WriteStatus() public method

public WriteStatus ( string status ) : void
status string
return void
Esempio n. 1
0
        //public void ReduceMemoryUsage(object sender, MemoryUsageLimiter.ReduceMemoryUsageEventParameters parameters)
        //{
        //_ipHistoryCache.RecoverSpace(parameters.FractionOfMemoryToTryToRemove);
        //}

        public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords)
        {
            _simPasswords = simPasswords;
            _logger       = logger;
            _AttackAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized
                                                new ConcurrentStreamWriter(path + "AttackAttemptsWithValidPasswords.txt");
            //(new StreamWriter(new FileStream(path + "AttackAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _LegitimateAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized
                                                    new ConcurrentStreamWriter(path + "LegitimateAttemptsWithValidPasswords.txt");
            //(new StreamWriter(new FileStream(path + "LegitiamteAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _OtherAttempts = //System.IO.TextWriter.Synchronized
                             new ConcurrentStreamWriter(path + "OtherAttempts.txt");
            //(new StreamWriter(new FileStream(path + "OtherAttempts.txt", FileMode.CreateNew, FileAccess.Write)));
            _logger.WriteStatus("Entered Simulator constructor");
            _experimentalConfiguration = myExperimentalConfiguration;
            BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions;

            _logger.WriteStatus("Creating binomial ladder");
            _binomialLadderFilter =
                new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H);
            _ipHistoryCache        = new ConcurrentDictionary <IPAddress, SimIpHistory>(); // new SelfLoadingCache<IPAddress, SimIpHistory>(address => new SimIpHistory(options.NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos));
            _userAccountController = new SimulatedUserAccountController();

            //_memoryUsageLimiter = new MemoryUsageLimiter();
            //_memoryUsageLimiter.OnReduceMemoryUsageEventHandler += ReduceMemoryUsage;

            _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024);

            _logger.WriteStatus("Exiting Simulator constructor");
        }
Esempio n. 2
0
        public SimulatedPasswords(DebugLogger logger, ExperimentalConfiguration config)
        {
            _logger = logger;
            _logger.WriteStatus("Loading popular password file");
            LoadPasswordSelector(config.PasswordFrequencyFile);
            if (config.PopularPasswordsToRemoveFromDistribution > 0)
            {
                _passwordSelector = _passwordSelector.TrimToRemoveInitialItems(config.PopularPasswordsToRemoveFromDistribution);
            }

            _logger.WriteStatus("Loading passwords known to be common by the algorithm before the attack");
            LoadKnownPopularPasswords(config.PreviouslyKnownPopularPasswordFile);
            _logger.WriteStatus("Creating common password selector");
            _commonPasswordSelector = _passwordSelector.TrimToInitialItems(
                (int)config.NumberOfPopularPasswordsForAttackerToExploit);
            _logger.WriteStatus("Finished creating common password selector");

            _logger.WriteStatus("Creating list of most common passwords");
            OrderedListOfMostCommonPasswords =
                _passwordSelector.GetItems();
            _logger.WriteStatus("Finished creating list of most common passwords");
        }
Esempio n. 3
0
        public SimulatedPasswords(DebugLogger logger, ExperimentalConfiguration config)
        {
            _logger = logger;
            _logger.WriteStatus("Loading popular password file");
            LoadPasswordSelector(config.PasswordFrequencyFile);
            if (config.PopularPasswordsToRemoveFromDistribution > 0)
            {
                _passwordSelector = _passwordSelector.TrimToRemoveInitialItems(config.PopularPasswordsToRemoveFromDistribution);
            }

            _logger.WriteStatus("Loading passwords known to be common by the algorithm before the attack");
            LoadKnownPopularPasswords(config.PreviouslyKnownPopularPasswordFile);
            _logger.WriteStatus("Creating common password selector");
            _commonPasswordSelector = _passwordSelector.TrimToInitialItems(
                    (int)config.NumberOfPopularPasswordsForAttackerToExploit);
            _logger.WriteStatus("Finished creating common password selector");

