public IPAddress GetRandomMaliciousIp() { int randIndex = (int)StrongRandomNumberGenerator.Get32Bits(_maliciousIpAddresses.Count); IPAddress address = _maliciousIpAddresses[randIndex]; return(_maliciousIpAddresses[randIndex]); }
public IPAddress GetNewRandomBenignIp() { IpAddressDebugInfo debugInfo; if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.FractionOfBenignIPsBehindProxies) { lock (_proxyAddressLock) { if (_currentProxyAddress == null || ++_numberOfClientsBehindTheCurrentProxy >= _experimentalConfiguration.ProxySizeInUniqueClientIPs) { _currentProxyAddress = new IPAddress(StrongRandomNumberGenerator.Get32Bits()); debugInfo = GetIpAddressDebugInfo(_currentProxyAddress); debugInfo.IsPartOfProxy = true; debugInfo.UsedByBenignUsers = true; _numberOfClientsBehindTheCurrentProxy = 0; return(_currentProxyAddress); } else { return(_currentProxyAddress); } } } else { IPAddress address = new IPAddress(StrongRandomNumberGenerator.Get32Bits()); _ipAddresssesInUseByBenignUsers.Add(address); debugInfo = GetIpAddressDebugInfo(address); debugInfo.UsedByBenignUsers = true; return(address); } }
public void GenerateAttackersIps() { List <IPAddress> listOfIpAddressesInUseByBenignUsers = _ipAddresssesInUseByBenignUsers.ToList(); uint numberOfOverlappingIps = (uint) (_experimentalConfiguration.NumberOfIpAddressesControlledByAttacker * _experimentalConfiguration.FractionOfMaliciousIPsToOverlapWithBenign); uint i; for (i = 0; i < numberOfOverlappingIps && listOfIpAddressesInUseByBenignUsers.Count > 0; i++) { int randIndex = (int)StrongRandomNumberGenerator.Get32Bits(listOfIpAddressesInUseByBenignUsers.Count); IPAddress address = listOfIpAddressesInUseByBenignUsers[randIndex]; IpAddressDebugInfo debugInfo = GetIpAddressDebugInfo(address); lock (debugInfo) { debugInfo.UsedByAttackers = true; } _maliciousIpAddresses.Add(address); listOfIpAddressesInUseByBenignUsers.RemoveAt(randIndex); } for (; i < _experimentalConfiguration.NumberOfIpAddressesControlledByAttacker; i++) { IPAddress address = new IPAddress(StrongRandomNumberGenerator.Get32Bits()); IpAddressDebugInfo debugInfo = GetIpAddressDebugInfo(address); lock (debugInfo) { debugInfo.UsedByAttackers = true; } _maliciousIpAddresses.Add(address); } }
public int DistributedStepAsync([FromRoute] string element, [FromQuery] int?heightOfLadderInRungs) { FilterArray shard = GetShard(element); // Get the set of rungs List <int> rungIndexes = shard.GetIndexesAssociatedWithAnElement(element, heightOfLadderInRungs ?? MaxLadderHeight).ToList(); // Select the subset of rungs that have value zero (that are above the element in the ladder) List <int> rungsAbove = rungIndexes.Where(rung => !shard[rung]).ToList(); // Identify an element of the array to set if (rungsAbove.Count > 0) { // If there are rungs with value value zero/false (rungs above the element), pick one at random shard.SetBitToOne( rungsAbove[(int)(StrongRandomNumberGenerator.Get32Bits((uint)rungsAbove.Count))]); } else { // Set an average of one element by picking two random elements, each of which should have p=0.5 // of being zero/false, and setting them to 1/true regardless of their previous value. FilterClient.AssignRandomBit(1); FilterClient.AssignRandomBit(1); } // Clear an average of one element by picking two random elements, each of which should have p=0.5 // of being one/true, and setting them to 0/false regardless of their previous value. FilterClient.AssignRandomBit(0); FilterClient.AssignRandomBit(0); // Return the height of the ladder before the step return(rungIndexes.Count - rungsAbove.Count); }
/// <summary> /// Add a typo to a password for simulating user typo errors /// </summary> /// <param name="originalPassword">The original password to add a typo to</param> /// <returns>The password modified to contain a typo</returns> public static string AddTypoToPassword(string originalPassword) { // Adding a character will meet the edit distance def. of typo, though if simulating systems that weigh // different typos differently one might want to create a variety of typos here const string typoAlphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./"; return(originalPassword + typoAlphabet[(int)StrongRandomNumberGenerator.Get32Bits(typoAlphabet.Length)]); }
public int Step(string key, int?heightOfLadderInRungs = null) { List <int> rungs = GetIndexesAssociatedWithAnElement(key, heightOfLadderInRungs).ToList(); List <int> rungsAbove = rungs.Where(rung => !base[rung]).ToList(); int indexOfElementToSet = (rungsAbove.Count > 0) ? rungsAbove[(int)(StrongRandomNumberGenerator.Get32Bits((uint)rungsAbove.Count))] : GetIndexOfRandomBitOfDesiredValue(false); int indexOfElementToClear = GetIndexOfRandomBitOfDesiredValue(true); SwapBits(indexOfElementToSet, indexOfElementToClear); return(rungs.Count - rungsAbove.Count); }
