters after exectest are the names of the test case classes found in the test_cases folder.
Results of the tests can be found in results/ids_test_results.txt
Making your own test cases is easy. Just create a class that inherits from the TestCase object in test_cases/test_case.py. Simply override the
def _exec_test(self, targets, int_hosts, ext_hosts, int_switches, ext_switches, int_routers, ext_routers)method and execute your tests there.
| Parameter | Description |
|---|---|
| targets | List of target hosts |
| int_hosts | List of internal hosts |
| ext_hosts | List of external hosts |
| int_switches | List of internal switches |
| ext_switches | List of external switches |
| int_routers | List of internal routers |
| ext_routers | List of external routers |
See the provided ddos.py test case for reference.
Create a class in either the internal_network or external_network that implements this method:
def create_topo(self, topo, main_switch, mac_ip_list)The framework then uses this module as the basis of the network topology
| Parameter | Description |
|---|---|
| topo | Mininet topo object |
| main_switch | Name of main connecting switch. Serves as bridge both networks |
| mac_ip_list | Dictionary of mac ip pairs |
Router configuration is done by implementing:
def configure_router(self, routers)| Parameter | Description |
|---|---|
| routers | List of all router nodes in the network |
-
The
scripts/extract_attack_hosts.pyscript allows you to generate theattack_scripts.txtfile automatically. Just modify it to use your training dataset. -
The
scripts/extract_ip_mac.shscript produces the MAC-IP address pairs, given a PCAP file. Just run the script with the PCAP file as the first parameter.