            _logger.WriteStatus("Creating list of most common passwords");
            OrderedListOfMostCommonPasswords =
                _passwordSelector.GetItems();
            _logger.WriteStatus("Finished creating list of most common passwords");
        }
Esempio n. 4
0
        /// <summary>
        /// Evaluate the accuracy of our stopguessing service by sending user logins and malicious traffic
        /// </summary>
        /// <returns></returns>
        public void Run()
        {
            _logger.WriteStatus("In RunInBackground");

            _logger.WriteStatus("Priming password-tracking with known common passwords");
            _simPasswords.PrimeWithKnownPasswordsAsync(_binomialLadderFilter, 40);
            _logger.WriteStatus("Finished priming password-tracking with known common passwords");

            _logger.WriteStatus("Creating IP Pool");
            _ipPool = new IpPool(_experimentalConfiguration);
            _logger.WriteStatus("Generating simualted account records");
            _simAccounts = new SimulatedAccounts(_ipPool, _simPasswords, _logger);
            _simAccounts.Generate(_experimentalConfiguration);

            _logger.WriteStatus("Creating login-attempt generator");
            _attemptGenerator = new SimulatedLoginAttemptGenerator(_experimentalConfiguration, _simAccounts, _ipPool,
                                                                   _simPasswords);
            _logger.WriteStatus("Finiished creating login-attempt generator");


            foreach (
                ConcurrentStreamWriter writer in
                new[]
                { _AttackAttemptsWithValidPasswords, _LegitimateAttemptsWithValidPasswords, _OtherAttempts })
            {
                lock (writer)
                {
                    writer.WriteLine(string.Format("{0}\t{1}\t{2}\t{3}\t{4}\t{5}\t{6}\t{7}\t{8}\t{9}\t{10}" +
                                                   "\t{11}\t{12}\t{13}\t{14}\t{15}\t{16}\t{17}\t{18}\t{19}\t{20}\t{21}\t{22}\t{23}\t{24}\t{25}",
                                                   "Password",
                                                   "UserID",
                                                   "IP",
                                                   "DeviceCookie",
                                                   "IsFrequentlyGuessedPw",
                                                   "IsPasswordCorrect",
                                                   "IsFromAttackAttacker",
                                                   "IsAGuess",
                                                   "IPInOposingPool",
                                                   "IsClientAProxyIP",
                                                   "TypeOfMistake",
                                                   "DecayedInvalidAttemptsPerPassword",
                                                   "DecayedMaxConsecutiveIncorrectAttemptsPerAccount",
                                                   "DecayedSuccessfulLogins",
                                                   "DecayedAccountFailuresInfrequentPassword",
                                                   "DecayedAccountFailuresFrequentPassword",
                                                   "DecayedRepeatAccountFailuresInfrequentPassword",
                                                   "DecayedRepeatAccountFailuresFrequentPassword",
                                                   "DecayedPasswordFailuresNoTypoInfrequentPassword",
                                                   "DecayedPasswordFailuresNoTypoFrequentPassword",
                                                   "DecayedPasswordFailuresTypoInfrequentPassword",
                                                   "DecayedPasswordFailuresTypoFrequentPassword",
                                                   "DecayedRepeatPasswordFailuresNoTypoInfrequentPassword",
                                                   "DecayedRepeatPasswordFailuresNoTypoFrequentPassword",
                                                   "DecayedRepeatPasswordFailuresTypoInfrequentPassword",
                                                   "DecayedRepeatPasswordFailuresTypoFrequentPassword"
                                                   ));
                }
            }

            TimeSpan testTimeSpan       = _experimentalConfiguration.TestTimeSpan;
            double   ticksBetweenLogins = ((double)testTimeSpan.Ticks) /
                                          (double)_experimentalConfiguration.TotalLoginAttemptsToIssue;
            int interlockedCount = 0;

