public SimulatedLoginAttemptGenerator(ExperimentalConfiguration experimentalConfiguration, SimulatedAccounts simAccounts, IpPool ipPool, SimulatedPasswords simPasswords) { _simAccounts = simAccounts; _experimentalConfiguration = experimentalConfiguration; _ipPool = ipPool; _simPasswords = simPasswords; }
public SimulatedPasswords(DebugLogger logger, ExperimentalConfiguration config) { _logger = logger; _logger.WriteStatus("Configuring..."); LoadPasswordSelector(config.PasswordFrequencyFile); if (config.PopularPasswordsToRemoveFromDistribution > 0) { _passwordSelector = _passwordSelector.TrimToRemoveInitialItems(config.PopularPasswordsToRemoveFromDistribution); } //_logger.WriteStatus("Loading passwords known to be common by the algorithm before the attack"); LoadKnownPopularPasswords(config.PreviouslyKnownPopularPasswordFile); // _logger.WriteStatus("Creating common password selector"); _commonPasswordSelector = _passwordSelector.TrimToInitialItems( (int)config.NumberOfPopularPasswordsForAttackerToExploit); // _logger.WriteStatus("Finished creating common password selector"); // _logger.WriteStatus("Creating list of most common passwords"); OrderedListOfMostCommonPasswords = _passwordSelector.GetItems(); //_logger.WriteStatus("Finished creating list of most common passwords"); }
public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords) { _simPasswords = simPasswords; _logger = logger; if (_Attempts == null) { _Attempts = new ConcurrentStreamWriter(path + "Attempts.txt"); } _logger.WriteStatus("Entered Simulator constructor"); _experimentalConfiguration = myExperimentalConfiguration; BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions; //_logger.WriteStatus("Creating binomial ladder"); _binomialLadderFilter = new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H); _ipHistoryCache = new ConcurrentDictionary <IPAddress, SimIpHistory>(); _userAccountController = new SimulatedUserAccountController(); _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024); //_logger.WriteStatus("Exiting Simulator constructor"); }
public IpPool(ExperimentalConfiguration experimentalConfiguration) { _experimentalConfiguration = experimentalConfiguration; }
public void Generate(ExperimentalConfiguration experimentalConfiguration) { SimulatedUserAccountController simUserAccountController = new SimulatedUserAccountController(); _logger.WriteStatus("Creating accounts"); ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) => { //if (index > 0 && index % 10000 == 0) // _logger.WriteStatus("Created {0:N0} benign accounts", index); SimulatedUserAccount userAccount = simUserAccountController.Create( "user_" + index.ToString(), _simPasswords.GetPasswordFromWeightedDistribution() ); userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp()); string initialCookie = StrongRandomNumberGenerator.Get64Bits().ToString(); userAccount.Cookies.Add(initialCookie); userAccount.HashesOfCookiesOfClientsThatHaveSuccessfullyLoggedIntoThisAccount[initialCookie] = true; benignSimulatedAccountBag.Add(userAccount); double inverseFrequency = Distributions.GetLogNormal(0, 1); if (inverseFrequency < 0.01d) { inverseFrequency = 0.01d; } if (inverseFrequency > 50d) { inverseFrequency = 50d; } double frequency = 1 / inverseFrequency; lock (BenignAccountSelector) { BenignAccountSelector.AddItem(userAccount, frequency); } }); BenignAccounts = benignSimulatedAccountBag.ToList(); // _logger.WriteStatus("Finished creating {0:N0} benign accounts", // experimentalConfiguration.NumberOfBenignAccounts); //_logger.WriteStatus("Creating attacker IPs"); _ipPool.GenerateAttackersIps(); //_logger.WriteStatus("Creating {0:N0} attacker accounts", // experimentalConfiguration.NumberOfAttackerControlledAccounts); ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) => { SimulatedUserAccount userAccount = simUserAccountController.Create( "attacker_" + index.ToString(), _simPasswords.GetPasswordFromWeightedDistribution()); userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp()); maliciousSimulatedAccountBag.Add(userAccount); }); AttackerAccounts = maliciousSimulatedAccountBag.ToList(); _logger.WriteStatus("Finished creating accounts", experimentalConfiguration.NumberOfAttackerControlledAccounts); Parallel.ForEach(BenignAccounts.Union(AttackerAccounts), (simAccount, loopState) => { simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife; simAccount.CreditLimit = experimentalConfiguration.BlockingOptions.AccountCreditLimit; foreach (string cookie in simAccount.Cookies) { simUserAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore( simAccount, LoginAttempt.HashCookie(cookie)); } }); //_logger.WriteStatus("Finished creating user accounts for each simluated account record"); }
public static ExperimentalConfiguration GetConfig( ExperimentalConfiguration.AttackStrategy attack = ExperimentalConfiguration.AttackStrategy.BreadthFirst, int pwToBan = 100, double fractionOfBenignIPsBehindProxies = 0.1, double fractionOfMaliciousIPsToOverlapWithBenign = .1d, double fractionOfLoginAttemptsFromAttacker = 0.5d, double extraTypoFactor = 1d, ulong scale = 1, string addToName = null) { ExperimentalConfiguration config = new ExperimentalConfiguration(); config.AttackersStrategy = attack; config.PopularPasswordsToRemoveFromDistribution = pwToBan; config.FractionOfBenignIPsBehindProxies = fractionOfBenignIPsBehindProxies; config.FractionOfMaliciousIPsToOverlapWithBenign = fractionOfMaliciousIPsToOverlapWithBenign; ulong totalLoginAttempts = scale * Million; config.TestTimeSpan = new TimeSpan(7, 0, 0, 0); double meanNumberOfLoginsPerBenignAccountDuringExperiment = 100d; double meanNumberOfLoginsPerAttackerControlledIP = 100d; DateTime now = DateTime.Now; string dirName = BasePath + "Run_" + now.Month + "_" + now.Day + "_" + now.Hour + "_" + now.Minute; Directory.CreateDirectory(dirName); config.OutputPath = dirName + @"\"; config.OutputDirectoryName = string.Format("{0}_Strategy_{1}", addToName == null ? "Other" : addToName + "_", config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.BreadthFirst ? "BreadthFirst" : config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.Weighted ? "Weighted" : "Avoid" ); double fractionOfLoginAttemptsFromBenign = 1d - fractionOfLoginAttemptsFromAttacker; double expectedNumberOfBenignAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromBenign; double numberOfBenignAccounts = expectedNumberOfBenignAttempts / meanNumberOfLoginsPerBenignAccountDuringExperiment; double expectedNumberOfAttackAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromAttacker; double numberOfAttackerIps = expectedNumberOfAttackAttempts / meanNumberOfLoginsPerAttackerControlledIP; config.TotalLoginAttemptsToIssue = totalLoginAttempts; config.FractionOfLoginAttemptsFromAttacker = fractionOfLoginAttemptsFromAttacker; config.NumberOfBenignAccounts = (uint)numberOfBenignAccounts; config.NumberOfIpAddressesControlledByAttacker = (uint)numberOfAttackerIps; config.NumberOfAttackerControlledAccounts = (uint)numberOfAttackerIps; config.ProxySizeInUniqueClientIPs = 1000; config.ChanceOfBenignPasswordTypo *= extraTypoFactor; config.BlockingOptions.HeightOfBinomialLadder_H = 48; config.BlockingOptions.NumberOfBitsInBinomialLadderFilter_N = 1 << 29; config.BlockingOptions.BinomialLadderFrequencyThreshdold_T = 44; config.BlockingOptions.ExpensiveHashingFunctionIterations = 1; return(config); }
public void SetParameter(ExperimentalConfiguration config, int parameterIndex) { ParameterSetter(config, Parameters[parameterIndex]); }