//public void ReduceMemoryUsage(object sender, MemoryUsageLimiter.ReduceMemoryUsageEventParameters parameters) //{ //_ipHistoryCache.RecoverSpace(parameters.FractionOfMemoryToTryToRemove); //} public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords) { _simPasswords = simPasswords; _logger = logger; _AttackAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "AttackAttemptsWithValidPasswords.txt"); //(new StreamWriter(new FileStream(path + "AttackAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write))); _LegitimateAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "LegitimateAttemptsWithValidPasswords.txt"); //(new StreamWriter(new FileStream(path + "LegitiamteAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write))); _OtherAttempts = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "OtherAttempts.txt"); //(new StreamWriter(new FileStream(path + "OtherAttempts.txt", FileMode.CreateNew, FileAccess.Write))); _logger.WriteStatus("Entered Simulator constructor"); _experimentalConfiguration = myExperimentalConfiguration; BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions; _logger.WriteStatus("Creating binomial ladder"); _binomialLadderFilter = new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H); _ipHistoryCache = new ConcurrentDictionary <IPAddress, SimIpHistory>(); // new SelfLoadingCache<IPAddress, SimIpHistory>(address => new SimIpHistory(options.NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos)); _userAccountController = new SimulatedUserAccountController(); //_memoryUsageLimiter = new MemoryUsageLimiter(); //_memoryUsageLimiter.OnReduceMemoryUsageEventHandler += ReduceMemoryUsage; _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024); _logger.WriteStatus("Exiting Simulator constructor"); }
public SimulatedPasswords(DebugLogger logger, ExperimentalConfiguration config) { _logger = logger; _logger.WriteStatus("Loading popular password file"); LoadPasswordSelector(config.PasswordFrequencyFile); if (config.PopularPasswordsToRemoveFromDistribution > 0) { _passwordSelector = _passwordSelector.TrimToRemoveInitialItems(config.PopularPasswordsToRemoveFromDistribution); } _logger.WriteStatus("Loading passwords known to be common by the algorithm before the attack"); LoadKnownPopularPasswords(config.PreviouslyKnownPopularPasswordFile); _logger.WriteStatus("Creating common password selector"); _commonPasswordSelector = _passwordSelector.TrimToInitialItems( (int)config.NumberOfPopularPasswordsForAttackerToExploit); _logger.WriteStatus("Finished creating common password selector"); _logger.WriteStatus("Creating list of most common passwords"); OrderedListOfMostCommonPasswords = _passwordSelector.GetItems(); _logger.WriteStatus("Finished creating list of most common passwords"); }
/// <summary> /// Evaluate the accuracy of our stopguessing service by sending user logins and malicious traffic /// </summary> /// <returns></returns> public void Run() { _logger.WriteStatus("In RunInBackground"); _logger.WriteStatus("Priming password-tracking with known common passwords"); _simPasswords.PrimeWithKnownPasswordsAsync(_binomialLadderFilter, 40); _logger.WriteStatus("Finished priming password-tracking with known common passwords"); _logger.WriteStatus("Creating IP Pool"); _ipPool = new IpPool(_experimentalConfiguration); _logger.WriteStatus("Generating simualted account records"); _simAccounts = new SimulatedAccounts(_ipPool, _simPasswords, _logger); _simAccounts.Generate(_experimentalConfiguration); _logger.WriteStatus("Creating login-attempt generator"); _attemptGenerator = new SimulatedLoginAttemptGenerator(_experimentalConfiguration, _simAccounts, _ipPool, _simPasswords); _logger.WriteStatus("Finiished creating login-attempt generator"); foreach ( ConcurrentStreamWriter writer in new[] { _AttackAttemptsWithValidPasswords, _LegitimateAttemptsWithValidPasswords, _OtherAttempts }) { lock (writer) { writer.WriteLine(string.Format("{0}\t{1}\t{2}\t{3}\t{4}\t{5}\t{6}\t{7}\t{8}\t{9}\t{10}" + "\t{11}\t{12}\t{13}\t{14}\t{15}\t{16}\t{17}\t{18}\t{19}\t{20}\t{21}\t{22}\t{23}\t{24}\t{25}", "Password", "UserID", "IP", "DeviceCookie", "IsFrequentlyGuessedPw", "IsPasswordCorrect", "IsFromAttackAttacker", "IsAGuess", "IPInOposingPool", "IsClientAProxyIP", "TypeOfMistake", "DecayedInvalidAttemptsPerPassword", "DecayedMaxConsecutiveIncorrectAttemptsPerAccount", "DecayedSuccessfulLogins", "DecayedAccountFailuresInfrequentPassword", "DecayedAccountFailuresFrequentPassword", "DecayedRepeatAccountFailuresInfrequentPassword", "DecayedRepeatAccountFailuresFrequentPassword", "DecayedPasswordFailuresNoTypoInfrequentPassword", "DecayedPasswordFailuresNoTypoFrequentPassword", "DecayedPasswordFailuresTypoInfrequentPassword", "DecayedPasswordFailuresTypoFrequentPassword", "DecayedRepeatPasswordFailuresNoTypoInfrequentPassword", "DecayedRepeatPasswordFailuresNoTypoFrequentPassword", "DecayedRepeatPasswordFailuresTypoInfrequentPassword", "DecayedRepeatPasswordFailuresTypoFrequentPassword" )); } } TimeSpan testTimeSpan = _experimentalConfiguration.TestTimeSpan; double ticksBetweenLogins = ((double)testTimeSpan.Ticks) / (double)_experimentalConfiguration.TotalLoginAttemptsToIssue; int interlockedCount = 0; Parallel.For(0L, (long)_experimentalConfiguration.TotalLoginAttemptsToIssue, (count, pls) => //) TaskParalllel.RepeatWithWorkers(_experimentalConfiguration.TotalLoginAttemptsToIssue, //async (count, cancelToken) => // (count) => { interlockedCount = Interlocked.Add(ref interlockedCount, 1); if (interlockedCount % 10000 == 0) { _logger.WriteStatus("Login Attempt {0:N0}", interlockedCount); } DateTime eventTimeUtc = StartTimeUtc.AddTicks((long)(ticksBetweenLogins * interlockedCount)); SimulatedLoginAttempt simAttempt; if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.FractionOfLoginAttemptsFromAttacker) { switch (_experimentalConfiguration.AttackersStrategy) { case ExperimentalConfiguration.AttackStrategy.UseUntilLikelyPopular: simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirstAvoidMakingPopular(eventTimeUtc); break; case ExperimentalConfiguration.AttackStrategy.Weighted: simAttempt = _attemptGenerator.MaliciousLoginAttemptWeighted(eventTimeUtc); break; case ExperimentalConfiguration.AttackStrategy.BreadthFirst: default: simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirst(eventTimeUtc); break; } } else { simAttempt = _attemptGenerator.BenignLoginAttempt(eventTimeUtc); } // Get information about the client's IP SimIpHistory ipHistory = _ipHistoryCache.GetOrAdd(simAttempt.AddressOfClientInitiatingRequest, (ip) => new SimIpHistory( _experimentalConfiguration.BlockingOptions .NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos)); //SimIpHistory ipHistory = await _ipHistoryCache.GetAsync(simAttempt.AddressOfClientInitiatingRequest, cancelToken); double[] scores = ipHistory.GetAllScores(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc); simAttempt.UpdateSimulatorState(this, ipHistory); double decayingInvalidPasswordAttempts = 0d; if (simAttempt.IsPasswordValid) { DecayingDouble incorrectPasswordAttempts; if (_incorrectPasswordCounts.TryGetValue(simAttempt.Password, out incorrectPasswordAttempts)) { decayingInvalidPasswordAttempts = incorrectPasswordAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc); } } else { decayingInvalidPasswordAttempts = 1d; DecayingDouble incorrectPasswordAttempts; if (_incorrectPasswordCounts.TryGetValue(simAttempt.Password, out incorrectPasswordAttempts)) { decayingInvalidPasswordAttempts += incorrectPasswordAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc); } _incorrectPasswordCounts[simAttempt.Password] = new DecayingDouble(decayingInvalidPasswordAttempts, simAttempt.TimeOfAttemptUtc); } var