public static ExperimentalConfiguration GetConfig(
ExperimentalConfiguration.AttackStrategy attack = ExperimentalConfiguration.AttackStrategy.BreadthFirst,
int pwToBan = 100,
double fractionOfBenignIPsBehindProxies = 0.1,
double fractionOfMaliciousIPsToOverlapWithBenign = .01d,
double fractionOfLoginAttemptsFromAttacker = 0.5d,
double extraTypoFactor = 1d,
ulong scale = 1,
string addToName = null)
{
ExperimentalConfiguration config = new ExperimentalConfiguration();
// Scale of test
config.AttackersStrategy = attack;
config.PopularPasswordsToRemoveFromDistribution = pwToBan;
config.FractionOfBenignIPsBehindProxies = fractionOfBenignIPsBehindProxies;
config.FractionOfMaliciousIPsToOverlapWithBenign = fractionOfMaliciousIPsToOverlapWithBenign;
ulong totalLoginAttempts = scale * Million;
config.TestTimeSpan = new TimeSpan(7, 0, 0, 0); // 7 days
double meanNumberOfLoginsPerBenignAccountDuringExperiment = 100d;
double meanNumberOfLoginsPerAttackerControlledIP = 1000d;
DateTime now = DateTime.Now;
string dirName = BasePath + "Run_" + totalLoginAttempts + "_" + now.Month + "_" + now.Day + "_" + now.Hour + "_" + now.Minute;
Directory.CreateDirectory(dirName);
config.OutputPath = dirName + @"\";
config.OutputDirectoryName = string.Format("{0}_Strategy_{1}_Remove_{2}_Proxies_{3}_Overlap_{4}",
addToName == null ? "" : addToName + "_",
//(int)Math.Log10(totalLoginAttempts),
config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.BreadthFirst
? "BreadthFirst"
: config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.Weighted
? "Weighted"
: "Avoid",
config.PopularPasswordsToRemoveFromDistribution,
(int)1000 * config.FractionOfBenignIPsBehindProxies,
(int)1000 * config.FractionOfMaliciousIPsToOverlapWithBenign
);
// Figure out parameters from scale
double fractionOfLoginAttemptsFromBenign = 1d - fractionOfLoginAttemptsFromAttacker;
double expectedNumberOfBenignAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromBenign;
double numberOfBenignAccounts = expectedNumberOfBenignAttempts /
meanNumberOfLoginsPerBenignAccountDuringExperiment;
double expectedNumberOfAttackAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromAttacker;
double numberOfAttackerIps = expectedNumberOfAttackAttempts /
meanNumberOfLoginsPerAttackerControlledIP;
// Make any changes to the config or the config.BlockingOptions within config here
config.TotalLoginAttemptsToIssue = totalLoginAttempts;
config.FractionOfLoginAttemptsFromAttacker = fractionOfLoginAttemptsFromAttacker;
config.NumberOfBenignAccounts = (uint)numberOfBenignAccounts;
// Scale of attackers resources
config.NumberOfIpAddressesControlledByAttacker = (uint)numberOfAttackerIps;
config.NumberOfAttackerControlledAccounts = (uint)numberOfAttackerIps;
// Additional sources of false positives/negatives
config.ProxySizeInUniqueClientIPs = 1000;
// Make typos almost entirely ignored
config.ChanceOfBenignPasswordTypo *= extraTypoFactor;
// Blocking parameters
config.BlockingOptions.HeightOfBinomialLadder_H = 48;
config.BlockingOptions.NumberOfBitsInBinomialLadderFilter_N = 1 << 29;
config.BlockingOptions.BinomialLadderFrequencyThreshdold_T = 44;
config.BlockingOptions.ExpensiveHashingFunctionIterations = 1;
return(config);
}
public static ExperimentalConfiguration GetConfig(
ExperimentalConfiguration.AttackStrategy attack = ExperimentalConfiguration.AttackStrategy.BreadthFirst,
int pwToBan = 100,
double fractionOfBenignIPsBehindProxies = 0.1,
double fractionOfMaliciousIPsToOverlapWithBenign = .1d,
double fractionOfLoginAttemptsFromAttacker = 0.5d,
double extraTypoFactor = 1d,
ulong scale = 1,
string addToName = null)
{
ExperimentalConfiguration config = new ExperimentalConfiguration();
config.AttackersStrategy = attack;
config.PopularPasswordsToRemoveFromDistribution = pwToBan;
config.FractionOfBenignIPsBehindProxies = fractionOfBenignIPsBehindProxies;
config.FractionOfMaliciousIPsToOverlapWithBenign = fractionOfMaliciousIPsToOverlapWithBenign;
ulong totalLoginAttempts = scale * Million;
config.TestTimeSpan = new TimeSpan(7, 0, 0, 0);
double meanNumberOfLoginsPerBenignAccountDuringExperiment = 100d;
double meanNumberOfLoginsPerAttackerControlledIP = 100d;
DateTime now = DateTime.Now;
string dirName = BasePath + "Run_" + now.Month + "_" + now.Day + "_" + now.Hour + "_" + now.Minute;
Directory.CreateDirectory(dirName);
config.OutputPath = dirName + @"\";
config.OutputDirectoryName = string.Format("{0}_Strategy_{1}",
addToName == null ? "Other" : addToName + "_",
config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.BreadthFirst
? "BreadthFirst"
: config.AttackersStrategy == ExperimentalConfiguration.AttackStrategy.Weighted
? "Weighted"
: "Avoid"
);
double fractionOfLoginAttemptsFromBenign = 1d - fractionOfLoginAttemptsFromAttacker;
double expectedNumberOfBenignAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromBenign;
double numberOfBenignAccounts = expectedNumberOfBenignAttempts /
meanNumberOfLoginsPerBenignAccountDuringExperiment;
double expectedNumberOfAttackAttempts = totalLoginAttempts * fractionOfLoginAttemptsFromAttacker;
double numberOfAttackerIps = expectedNumberOfAttackAttempts /
meanNumberOfLoginsPerAttackerControlledIP;
config.TotalLoginAttemptsToIssue = totalLoginAttempts;
config.FractionOfLoginAttemptsFromAttacker = fractionOfLoginAttemptsFromAttacker;
config.NumberOfBenignAccounts = (uint)numberOfBenignAccounts;
config.NumberOfIpAddressesControlledByAttacker = (uint)numberOfAttackerIps;
config.NumberOfAttackerControlledAccounts = (uint)numberOfAttackerIps;
config.ProxySizeInUniqueClientIPs = 1000;
config.ChanceOfBenignPasswordTypo *= extraTypoFactor;
config.BlockingOptions.HeightOfBinomialLadder_H = 48;
config.BlockingOptions.NumberOfBitsInBinomialLadderFilter_N = 1 << 29;
config.BlockingOptions.BinomialLadderFrequencyThreshdold_T = 44;
config.BlockingOptions.ExpensiveHashingFunctionIterations = 1;
return(config);
}
