diff --git a/dhalsim/network_attacks/unconstrained_blackbox_netfilter_queue.py b/dhalsim/network_attacks/unconstrained_blackbox_netfilter_queue.py index 1ad4348b..1ba2c2b9 100644 --- a/dhalsim/network_attacks/unconstrained_blackbox_netfilter_queue.py +++ b/dhalsim/network_attacks/unconstrained_blackbox_netfilter_queue.py @@ -68,6 +68,7 @@ def __init__(self, intermediate_yaml_path: Path, yaml_index: int, queue_number: # We can use the same method, as initially the df will be initialized with 0 values self.calculated_concealment_values_df = self.set_initial_conditions_of_scada_values() + self.calculated_concealment_values_df_historical = [] # Initialize input values self.received_scada_tags_df = self.calculated_concealment_values_df @@ -118,6 +119,9 @@ def interrupt(self): def sigint_handler(self, sig, frame): """Interrupt handler for attacker being stoped""" + self.logger.debug("Printing concealment values") + conc_path = Path(__file__).parent.absolute() / "concealed_values.csv" + self.calculated_concealment_values_df.to_csv(conc_path, index=False) self.logger.debug("Netfilter queue process shutting down") self.interrupt() @@ -134,13 +138,13 @@ def handle_sync(self): while not self.get_sync(2): pass - self.logger.debug('Sync is 2. Keeping attack sync in 2, until we get all SCADA flags') + #self.logger.debug('Sync is 2. Keeping attack sync in 2, until we get all SCADA flags') # We stay in 2, to conceal the values exchanged remotely from the PLCs, until we make a prediction while self.missing_scada_tags and self.sync_flag: pass - self.logger.debug('Setting attack sync in 3') + #self.logger.debug('Setting attack sync in 3') self.set_sync(3) self.logger.debug('Netfilter sync thread while finished') @@ -179,7 +183,7 @@ def scada_tag_list_empty(self): # Wait for sync to take place while not self.get_sync(3) and self.sync_flag: - self.logger.debug('Waiting for flag 3') + #self.logger.debug('Waiting for flag 3') pass self.missing_scada_tags = list(self.scada_tags) diff --git a/examples/anytown_topology/anytown_config.yaml b/examples/anytown_topology/anytown_config.yaml index 8d235080..13d564aa 100644 --- a/examples/anytown_topology/anytown_config.yaml +++ b/examples/anytown_topology/anytown_config.yaml @@ -7,7 +7,7 @@ plcs: !include anytown_plcs.yaml simulator: epynet demand: pdd -demand_patterns: demands_anytown_small.csv +#demand_patterns: demands_anytown_small.csv #attacks: !include anytown_concealment_mitm.yaml attacks: !include anytown_dos.yaml log_level: debug diff --git a/examples/anytown_topology/anytown_nwk_delay_and_loss.yaml b/examples/anytown_topology/anytown_nwk_delay_and_loss.yaml index 33a314eb..69bfb50c 100644 --- a/examples/anytown_topology/anytown_nwk_delay_and_loss.yaml +++ b/examples/anytown_topology/anytown_nwk_delay_and_loss.yaml @@ -7,4 +7,4 @@ network_events: start: 648 end: 792 loss_value: 10 - delay_value: 4000 + delay_value: 100 diff --git a/examples/ctown_topology/ctown_plcs.yaml b/examples/ctown_topology/ctown_plcs.yaml index d5a54905..bde17657 100644 --- a/examples/ctown_topology/ctown_plcs.yaml +++ b/examples/ctown_topology/ctown_plcs.yaml @@ -1,4 +1,4 @@ -- name: PLC1 # PLC1, PU1F PU2F J280 J269 , PU1 PU2 +- name: PLC1 sensors: - PU1F - PU2F @@ -7,10 +7,10 @@ actuators: - PU1 - PU2 -- name: PLC2 # PLC2, T1, +- name: PLC2 sensors: - T1 -- name: PLC3 # PLC3, T2 V2F J300 J256 J289 J415 J14 J422 PU4F PU5F PU6F PU7F , V2 PU4 PU5 PU6 PU7 +- name: PLC3 sensors: - T2 - V2F diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_05.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_05.yaml index 8140b756..2019e583 100644 --- a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_05.yaml +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_05.yaml @@ -1,5 +1,6 @@ inp_file: ctown_map.inp -iterations: 2880 +#iterations: 2880 +iterations: 60 network_topology_type: complex plcs: !include ctown_plcs.yaml log_level: debug diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml index 147699b6..c511b4cb 100644 --- a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_10.yaml @@ -2,7 +2,6 @@ inp_file: ctown_map.inp iterations: 2880 network_topology_type: complex plcs: !include ctown_plcs.yaml -log_level: debug simulator: epynet demand: pdd output_path: attack_output_10 diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_11.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_11.yaml new file mode 100644 index 00000000..db21d302 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_11.yaml @@ -0,0 +1,10 @@ +inp_file: ctown_map.inp +iterations: 2880 +network_topology_type: complex +plcs: !include ctown_plcs.yaml +simulator: epynet +demand: pdd +output_path: attack_output_11 +demand_patterns: events/demands_ctown_01.csv +initial_tank_data: events/tanks_ctown_01.csv +attacks: !include dataset_attacks/attack_11.yaml \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_12.