ipInfo = _ipPool.GetIpAddressDebugInfo(simAttempt.AddressOfClientInitiatingRequest); string outputString = string.Format("{0}\t{1}\t{2}\t{3}\t{4}\t{5}\t{6}\t{7}\t{8}\t{9}\t{10}\t{11}\t{12}\t{13}", simAttempt.Password, simAttempt.SimAccount?.UsernameOrAccountId ?? "<null>", simAttempt.AddressOfClientInitiatingRequest, simAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount ? "HadCookie" : "NoCookie", simAttempt.IsFrequentlyGuessedPassword ? "Frequent" : "Infrequent", simAttempt.IsPasswordValid ? "Correct" : "Incorrect", simAttempt.IsFromAttacker ? "FromAttacker" : "FromUser", simAttempt.IsGuess ? "IsGuess" : "NotGuess", simAttempt.IsFromAttacker ? (ipInfo.UsedByBenignUsers ? "IsInBenignPool" : "NotUsedByBenign") : (ipInfo.UsedByAttackers ? "IsInAttackersIpPool" : "NotUsedByAttacker"), ipInfo.IsPartOfProxy ? "ProxyIP" : "NotAProxy", string.IsNullOrEmpty(simAttempt.MistakeType) ? "-" : simAttempt.MistakeType, decayingInvalidPasswordAttempts, simAttempt.SimAccount?.MaxConsecutiveIncorrectAttempts.GetValue(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc) ?? 0d, string.Join("\t", scores.Select(s => s.ToString(CultureInfo.InvariantCulture)).ToArray()) ); if (simAttempt.IsFromAttacker && simAttempt.IsPasswordValid) { lock (_AttackAttemptsWithValidPasswords) { _AttackAttemptsWithValidPasswords.WriteLine(outputString); //_AttackAttemptsWithValidPasswords.Flush(); } } else if (!simAttempt.IsFromAttacker && simAttempt.IsPasswordValid) { lock (_LegitimateAttemptsWithValidPasswords) { _LegitimateAttemptsWithValidPasswords.WriteLine(outputString); //_LegitiamteAttemptsWithValidPasswords.Flush(); } } else { lock (_OtherAttempts) { _OtherAttempts.WriteLine(outputString); //_OtherAttempts.Flush(); } } }); //(e) => { //}, //cancellationToken: cancellationToken).ConfigureAwait(false); foreach ( ConcurrentStreamWriter writer in new [] { _AttackAttemptsWithValidPasswords, _LegitimateAttemptsWithValidPasswords, _OtherAttempts }) { writer.Close(); } //_memoryUsageLimiter.Dispose(); }
/// <summary> /// Create accounts, generating passwords, primary IP /// </summary> #pragma warning disable CS1998 // Async method lacks 'await' operators and will run synchronously public async Task GenerateAsync(ExperimentalConfiguration experimentalConfiguration, #pragma warning restore CS1998 // Async method lacks 'await' operators and will run synchronously //IUserAccountContextFactory accountContextFactory, CancellationToken cancellationToken = default(CancellationToken)) { _logger.WriteStatus("Creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts); MemoryUserAccountController userAccountController = new MemoryUserAccountController();; ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); // // Create benign accounts in parallel Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) => { if (index > 0 && index % 10000 == 0) { _logger.WriteStatus("Created {0:N0} benign accounts", index); } SimulatedUserAccount userAccount = new SimulatedUserAccount() { UsernameOrAccountId = "user_" + index.ToString(), Password = _simPasswords.GetPasswordFromWeightedDistribution() }; userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp()); userAccount.Cookies.Add(StrongRandomNumberGenerator.Get64Bits().ToString()); benignSimulatedAccountBag.Add(userAccount); double inverseFrequency = Distributions.GetLogNormal(0, 1); if (inverseFrequency < 0.01d) { inverseFrequency = 0.01d; } if (inverseFrequency > 50d) { inverseFrequency = 50d; } double frequency = 1 / inverseFrequency; lock (BenignAccountSelector) { BenignAccountSelector.AddItem(userAccount, frequency); } }); BenignAccounts = benignSimulatedAccountBag.ToList(); _logger.WriteStatus("Finished creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts); // // Right after creating benign accounts we create IPs and