            Parallel.For(0L, (long)_experimentalConfiguration.TotalLoginAttemptsToIssue, (count, pls) =>
                         //) TaskParalllel.RepeatWithWorkers(_experimentalConfiguration.TotalLoginAttemptsToIssue,
                         //async (count, cancelToken) =>
                         // (count) =>
            {
                interlockedCount = Interlocked.Add(ref interlockedCount, 1);
                if (interlockedCount % 10000 == 0)
                {
                    _logger.WriteStatus("Login Attempt {0:N0}", interlockedCount);
                }
                DateTime eventTimeUtc = StartTimeUtc.AddTicks((long)(ticksBetweenLogins * interlockedCount));
                SimulatedLoginAttempt simAttempt;
                if (StrongRandomNumberGenerator.GetFraction() <
                    _experimentalConfiguration.FractionOfLoginAttemptsFromAttacker)
                {
                    switch (_experimentalConfiguration.AttackersStrategy)
                    {
                    case ExperimentalConfiguration.AttackStrategy.UseUntilLikelyPopular:
                        simAttempt =
                            _attemptGenerator.MaliciousLoginAttemptBreadthFirstAvoidMakingPopular(eventTimeUtc);
                        break;

                    case ExperimentalConfiguration.AttackStrategy.Weighted:
                        simAttempt = _attemptGenerator.MaliciousLoginAttemptWeighted(eventTimeUtc);
                        break;

                    case ExperimentalConfiguration.AttackStrategy.BreadthFirst:
                    default:
                        simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirst(eventTimeUtc);
                        break;
                    }
                }
                else
                {
                    simAttempt = _attemptGenerator.BenignLoginAttempt(eventTimeUtc);
                }


                // Get information about the client's IP
                SimIpHistory ipHistory = _ipHistoryCache.GetOrAdd(simAttempt.AddressOfClientInitiatingRequest,
                                                                  (ip) => new SimIpHistory(
                                                                      _experimentalConfiguration.BlockingOptions
                                                                      .NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos));
                //SimIpHistory ipHistory = await _ipHistoryCache.GetAsync(simAttempt.AddressOfClientInitiatingRequest, cancelToken);

                double[] scores = ipHistory.GetAllScores(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife,
                                                         simAttempt.TimeOfAttemptUtc);

                simAttempt.UpdateSimulatorState(this, ipHistory);

                double decayingInvalidPasswordAttempts = 0d;
                if (simAttempt.IsPasswordValid)
                {
                    DecayingDouble incorrectPasswordAttempts;
                    if (_incorrectPasswordCounts.TryGetValue(simAttempt.Password, out incorrectPasswordAttempts))
                    {
                        decayingInvalidPasswordAttempts = incorrectPasswordAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc);
                    }
                }
                else
                {
                    decayingInvalidPasswordAttempts = 1d;
                    DecayingDouble incorrectPasswordAttempts;
                    if (_incorrectPasswordCounts.TryGetValue(simAttempt.Password, out incorrectPasswordAttempts))
                    {
                        decayingInvalidPasswordAttempts += incorrectPasswordAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc);
                    }
                    _incorrectPasswordCounts[simAttempt.Password] = new DecayingDouble(decayingInvalidPasswordAttempts, simAttempt.TimeOfAttemptUtc);
                }

                var ipInfo          = _ipPool.GetIpAddressDebugInfo(simAttempt.AddressOfClientInitiatingRequest);
                string outputString = string.Format("{0}\t{1}\t{2}\t{3}\t{4}\t{5}\t{6}\t{7}\t{8}\t{9}\t{10}\t{11}\t{12}\t{13}",
                                                    simAttempt.Password,
                                                    simAttempt.SimAccount?.UsernameOrAccountId ?? "<null>",
                                                    simAttempt.AddressOfClientInitiatingRequest,
                                                    simAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount ? "HadCookie" : "NoCookie",
                                                    simAttempt.IsFrequentlyGuessedPassword ? "Frequent" : "Infrequent",
                                                    simAttempt.IsPasswordValid ? "Correct" : "Incorrect",
                                                    simAttempt.IsFromAttacker ? "FromAttacker" : "FromUser",
                                                    simAttempt.IsGuess ? "IsGuess" : "NotGuess",
                                                    simAttempt.IsFromAttacker
                        ? (ipInfo.UsedByBenignUsers ? "IsInBenignPool" : "NotUsedByBenign")
                        : (ipInfo.UsedByAttackers ? "IsInAttackersIpPool" : "NotUsedByAttacker"),
                                                    ipInfo.IsPartOfProxy ? "ProxyIP" : "NotAProxy",
                                                    string.IsNullOrEmpty(simAttempt.MistakeType) ? "-" : simAttempt.MistakeType,
                                                    decayingInvalidPasswordAttempts,
                                                    simAttempt.SimAccount?.MaxConsecutiveIncorrectAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc) ?? 0d,
                                                    string.Join("\t", scores.Select(s => s.ToString(CultureInfo.InvariantCulture)).ToArray())
                                                    );