/// <summary> /// When one Adds an element to a binomial sketch, a random bit among the subset of k that are currently 0 (false) /// will be set to 1 (true). /// To ensure roughly half the bits remain zero at all times, a random index from the subset of all k bits that /// are currently 1 (true) will be set to 0 (false). /// </summary> /// <param name="key">The element to add to the set.</param> /// <param name="heightOfLadderInRungs">Set if using a ladder shorter than the default for this sketch</param> /// <returns>Of the bits at the indices for the given element, the number of bits that were set to 1 (true) /// before the Step operation. The maximum possible value to be returned, if all bits were already /// set to 1 (true) would be MaxLadderHeightInRungs. If an element has not been seen before, the expected (average) /// result is MaxLadderHeightInRungs/2, but will vary with the binomial distribution.</returns> public int Step(string key, int?heightOfLadderInRungs = null) { // Get the set of rungs List <int> rungs = GetIndexesAssociatedWithAnElement(key, heightOfLadderInRungs).ToList(); // Select the subset of rungs that have value zero (that are above the element in the ladder) List <int> rungsAbove = rungs.Where(rung => !base[rung]).ToList(); // Identify an element of the array to set int indexOfElementToSet = (rungsAbove.Count > 0) ? // If there are rungs with value value zero/false (rungs above the element), pick one at random rungsAbove[(int)(StrongRandomNumberGenerator.Get32Bits((uint)rungsAbove.Count))] : // otherwise, pick an element with value zero/false from the entire array GetIndexOfRandomBitOfDesiredValue(false); // Identify an index to clear from the entire array (selected from those elements with value 1/true) int indexOfElementToClear = GetIndexOfRandomBitOfDesiredValue(true); // Swap the values of element to be set with the element to be cleared SwapBits(indexOfElementToSet, indexOfElementToClear); // Return the height of the ladder before the step return(rungs.Count - rungsAbove.Count); }
public SimulatedLoginAttempt BenignLoginAttempt(DateTime eventTimeUtc) { lock (ScheduledBenignAttempts) { if (ScheduledBenignAttempts.Count > 0 && ScheduledBenignAttempts.First().TimeOfAttemptUtc < eventTimeUtc) { SimulatedLoginAttempt result = ScheduledBenignAttempts.First(); ScheduledBenignAttempts.Remove(result); return(result); } } string mistake = ""; SimulatedUserAccount account = _simAccounts.BenignAccountSelector.GetItemByWeightedRandom(); string cookie; if (account.Cookies.Count == 0 || (account.Cookies.Count < _experimentalConfiguration.MaxCookiesPerUserAccount && StrongRandomNumberGenerator.GetFraction() > _experimentalConfiguration.ChanceOfCoookieReUse)) { cookie = StrongRandomNumberGenerator.Get64Bits().ToString(); account.Cookies.Add(cookie); } else { cookie = account.Cookies.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.Cookies.Count)]; } IPAddress clientIp; if (account.ClientAddresses.Count == 0 || (account.ClientAddresses.Count < _experimentalConfiguration.MaxIpPerUserAccount && StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfIpReUse)) { account.ClientAddresses.Add(clientIp = _ipPool.GetNewRandomBenignIp()); } else { clientIp = account.ClientAddresses.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.ClientAddresses.Count)]; } string password = account.Password; if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfLongRepeatOfStalePassword) { string newPassword = _simPasswords.GetPasswordFromWeightedDistribution(); _userAccountController.SetPassword(account, newPassword, account.Password); mistake += "StalePassword"; lock (ScheduledBenignAttempts) { double additionalMistakes = 0; DateTime currentTimeUtc = eventTimeUtc; for (additionalMistakes = 1; additionalMistakes < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; additionalMistakes++) { currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword); ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, mistake, currentTimeUtc)); } for (uint correctLogins = 1; correctLogins < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; correctLogins++) { currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword); ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, newPassword, false, false, clientIp, cookie, mistake, currentTimeUtc)); } } } if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignPasswordTypo) { mistake += "Typo"; lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatTypo) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, AddTypoToPassword(password), false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (1 + additionalMistakes)))); } password = AddTypoToPassword(password); } if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfAccidentallyUsingAnotherAccountPassword) { mistake += "WrongPassword"; lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatUseOfPasswordFromAnotherAccount) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, _simPasswords.GetPasswordFromWeightedDistribution(), false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1)))); } password = _simPasswords.GetPasswordFromWeightedDistribution(); } if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignAccountNameTypoResultingInAValidUserName) { mistake += "WrongAccountName"; lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatWrongAccountName) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( _simAccounts.GetBenignAccountAtRandomUniform(), password, false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1)))); account = _simAccounts.GetBenignAccountAtRandomUniform(); } } return(new SimulatedLoginAttempt(account, password, false, false, clientIp, cookie, mistake, eventTimeUtc)); }
public static string AddTypoToPassword(string originalPassword) { const string typoAlphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./"; return(originalPassword + typoAlphabet[(int)StrongRandomNumberGenerator.Get32Bits(typoAlphabet.Length)]); }
public SimulatedUserAccount GetMaliciousAccountAtRandomUniform() { return(AttackerAccounts[(int)StrongRandomNumberGenerator.Get32Bits(AttackerAccounts.Count)]); }
public SimulatedUserAccount GetBenignAccountAtRandomUniform() { return(BenignAccounts[(int)StrongRandomNumberGenerator.Get32Bits(BenignAccounts.Count)]); }
public int GetRandomShardIndex() { return((int)StrongRandomNumberGenerator.Get32Bits(NumberOfShards)); }
/// <summary> /// Assign the value of either zero or one to a randomly-selected bit of the filter array. /// </summary> /// <param name="value">The value to be assigned. Passing 0 causes a value 0 (false) to be stored /// and passing any other value causes a one (true) to be stored in the randomly-selected bit.</param> public void AssignRandomBit(int value) { AssignBit((int)StrongRandomNumberGenerator.Get32Bits((uint)BitArray.Length), value != 0); }
/// <summary> /// Set a randomly-selected bit of the filter array to one. /// </summary> public void SetRandomBitToOne() { SetBitToOne((int)StrongRandomNumberGenerator.Get32Bits((uint)BitArray.Length)); }
/// <summary> /// Clear a randomly-selected bit of the filter array to zero. /// </summary> public void ClearRandomBitToZero() { ClearBitToZero((int)StrongRandomNumberGenerator.Get32Bits((uint)BitArray.Length)); }
/// <summary> /// Get a benign login attempt to simulate /// </summary> /// <returns></returns> public SimulatedLoginAttempt BenignLoginAttempt(DateTime eventTimeUtc) { // If there is a benign login attempt already scheduled to occur by now, // send it instaed lock (ScheduledBenignAttempts) { if (ScheduledBenignAttempts.Count > 0 && ScheduledBenignAttempts.First().TimeOfAttemptUtc < eventTimeUtc) { SimulatedLoginAttempt result = ScheduledBenignAttempts.First(); ScheduledBenignAttempts.Remove(result); return(result); } } string mistake = ""; //1. Pick a user at random SimulatedUserAccount account = _simAccounts.BenignAccountSelector.GetItemByWeightedRandom(); //2. Deal with cookies string cookie; // Add a new cookie if there are no cookies, or with if we haven't reached the max number of cookies and lose a roll of the dice if (account.Cookies.Count == 0 || (account.Cookies.Count < _experimentalConfiguration.MaxCookiesPerUserAccount && StrongRandomNumberGenerator.GetFraction() > _experimentalConfiguration.ChanceOfCoookieReUse)) { // We'll use the decimal represenation of a 64-bit unsigned integer as our cookie cookie = StrongRandomNumberGenerator.Get64Bits().ToString(); account.Cookies.Add(cookie); } else { // Use one of the user's existing cookies selected at random cookie = account.Cookies.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.Cookies.Count)]; } //Console.WriteLine("The user currently has " + account.Cookies.Count + " cookies. Using: " + cookie); //3. Choose an IP address for the login // 1/3 of times login with the primary IP address, otherwise, choose an IP randomly from the benign IP pool IPAddress clientIp; if (account.ClientAddresses.Count == 0 || (account.ClientAddresses.Count < _experimentalConfiguration.MaxIpPerUserAccount && StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfIpReUse)) { // Use a new IP for the user account.ClientAddresses.Add(clientIp = _ipPool.GetNewRandomBenignIp()); } else { // Use one of the user's existing IP Addresses selected at random clientIp = account.ClientAddresses.