accounts controlled by the attacker. // (We create the attacker IPs here, and not earlier, because we need to have the benign IPs generated in order to create overlap) _logger.WriteStatus("Creating attacker IPs"); _ipPool.GenerateAttackersIps(); _logger.WriteStatus("Creating {0:N0} attacker accounts", experimentalConfiguration.NumberOfAttackerControlledAccounts); ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); // // Create accounts in parallel Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) => { SimulatedUserAccount userAccount = new SimulatedUserAccount() { UsernameOrAccountId = "attacker_" + index.ToString(), Password = _simPasswords.GetPasswordFromWeightedDistribution(), }; userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp()); maliciousSimulatedAccountBag.Add(userAccount); }); AttackerAccounts = maliciousSimulatedAccountBag.ToList(); _logger.WriteStatus("Finished creating {0:N0} attacker accounts", experimentalConfiguration.NumberOfAttackerControlledAccounts); // // Now create full UserAccount records for each simulated account and store them into the account context Parallel.ForEach(BenignAccounts.Union(AttackerAccounts), (simAccount, loopState) => { //if (loopState. % 10000 == 0) // _logger.WriteStatus("Created account {0:N0}", index); simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife; simAccount.CreditLimit = experimentalConfiguration.BlockingOptions.AccountCreditLimit; foreach (string cookie in simAccount.Cookies) { userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBeforeAsync( simAccount, LoginAttempt.HashCookie(cookie), cancellationToken); } }); _logger.WriteStatus("Finished creating user accounts for each simluated account record"); }
//public void ReduceMemoryUsage(object sender, MemoryUsageLimiter.ReduceMemoryUsageEventParameters parameters) //{ //_ipHistoryCache.RecoverSpace(parameters.FractionOfMemoryToTryToRemove); //} public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords) { _simPasswords = simPasswords; _logger = logger; _AttackAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "AttackAttemptsWithValidPasswords.txt"); //(new StreamWriter(new FileStream(path + "AttackAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write))); _LegitimateAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "LegitimateAttemptsWithValidPasswords.txt"); //(new StreamWriter(new FileStream(path + "LegitiamteAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write))); _OtherAttempts = //System.IO.TextWriter.Synchronized new ConcurrentStreamWriter(path + "OtherAttempts.txt"); //(new StreamWriter(new FileStream(path + "OtherAttempts.txt", FileMode.CreateNew, FileAccess.Write))); _logger.WriteStatus("Entered Simulator constructor"); _experimentalConfiguration = myExperimentalConfiguration; BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions; _logger.WriteStatus("Creating binomial ladder"); _binomialLadderFilter = new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H); _ipHistoryCache = new ConcurrentDictionary<IPAddress, SimIpHistory>(); // new SelfLoadingCache<IPAddress, SimIpHistory>(address => new SimIpHistory(options.NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos)); _userAccountController = new SimulatedUserAccountController(); //_memoryUsageLimiter = new MemoryUsageLimiter(); //_memoryUsageLimiter.OnReduceMemoryUsageEventHandler += ReduceMemoryUsage; _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024); _logger.WriteStatus("Exiting Simulator constructor"); }