                if (simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
                {
                    lock (_AttackAttemptsWithValidPasswords)
                    {
                        _AttackAttemptsWithValidPasswords.WriteLine(outputString);
                        //_AttackAttemptsWithValidPasswords.Flush();
                    }
                }
                else if (!simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
                {
                    lock (_LegitimateAttemptsWithValidPasswords)
                    {
                        _LegitimateAttemptsWithValidPasswords.WriteLine(outputString);
                        //_LegitiamteAttemptsWithValidPasswords.Flush();
                    }
                }
                else
                {
                    lock (_OtherAttempts)
                    {
                        _OtherAttempts.WriteLine(outputString);
                        //_OtherAttempts.Flush();
                    }
                }
            });
            //(e) => {
            //},
            //cancellationToken: cancellationToken).ConfigureAwait(false);

            foreach (
                ConcurrentStreamWriter writer in
                new []
                { _AttackAttemptsWithValidPasswords, _LegitimateAttemptsWithValidPasswords, _OtherAttempts })
            {
                writer.Close();
            }
            //_memoryUsageLimiter.Dispose();
        }
Esempio n. 5
0
        /// <summary>
        /// Create accounts, generating passwords, primary IP
        /// </summary>
#pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously
        public async Task GenerateAsync(ExperimentalConfiguration experimentalConfiguration,
#pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously
                               //IUserAccountContextFactory accountContextFactory,
                                        CancellationToken cancellationToken = default(CancellationToken))
        {
            _logger.WriteStatus("Creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts);
            MemoryUserAccountController          userAccountController     = new MemoryUserAccountController();;
            ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();

            //
            // Create benign accounts in parallel
            Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) =>
            {
                if (index > 0 && index % 10000 == 0)
                {
                    _logger.WriteStatus("Created {0:N0} benign accounts", index);
                }
                SimulatedUserAccount userAccount = new SimulatedUserAccount()
                {
                    UsernameOrAccountId = "user_" + index.ToString(),
                    Password            = _simPasswords.GetPasswordFromWeightedDistribution()
                };
                userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp());
                userAccount.Cookies.Add(StrongRandomNumberGenerator.Get64Bits().ToString());

                benignSimulatedAccountBag.Add(userAccount);

                double inverseFrequency = Distributions.GetLogNormal(0, 1);
                if (inverseFrequency < 0.01d)
                {
                    inverseFrequency = 0.01d;
                }
                if (inverseFrequency > 50d)
                {
                    inverseFrequency = 50d;
                }
                double frequency = 1 / inverseFrequency;
                lock (BenignAccountSelector)
                {
                    BenignAccountSelector.AddItem(userAccount, frequency);
                }
            });
            BenignAccounts = benignSimulatedAccountBag.ToList();
            _logger.WriteStatus("Finished creating {0:N0} benign accounts",
                                experimentalConfiguration.NumberOfBenignAccounts);

            //
            // Right after creating benign accounts we create IPs and accounts controlled by the attacker.
            // (We create the attacker IPs here, and not earlier, because we need to have the benign IPs generated in order to create overlap)
            _logger.WriteStatus("Creating attacker IPs");
            _ipPool.GenerateAttackersIps();

            _logger.WriteStatus("Creating {0:N0} attacker accounts",
                                experimentalConfiguration.NumberOfAttackerControlledAccounts);
            ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();

