public SimulatedLoginAttempt BenignLoginAttempt(DateTime eventTimeUtc)
{
lock (ScheduledBenignAttempts)
{
if (ScheduledBenignAttempts.Count > 0 &&
ScheduledBenignAttempts.First().TimeOfAttemptUtc < eventTimeUtc)
{
SimulatedLoginAttempt result = ScheduledBenignAttempts.First();
ScheduledBenignAttempts.Remove(result);
return(result);
}
}
string mistake = "";
SimulatedUserAccount account = _simAccounts.BenignAccountSelector.GetItemByWeightedRandom();
string cookie;
if (account.Cookies.Count == 0 ||
(account.Cookies.Count < _experimentalConfiguration.MaxCookiesPerUserAccount && StrongRandomNumberGenerator.GetFraction() > _experimentalConfiguration.ChanceOfCoookieReUse))
{
cookie = StrongRandomNumberGenerator.Get64Bits().ToString();
account.Cookies.Add(cookie);
}
else
{
cookie = account.Cookies.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.Cookies.Count)];
}
IPAddress clientIp;
if (account.ClientAddresses.Count == 0 ||
(account.ClientAddresses.Count < _experimentalConfiguration.MaxIpPerUserAccount && StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfIpReUse))
{
account.ClientAddresses.Add(clientIp = _ipPool.GetNewRandomBenignIp());
}
else
{
clientIp = account.ClientAddresses.ToArray()[(int)StrongRandomNumberGenerator.Get32Bits(account.ClientAddresses.Count)];
}
string password = account.Password;
if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfLongRepeatOfStalePassword)
{
string newPassword = _simPasswords.GetPasswordFromWeightedDistribution();
_userAccountController.SetPassword(account, newPassword, account.Password);
mistake += "StalePassword";
lock (ScheduledBenignAttempts)
{
double additionalMistakes = 0;
DateTime currentTimeUtc = eventTimeUtc;
for (additionalMistakes = 1; additionalMistakes < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; additionalMistakes++)
{
currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword);
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, password, false, false, clientIp, cookie, mistake, currentTimeUtc));
}
for (uint correctLogins = 1; correctLogins < _experimentalConfiguration.LengthOfLongRepeatOfOldPassword; correctLogins++)
{
currentTimeUtc = currentTimeUtc.AddSeconds(_experimentalConfiguration.MinutesBetweenLongRepeatOfOldPassword);
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, newPassword, false, false, clientIp, cookie, mistake, currentTimeUtc));
}
}
}
if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignPasswordTypo)
{
mistake += "Typo";
lock (ScheduledBenignAttempts)
{
double additionalMistakes = 0;
while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatTypo)
{
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, AddTypoToPassword(password), false, false, clientIp, cookie, mistake,
eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes)));
}
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds(
_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (1 + additionalMistakes))));
}
password = AddTypoToPassword(password);
}
if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfAccidentallyUsingAnotherAccountPassword)
{
mistake += "WrongPassword";
lock (ScheduledBenignAttempts)
{
double additionalMistakes = 0;
while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatUseOfPasswordFromAnotherAccount)
{
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, _simPasswords.GetPasswordFromWeightedDistribution(), false, false, clientIp, cookie,
mistake, eventTimeUtc.AddSeconds(_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes)));
}
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds(
_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1))));
}
password = _simPasswords.GetPasswordFromWeightedDistribution();
}
if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfBenignAccountNameTypoResultingInAValidUserName)
{
mistake += "WrongAccountName";
lock (ScheduledBenignAttempts)
{
double additionalMistakes = 0;
while (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.ChanceOfRepeatWrongAccountName)
{
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
_simAccounts.GetBenignAccountAtRandomUniform(), password, false, false, clientIp, cookie, mistake, eventTimeUtc.AddSeconds(
_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * ++additionalMistakes)));
}
ScheduledBenignAttempts.Add(new SimulatedLoginAttempt(
account, password, false, false, clientIp, cookie, "", eventTimeUtc.AddSeconds(
_experimentalConfiguration.DelayBetweenRepeatBenignErrorsInSeconds * (additionalMistakes + 1))));
account = _simAccounts.GetBenignAccountAtRandomUniform();
}
}
return(new SimulatedLoginAttempt(account, password, false, false, clientIp, cookie, mistake, eventTimeUtc));
}
public void Generate(ExperimentalConfiguration experimentalConfiguration)
{
SimulatedUserAccountController simUserAccountController = new SimulatedUserAccountController();
_logger.WriteStatus("Creating accounts");
ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();
Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) =>
{
//if (index > 0 && index % 10000 == 0)
// _logger.WriteStatus("Created {0:N0} benign accounts", index);
SimulatedUserAccount userAccount = simUserAccountController.Create(
"user_" + index.ToString(),
_simPasswords.GetPasswordFromWeightedDistribution()
);
userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp());
string initialCookie = StrongRandomNumberGenerator.Get64Bits().ToString();
userAccount.Cookies.Add(initialCookie);
userAccount.HashesOfCookiesOfClientsThatHaveSuccessfullyLoggedIntoThisAccount[initialCookie] = true;
benignSimulatedAccountBag.Add(userAccount);
double inverseFrequency = Distributions.GetLogNormal(0, 1);
if (inverseFrequency < 0.01d)
{
inverseFrequency = 0.01d;
}
if (inverseFrequency > 50d)
{
inverseFrequency = 50d;
}
double frequency = 1 / inverseFrequency;
lock (BenignAccountSelector)
{
BenignAccountSelector.AddItem(userAccount, frequency);
}
});
BenignAccounts = benignSimulatedAccountBag.ToList();
// _logger.WriteStatus("Finished creating {0:N0} benign accounts",
// experimentalConfiguration.NumberOfBenignAccounts);
//_logger.WriteStatus("Creating attacker IPs");
_ipPool.GenerateAttackersIps();
//_logger.WriteStatus("Creating {0:N0} attacker accounts",
// experimentalConfiguration.NumberOfAttackerControlledAccounts);
ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>();
Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) =>
{
SimulatedUserAccount userAccount = simUserAccountController.Create(
"attacker_" + index.ToString(),
_simPasswords.GetPasswordFromWeightedDistribution());
userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp());
maliciousSimulatedAccountBag.Add(userAccount);
});
AttackerAccounts = maliciousSimulatedAccountBag.ToList();
_logger.WriteStatus("Finished creating accounts",
experimentalConfiguration.NumberOfAttackerControlledAccounts);
Parallel.ForEach(BenignAccounts.Union(AttackerAccounts),
(simAccount, loopState) =>
{
simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife;
simAccount.CreditLimit = experimentalConfiguration.BlockingOptions.AccountCreditLimit;
foreach (string cookie in simAccount.Cookies)
{
simUserAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore(
simAccount,
LoginAttempt.HashCookie(cookie));
}
});
//_logger.WriteStatus("Finished creating user accounts for each simluated account record");
}