/// <summary> /// Evaluate the accuracy of our stopguessing service by sending user logins and malicious traffic /// </summary> /// <returns></returns> public async Task Run(CancellationToken cancellationToken = default(CancellationToken)) { _logger.WriteStatus("In RunInBackground"); _logger.WriteStatus("Priming password-tracking with known common passwords"); _simPasswords.PrimeWithKnownPasswordsAsync(_binomialLadderFilter, 40); _logger.WriteStatus("Finished priming password-tracking with known common passwords"); _logger.WriteStatus("Creating IP Pool"); _ipPool = new IpPool(_experimentalConfiguration); _logger.WriteStatus("Generating simualted account records"); _simAccounts = new SimulatedAccounts(_ipPool, _simPasswords, _logger); await _simAccounts.GenerateAsync(_experimentalConfiguration, cancellationToken); _logger.WriteStatus("Creating login-attempt generator"); _attemptGenerator = new SimulatedLoginAttemptGenerator(_experimentalConfiguration, _simAccounts, _ipPool, _simPasswords); _logger.WriteStatus("Finiished creating login-attempt generator"); foreach (TextWriter writer in new TextWriter[] { _AttackAttemptsWithValidPasswords, _LegitiamteAttemptsWithValidPasswords, _OtherAttempts }) { writer.WriteLine("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9}", //,{9} "Password", "UserID", "IP", "IsFrequentlyGuessedPw", "IsPasswordCorrect", "IsFromAttackAttacker", "IsAGuess", "IPInOposingPool", "IsClientAProxyIP", "TypeOfMistake" //string.Join(",") ); } TimeSpan testTimeSpan = _experimentalConfiguration.TestTimeSpan; double ticksBetweenLogins = ((double)testTimeSpan.Ticks) / (double)_experimentalConfiguration.TotalLoginAttemptsToIssue; await TaskParalllel.RepeatWithWorkers(_experimentalConfiguration.TotalLoginAttemptsToIssue, async (count, cancelToken) => { if (count % 10000 == 0) { _logger.WriteStatus("Login Attempt {0:N0}", count); } DateTime eventTimeUtc = StartTimeUtc.AddTicks((long)(ticksBetweenLogins *count)); SimulatedLoginAttempt simAttempt; if (StrongRandomNumberGenerator.GetFraction() < _experimentalConfiguration.FractionOfLoginAttemptsFromAttacker) { switch (_experimentalConfiguration.AttackersStrategy) { case ExperimentalConfiguration.AttackStrategy.UseUntilLikelyPopular: simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirstAvoidMakingPopular(eventTimeUtc); break; case ExperimentalConfiguration.AttackStrategy.Weighted: simAttempt = _attemptGenerator.MaliciousLoginAttemptWeighted(eventTimeUtc); break; case ExperimentalConfiguration.AttackStrategy.BreadthFirst: default: simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirst(eventTimeUtc); break; } } else { simAttempt = _attemptGenerator.BenignLoginAttempt(eventTimeUtc); } // Get information about the client's IP SimIpHistory ipHistory = await _ipHistoryCache.GetAsync(simAttempt.AddressOfClientInitiatingRequest, cancelToken); double[] scores = ipHistory.GetAllScores(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, simAttempt.TimeOfAttemptUtc); simAttempt.UpdateSimulatorState(this, ipHistory); var ipInfo = _ipPool.GetIpAddressDebugInfo(simAttempt.AddressOfClientInitiatingRequest); string outputString = string.Format("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9},{10}", simAttempt.Password, simAttempt.SimAccount?.UsernameOrAccountId ?? "<null>", simAttempt.AddressOfClientInitiatingRequest, simAttempt.IsFrequentlyGuessedPassword ? "Frequent" : "Infrequent", simAttempt.IsPasswordValid ? "Correct" : "Incorrect", simAttempt.IsFromAttacker ? "FromAttacker" : "FromUser", simAttempt.IsGuess ? "IsGuess" : "NotGuess", simAttempt.IsFromAttacker ? (ipInfo.UsedByBenignUsers ? "IsInBenignPool" : "NotUsedByBenign") : (ipInfo.UsedByAttackers ? "IsInAttackersIpPool" : "NotUsedByAttacker"), ipInfo.IsPartOfProxy ? "ProxyIP" : "NotAProxy", string.IsNullOrEmpty(simAttempt.MistakeType) ? "-" : simAttempt.MistakeType, string.Join(",", scores.Select(s => s.ToString(CultureInfo.InvariantCulture)).ToArray()) ); if (simAttempt.IsFromAttacker && simAttempt.IsPasswordValid) { await _AttackAttemptsWithValidPasswords.WriteLineAsync(outputString); await _AttackAttemptsWithValidPasswords.FlushAsync(); } else if (!simAttempt.IsFromAttacker && simAttempt.IsPasswordValid) { await _LegitiamteAttemptsWithValidPasswords.WriteLineAsync(outputString); await _LegitiamteAttemptsWithValidPasswords.FlushAsync(); } else { await _OtherAttempts.WriteLineAsync(outputString); await _OtherAttempts.FlushAsync(); } }, //(e) => { //}, cancellationToken : cancellationToken); _memoryUsageLimiter.Dispose(); }