            //
            // Create accounts in parallel
            Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) =>
            {
                SimulatedUserAccount userAccount = new SimulatedUserAccount()
                {
                    UsernameOrAccountId = "attacker_" + index.ToString(),
                    Password            = _simPasswords.GetPasswordFromWeightedDistribution(),
                };
                userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp());
                maliciousSimulatedAccountBag.Add(userAccount);
            });
            AttackerAccounts = maliciousSimulatedAccountBag.ToList();
            _logger.WriteStatus("Finished creating {0:N0} attacker accounts",
                                experimentalConfiguration.NumberOfAttackerControlledAccounts);

            //
            // Now create full UserAccount records for each simulated account and store them into the account context
            Parallel.ForEach(BenignAccounts.Union(AttackerAccounts),
                             (simAccount, loopState) =>
            {
                //if (loopState. % 10000 == 0)
                //    _logger.WriteStatus("Created account {0:N0}", index);
                simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife;
                simAccount.CreditLimit    = experimentalConfiguration.BlockingOptions.AccountCreditLimit;

                foreach (string cookie in simAccount.Cookies)
                {
                    userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBeforeAsync(
                        simAccount,
                        LoginAttempt.HashCookie(cookie),
                        cancellationToken);
                }
            });
            _logger.WriteStatus("Finished creating user accounts for each simluated account record");
        }
Esempio n. 6
0
        //public void ReduceMemoryUsage(object sender, MemoryUsageLimiter.ReduceMemoryUsageEventParameters parameters)
        //{
            //_ipHistoryCache.RecoverSpace(parameters.FractionOfMemoryToTryToRemove);
        //}

        public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords)
        {
            
            _simPasswords = simPasswords;
            _logger = logger;
            _AttackAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized 
                new ConcurrentStreamWriter(path + "AttackAttemptsWithValidPasswords.txt");
                //(new StreamWriter(new FileStream(path + "AttackAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _LegitimateAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized
                new ConcurrentStreamWriter(path + "LegitimateAttemptsWithValidPasswords.txt");
            //(new StreamWriter(new FileStream(path + "LegitiamteAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _OtherAttempts = //System.IO.TextWriter.Synchronized
                new ConcurrentStreamWriter(path + "OtherAttempts.txt");
                //(new StreamWriter(new FileStream(path + "OtherAttempts.txt", FileMode.CreateNew, FileAccess.Write)));
            _logger.WriteStatus("Entered Simulator constructor");
            _experimentalConfiguration = myExperimentalConfiguration;
            BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions;
            
            _logger.WriteStatus("Creating binomial ladder");
            _binomialLadderFilter =
                new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H);
            _ipHistoryCache = new ConcurrentDictionary<IPAddress, SimIpHistory>(); // new SelfLoadingCache<IPAddress, SimIpHistory>(address => new SimIpHistory(options.NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos));
            _userAccountController = new SimulatedUserAccountController();

            //_memoryUsageLimiter = new MemoryUsageLimiter();
            //_memoryUsageLimiter.OnReduceMemoryUsageEventHandler += ReduceMemoryUsage;

            _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024);

            _logger.WriteStatus("Exiting Simulator constructor");
        }
Esempio n. 7
0
        /// <summary>
        /// Evaluate the accuracy of our stopguessing service by sending user logins and malicious traffic
        /// </summary>
        /// <returns></returns>
        public async Task Run(CancellationToken cancellationToken = default(CancellationToken))
        {
            _logger.WriteStatus("In RunInBackground");

            _logger.WriteStatus("Priming password-tracking with known common passwords");
            _simPasswords.PrimeWithKnownPasswordsAsync(_binomialLadderFilter, 40);
            _logger.WriteStatus("Finished priming password-tracking with known common passwords");

            _logger.WriteStatus("Creating IP Pool");
            _ipPool = new IpPool(_experimentalConfiguration);
            _logger.WriteStatus("Generating simualted account records");
            _simAccounts = new SimulatedAccounts(_ipPool, _simPasswords, _logger);
            await _simAccounts.GenerateAsync(_experimentalConfiguration, cancellationToken);