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_12.yaml new file mode 100644 index 00000000..4a6f6089 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_12.yaml @@ -0,0 +1,10 @@ +inp_file: ctown_map.inp +iterations: 2880 +network_topology_type: complex +plcs: !include ctown_plcs.yaml +simulator: epynet +demand: pdd +output_path: attack_output_12 +demand_patterns: events/demands_ctown_01.csv +initial_tank_data: events/tanks_ctown_01.csv +attacks: !include dataset_attacks/attack_12.yaml \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_13.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_13.yaml new file mode 100644 index 00000000..3120b25e --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_13.yaml @@ -0,0 +1,10 @@ +inp_file: ctown_map.inp +iterations: 2880 +network_topology_type: complex +plcs: !include ctown_plcs.yaml +simulator: epynet +demand: pdd +output_path: attack_output_13 +demand_patterns: events/demands_ctown_01.csv +initial_tank_data: events/tanks_ctown_01.csv +attacks: !include dataset_attacks/attack_13.yaml \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_14.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_14.yaml new file mode 100644 index 00000000..14e68da5 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_14.yaml @@ -0,0 +1,10 @@ +inp_file: ctown_map.inp +iterations: 2880 +network_topology_type: complex +plcs: !include ctown_plcs.yaml +simulator: epynet +demand: pdd +output_path: attack_output_10 +demand_patterns: events/demands_ctown_01.csv +initial_tank_data: events/tanks_ctown_01.csv +attacks: !include dataset_attacks/attack_14.yaml \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/ctown_config_15.yaml b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_15.yaml new file mode 100644 index 00000000..5313e320 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/ctown_config_15.yaml @@ -0,0 +1,10 @@ +inp_file: ctown_map.inp +iterations: 2880 +network_topology_type: complex +plcs: !include ctown_plcs.yaml +simulator: epynet +demand: pdd +output_path: attack_output_15 +demand_patterns: events/demands_ctown_01.csv +initial_tank_data: events/tanks_ctown_01.csv +attacks: !include dataset_attacks/attack_15.yaml \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_11.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_11.yaml new file mode 100644 index 00000000..132a8075 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_11.yaml @@ -0,0 +1,16 @@ +network_attacks: +- name: plc2attack + type: concealment_mitm + tags: + - tag: T1 + value: 0.0 + target: PLC2 + concealment_data: + type: payload_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_12.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_12.yaml new file mode 100644 index 00000000..bbe8125c --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_12.yaml @@ -0,0 +1,16 @@ +network_attacks: +- name: plc2attack + type: concealment_mitm + tags: + - tag: T1 + value: 0.0 + target: PLC2 + concealment_data: + type: network_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_13.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_13.yaml new file mode 100644 index 00000000..a394a389 --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_13.yaml @@ -0,0 +1,17 @@ +network_attacks: +- name: plc2attack + type: mitm + target: PLC2 + tag: T1 + value: 0.0 + trigger: + start: 1440 + end: 1812 + type: time + +- name: plc2conceal + type: unconstrained_blackbox_concealment_mitm + trigger: + start: 1440 + end: 1812 + type: time \ No newline at end of file diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_14.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_14.yaml new file mode 100644 index 00000000..8e2c3d2d --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_14.yaml @@ -0,0 +1,42 @@ +network_attacks: +- name: plc1attack1 + type: concealment_mitm + tags: + - tag: PU1 + offset: 0.0 + - tag: PU2 + offset: 0.0 + - tag: PU1F + offset: 0.0 + - tag: PU12F + offset: 0.0 + - tag: J269 + offset: 0.0 + - tag: J280 + offset: 0.0 + target: PLC1 + concealment_data: + type: payload_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time + +- name: plc2attack + type: concealment_mitm + tags: + - tag: T1 + value: 0.0 + target: PLC2 + concealment_data: + type: payload_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time diff --git a/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_15.yaml b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_15.yaml new file mode 100644 index 00000000..17ebcf4d --- /dev/null +++ b/examples/ctown_topology/dataset/dataset_config_files/dataset_attacks/attack_15.yaml @@ -0,0 +1,42 @@ +network_attacks: +- name: plc1attack1 + type: concealment_mitm + tags: + - tag: PU1 + offset: 0.0 + - tag: PU2 + offset: 0.0 + - tag: PU1F + offset: 0.0 + - tag: PU12F + offset: 0.0 + - tag: J269 + offset: 0.0 + - tag: J280 + offset: 0.0 + target: PLC1 + concealment_data: + type: network_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time + +- name: plc2attack + type: concealment_mitm + tags: + - tag: T1 + value: 0.0 + target: PLC2 + concealment_data: + type: network_replay + capture_start: 300 + capture_end: 672 + replay_start: 1440 + trigger: + start: 295 + end: 1820 + type: time