/// <summary> /// Create accounts, generating passwords, primary IP /// </summary> public void Generate(ExperimentalConfiguration experimentalConfiguration) { SimulatedUserAccountController simUserAccountController = new SimulatedUserAccountController(); _logger.WriteStatus("Creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts); ConcurrentBag <SimulatedUserAccount> benignSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); // // Create benign accounts in parallel Parallel.For(0, (int)experimentalConfiguration.NumberOfBenignAccounts, (index) => { if (index > 0 && index % 10000 == 0) { _logger.WriteStatus("Created {0:N0} benign accounts", index); } SimulatedUserAccount userAccount = simUserAccountController.Create( "user_" + index.ToString(), _simPasswords.GetPasswordFromWeightedDistribution() ); userAccount.ClientAddresses.Add(_ipPool.GetNewRandomBenignIp()); string initialCookie = StrongRandomNumberGenerator.Get64Bits().ToString(); userAccount.Cookies.Add(initialCookie); userAccount.HashesOfCookiesOfClientsThatHaveSuccessfullyLoggedIntoThisAccount[initialCookie] = true; benignSimulatedAccountBag.Add(userAccount); double inverseFrequency = Distributions.GetLogNormal(0, 1); if (inverseFrequency < 0.01d) { inverseFrequency = 0.01d; } if (inverseFrequency > 50d) { inverseFrequency = 50d; } double frequency = 1 / inverseFrequency; lock (BenignAccountSelector) { BenignAccountSelector.AddItem(userAccount, frequency); } }); BenignAccounts = benignSimulatedAccountBag.ToList(); _logger.WriteStatus("Finished creating {0:N0} benign accounts", experimentalConfiguration.NumberOfBenignAccounts); // // Right after creating benign accounts we create IPs and accounts controlled by the attacker. // (We create the attacker IPs here, and not earlier, because we need to have the benign IPs generated in order to create overlap) _logger.WriteStatus("Creating attacker IPs"); _ipPool.GenerateAttackersIps(); _logger.WriteStatus("Creating {0:N0} attacker accounts", experimentalConfiguration.NumberOfAttackerControlledAccounts); ConcurrentBag <SimulatedUserAccount> maliciousSimulatedAccountBag = new ConcurrentBag <SimulatedUserAccount>(); // // Create accounts in parallel Parallel.For(0, (int)experimentalConfiguration.NumberOfAttackerControlledAccounts, (index) => { SimulatedUserAccount userAccount = simUserAccountController.Create( "attacker_" + index.ToString(), _simPasswords.GetPasswordFromWeightedDistribution()); userAccount.ClientAddresses.Add(_ipPool.GetRandomMaliciousIp()); maliciousSimulatedAccountBag.Add(userAccount); }); AttackerAccounts = maliciousSimulatedAccountBag.ToList(); _logger.WriteStatus("Finished creating {0:N0} attacker accounts", experimentalConfiguration.NumberOfAttackerControlledAccounts); // // Now create full UserAccount records for each simulated account and store them into the account context Parallel.ForEach(BenignAccounts.Union(AttackerAccounts), (simAccount, loopState) => { //if (loopState. % 10000 == 0) // _logger.WriteStatus("Created account {0:N0}", index); simAccount.CreditHalfLife = experimentalConfiguration.BlockingOptions.AccountCreditLimitHalfLife; simAccount.CreditLimit = experimentalConfiguration.BlockingOptions.AccountCreditLimit; foreach (string cookie in simAccount.Cookies) { simUserAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore( simAccount, LoginAttempt.HashCookie(cookie)); } }); _logger.WriteStatus("Finished creating user accounts for each simluated account record"); }