            _logger.WriteStatus("Creating login-attempt generator");
            _attemptGenerator = new SimulatedLoginAttemptGenerator(_experimentalConfiguration, _simAccounts, _ipPool, _simPasswords);
            _logger.WriteStatus("Finiished creating login-attempt generator");


            foreach (TextWriter writer in new TextWriter[] { _AttackAttemptsWithValidPasswords, _LegitiamteAttemptsWithValidPasswords, _OtherAttempts })
            {
                writer.WriteLine("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9}", //,{9}
                                 "Password",
                                 "UserID",
                                 "IP",
                                 "IsFrequentlyGuessedPw",
                                 "IsPasswordCorrect",
                                 "IsFromAttackAttacker",
                                 "IsAGuess",
                                 "IPInOposingPool",
                                 "IsClientAProxyIP",
                                 "TypeOfMistake"
                                 //string.Join(",")
                                 );
            }

            TimeSpan testTimeSpan       = _experimentalConfiguration.TestTimeSpan;
            double   ticksBetweenLogins = ((double)testTimeSpan.Ticks) / (double)_experimentalConfiguration.TotalLoginAttemptsToIssue;

            await TaskParalllel.RepeatWithWorkers(_experimentalConfiguration.TotalLoginAttemptsToIssue, async (count, cancelToken) =>
            {
                if (count % 10000 == 0)
                {
                    _logger.WriteStatus("Login Attempt {0:N0}", count);
                }
                DateTime eventTimeUtc = StartTimeUtc.AddTicks((long)(ticksBetweenLogins *count));
                SimulatedLoginAttempt simAttempt;
                if (StrongRandomNumberGenerator.GetFraction() <
                    _experimentalConfiguration.FractionOfLoginAttemptsFromAttacker)
                {
                    switch (_experimentalConfiguration.AttackersStrategy)
                    {
                    case ExperimentalConfiguration.AttackStrategy.UseUntilLikelyPopular:
                        simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirstAvoidMakingPopular(eventTimeUtc);
                        break;

                    case ExperimentalConfiguration.AttackStrategy.Weighted:
                        simAttempt = _attemptGenerator.MaliciousLoginAttemptWeighted(eventTimeUtc);
                        break;

                    case ExperimentalConfiguration.AttackStrategy.BreadthFirst:
                    default:
                        simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirst(eventTimeUtc);
                        break;
                    }
                }
                else
                {
                    simAttempt = _attemptGenerator.BenignLoginAttempt(eventTimeUtc);
                }

                // Get information about the client's IP
                SimIpHistory ipHistory = await _ipHistoryCache.GetAsync(simAttempt.AddressOfClientInitiatingRequest, cancelToken);

                double[] scores = ipHistory.GetAllScores(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife,
                                                         simAttempt.TimeOfAttemptUtc);

                simAttempt.UpdateSimulatorState(this, ipHistory);

                var ipInfo          = _ipPool.GetIpAddressDebugInfo(simAttempt.AddressOfClientInitiatingRequest);
                string outputString = string.Format("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9},{10}",
                                                    simAttempt.Password,
                                                    simAttempt.SimAccount?.UsernameOrAccountId ?? "<null>",
                                                    simAttempt.AddressOfClientInitiatingRequest,
                                                    simAttempt.IsFrequentlyGuessedPassword ? "Frequent" : "Infrequent",
                                                    simAttempt.IsPasswordValid ? "Correct" : "Incorrect",
                                                    simAttempt.IsFromAttacker ? "FromAttacker" : "FromUser",
                                                    simAttempt.IsGuess ? "IsGuess" : "NotGuess",
                                                    simAttempt.IsFromAttacker ? (ipInfo.UsedByBenignUsers ? "IsInBenignPool" : "NotUsedByBenign") :
                                                    (ipInfo.UsedByAttackers ? "IsInAttackersIpPool" : "NotUsedByAttacker"),
                                                    ipInfo.IsPartOfProxy ? "ProxyIP" : "NotAProxy",
                                                    string.IsNullOrEmpty(simAttempt.MistakeType) ? "-" : simAttempt.MistakeType,