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.ClientAddresses.Count)]; } string password = account.Password; // // Add benign failures // An automated client begins a string of login attempts using an old (stale) password if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfLongRepeatOfStalePassword) { // To cause this client to be out of date, we'll change the password here. string newPassword = _simPasswords.GetPasswordFromWeightedDistribution(); _userAccountController.SetPassword(account, newPassword, account.Password); mistake += "StalePassword"; // Schedule all the future failed attempts a fixed distance aparat lock (ScheduledBenignAttempts) { double additionalMistakes = 0; DateTime currentTimeUtc = eventTimeUtc; for (additionalMistakes = 1; additionalMistakes < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; additionalMistakes++) { currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword); ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, mistake, currentTimeUtc)); } for (uint correctLogins = 1; correctLogins < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; correctLogins++) { currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword); ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, newPassword, false, false, clientIp, cookie, mistake, currentTimeUtc)); } } } // The benign user may mistype her password causing a typo if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignPasswordTypo) { mistake += "Typo"; // Typos tend to come in clusters, and are hopefully followed by a correct login // Add additional typos to the schedule of future benign attempts and then a submission of the correct password lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatTypo) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, AddTypoToPassword(password), false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } // Add a correct login after the string of typos ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (1 + additionalMistakes)))); } // Put the typo into the password for the first typo failure, to be returned by this function. password = AddTypoToPassword(password); } // The benign user may mistakenly use a password for another of her accounts, which we draw from same distribution // we used to generate user account passwords if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfAccidentallyUsingAnotherAccountPassword) { mistake += "WrongPassword"; // Choices of the wrong account password may come in clusters, and are hopefully followed by a correct login // Add additional typos to the schedule of future benign attempts and then a submission of the correct password lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatUseOfPasswordFromAnotherAccount) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, _simPasswords.GetPasswordFromWeightedDistribution(), false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } // Add a correct login after mistakes ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1)))); } // Make the current request have the wrong password password = _simPasswords.GetPasswordFromWeightedDistribution(); } // The benign user may mistype her account name, and land on someone else's account name if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignAccountNameTypoResultingInAValidUserName) { mistake += "WrongAccountName"; // Choices of the wrong account password may come in clusters, and are hopefully followed by a correct login // Add additional typos to the schedule of future benign attempts and then a submission of the correct password lock (ScheduledBenignAttempts) { double additionalMistakes = 0; while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatWrongAccountName) { ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( _simAccounts.GetBenignAccountAtRandomUniform(), password, false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes))); } // Add a correct login after mistakes ScheduledBenignAttempts.Add(new SimulatedLoginAttempt( account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds( _experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1)))); // Make the current request have the wrong account name account = _simAccounts.GetBenignAccountAtRandomUniform(); } } return(new SimulatedLoginAttempt(account, password, false, false, clientIp, cookie, mistake, eventTimeUtc)); }