                                                    string.Join(",", scores.Select(s => s.ToString(CultureInfo.InvariantCulture)).ToArray())
                                                    );

                if (simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
                {
                    await _AttackAttemptsWithValidPasswords.WriteLineAsync(outputString);
                    await _AttackAttemptsWithValidPasswords.FlushAsync();
                }
                else if (!simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
                {
                    await _LegitiamteAttemptsWithValidPasswords.WriteLineAsync(outputString);
                    await _LegitiamteAttemptsWithValidPasswords.FlushAsync();
                }
                else
                {
                    await _OtherAttempts.WriteLineAsync(outputString);
                    await _OtherAttempts.FlushAsync();
                }
            },
                                                  //(e) => {
                                                  //},
                                                  cancellationToken : cancellationToken);

            _memoryUsageLimiter.Dispose();
        }
Esempio n. 8
0
        /// <summary>
        /// Create accounts, generating passwords, primary IP
        /// </summary>
        public void Generate(ExperimentalConfiguration experimentalConfiguration)
        {
            SimulatedUserAccountController simUserAccountController = new SimulatedUserAccountController();

            _logger.WriteStatus("Creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts);
            ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();

            //
            // Create benign accounts in parallel
            Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) =>
            {
                if (index > 0 && index % 10000 == 0)
                {
                    _logger.WriteStatus("Created {0:N0} benign accounts", index);
                }
                SimulatedUserAccount userAccount = simUserAccountController.Create(
                    "user_" + index.ToString(),
                    _simPasswords.GetPasswordFromWeightedDistribution()
                    );
                userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp());
                string initialCookie = StrongRandomNumberGenerator.Get64Bits().ToString();
                userAccount.Cookies.Add(initialCookie);
                userAccount.HashesOfCookiesOfClientsThatHaveSuccessfullyLoggedIntoThisAccount[initialCookie] = true;

                benignSimulatedAccountBag.Add(userAccount);

                double inverseFrequency = Distributions.GetLogNormal(0, 1);
                if (inverseFrequency < 0.01d)
                {
                    inverseFrequency = 0.01d;
                }
                if (inverseFrequency > 50d)
                {
                    inverseFrequency = 50d;
                }
                double frequency = 1 / inverseFrequency;
                lock (BenignAccountSelector)
                {
                    BenignAccountSelector.AddItem(userAccount, frequency);
                }
            });
            BenignAccounts = benignSimulatedAccountBag.ToList();
            _logger.WriteStatus("Finished creating {0:N0} benign accounts",
                                experimentalConfiguration.NumberOfBenignAccounts);

            //
            // Right after creating benign accounts we create IPs and accounts controlled by the attacker.
            // (We create the attacker IPs here, and not earlier, because we need to have the benign IPs generated in order to create overlap)
            _logger.WriteStatus("Creating attacker IPs");
            _ipPool.GenerateAttackersIps();

            _logger.WriteStatus("Creating {0:N0} attacker accounts",
                                experimentalConfiguration.NumberOfAttackerControlledAccounts);
            ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();

            //
            // Create accounts in parallel
            Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) =>
            {
                SimulatedUserAccount userAccount = simUserAccountController.Create(
                    "attacker_" + index.ToString(),
                    _simPasswords.GetPasswordFromWeightedDistribution());

                userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp());
                maliciousSimulatedAccountBag.Add(userAccount);
            });
            AttackerAccounts = maliciousSimulatedAccountBag.ToList();
            _logger.WriteStatus("Finished creating {0:N0} attacker accounts",
                                experimentalConfiguration.NumberOfAttackerControlledAccounts);

            //
            // Now create full UserAccount records for each simulated account and store them into the account context
            Parallel.ForEach(BenignAccounts.Union(AttackerAccounts),
                             (simAccount, loopState) =>
            {
                //if (loopState. % 10000 == 0)
                //    _logger.WriteStatus("Created account {0:N0}", index);
                simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife;
                simAccount.CreditLimit    = experimentalConfiguration.BlockingOptions.AccountCreditLimit;

                foreach (string cookie in simAccount.Cookies)
                {
                    simUserAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore(
                        simAccount,
                        LoginAttempt.HashCookie(cookie));
                }
            });
            _logger.WriteStatus("Finished creating user accounts for each simluated account record");
        }