summaryrefslogtreecommitdiff
path: root/script/geneva_attacks.py
diff options
context:
space:
mode:
Diffstat (limited to 'script/geneva_attacks.py')
-rw-r--r--script/geneva_attacks.py1612
1 files changed, 1612 insertions, 0 deletions
diff --git a/script/geneva_attacks.py b/script/geneva_attacks.py
new file mode 100644
index 0000000..fa2b550
--- /dev/null
+++ b/script/geneva_attacks.py
@@ -0,0 +1,1612 @@
+
+import copy
+from random import randint
+
+
+# SEQ/ACK add/sub operations (wrap-around considered)
+def seq_add(seq_str, val):
+ seq = (int(seq_str) + val) % 2**32
+ return '%d' % seq
+
+
+def seq_sub(seq_str, val):
+ seq = (int(seq_str) - val) % 2**32
+ return '%d' % seq
+
+
+def gen_rand_int(length):
+ return '%d' % randint(0, 2**length)
+
+
+def calculate_epoch_time(trace, curr_idx):
+ if curr_idx == len(trace) - 1:
+ return float(trace[curr_idx].frame_time_epoch)
+ else:
+ return (float(trace[curr_idx+1].frame_time_epoch) + float(trace[curr_idx].frame_time_epoch)) / 2
+
+
+def calculate_epoch_time_prev(trace, curr_idx):
+ if curr_idx == 0:
+ return float(trace[curr_idx].frame_time_epoch)
+ else:
+ return (float(trace[curr_idx-1].frame_time_epoch) + float(trace[curr_idx].frame_time_epoch)) / 2
+
+
+def inject_geneva_1_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = 10
+ attk_pkt1.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = 10
+ attk_pkt1.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_2_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = 10
+ attk_pkt1.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = 10
+ attk_pkt1.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_3_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = '10'
+ attk_pkt1.ack = gen_rand_int(32)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.dataoff = '10'
+ attk_pkt1.ack = gen_rand_int(32)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_4_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.tcp_opt_wscale = randint(0, 30)
+ attk_pkt1.dataoff = '8'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.tcp_opt_wscale = randint(0, 30)
+ attk_pkt1.dataoff = '8'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_5_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_6_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.ttl = 8
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.ttl = 8
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_7_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.ack = gen_rand_int(32)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.payload_len = randint(0, 1460)
+ attk_pkt1.ack = gen_rand_int(32)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_8_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'S' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.payload_len = randint(0, 1460)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_len = randint(0, 1460)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'S' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.payload_len = randint(0, 1460)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_len = randint(0, 1460)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_9_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.ip_len = 64
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.ip_len = 64
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_10_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.ip_len = 64
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.ip_len = 64
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_11_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_12_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_13_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.tcp_opt_md5header = '1'
+ attk_pkt2.flags = 'R'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'R'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_14_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'RA'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'RA'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_15_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'RA'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'RA'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_16_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.tcp_opt_md5header = '1'
+ attk_pkt2.flags = 'R'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.tcp_opt_md5header = '1'
+ attk_pkt2.flags = 'R'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_17_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FRAPUEN'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FRAPUEN'
+ attk_pkt2.chksum = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_18_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FREACN'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FREACN'
+ attk_pkt2.ttl = 10
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_19_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FREACN'
+ attk_pkt2.tcp_opt_md5header = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt2.flags = 'FREACN'
+ attk_pkt2.tcp_opt_md5header = '1'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ k_attk_pkt2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_20_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if pkt.flags == 'PA' and int(pkt.payload_len) > 8:
+ # split the packet into 8 bytes + remaining
+ pkt_new_1 = copy.deepcopy(pkt)
+ pkt_new_1.ip_len = str(
+ int(pkt_new_1.ip_len) - int(pkt_new_1.payload_len) + 8)
+ pkt_new_1.payload_len = '8'
+ pkt_new_2 = copy.deepcopy(pkt)
+ pkt_new_2.ip_len = str(int(pkt_new_2.ip_len) - 8)
+ pkt_new_2.payload_len = str(int(pkt_new_2.payload_len) - 8)
+ pkt_new_2.seq = seq_add(pkt_new_2.seq, 8)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(pkt_new_1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(pkt_new_2)
+
+ k_pkt_new_1 = copy.deepcopy(k_pkt)
+ k_pkt_new_1.frame_len = k_pkt_new_1.frame_len - \
+ int(pkt.payload_len) + 8
+ k_pkt_new_2 = copy.deepcopy(k_pkt)
+ k_pkt_new_2.frame_len = k_pkt_new_2.frame_len - 8
+ k_pkt_new_2.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_pkt_new_1)
+ injected_k_trace.append(k_pkt_new_2)
+ elif pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt = copy.deepcopy(pkt)
+ attk_pkt.seq = gen_rand_int(32)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt)
+
+ k_attk_pkt = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_21_attack(dataset_dict, k_dataset_dict, multipkt=False):
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if pkt.flags == 'PA' and int(pkt.payload_len) > 12:
+ # split the packet into 8 bytes + remaining
+ pkt_new_1 = copy.deepcopy(pkt)
+ pkt_new_1.ip_len = str(
+ int(pkt_new_1.ip_len) - int(pkt_new_1.payload_len) + 8)
+ pkt_new_1.payload_len = '8'
+ pkt_new_2 = copy.deepcopy(pkt)
+ pkt_new_2.ip_len = str(
+ int(pkt_new_2.ip_len) - int(pkt_new_1.payload_len) + 12)
+ pkt_new_2.payload_len = '4'
+ pkt_new_2.seq = seq_add(pkt_new_2.seq, 8)
+ pkt_new_3 = copy.deepcopy(pkt)
+ pkt_new_3.ip_len = str(int(pkt_new_3.ip_len) - 12)
+ pkt_new_3.payload_len = str(
+ int(pkt_new_3.payload_len) - 12)
+ pkt_new_3.seq = seq_add(pkt_new_3.seq, 12)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(pkt_new_1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(pkt_new_2)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(pkt_new_3)
+
+ k_pkt_new_1 = copy.deepcopy(k_pkt)
+ k_pkt_new_1.frame_len = k_pkt_new_1.frame_len - \
+ int(pkt.payload_len) + 8
+ k_pkt_new_1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ k_pkt_new_2 = copy.deepcopy(k_pkt)
+ k_pkt_new_2.frame_len = k_pkt_new_2.frame_len - \
+ int(pkt.payload_len) + 4
+ k_pkt_new_3 = copy.deepcopy(k_pkt)
+ k_pkt_new_3.frame_len = k_pkt_new_3.frame_len - 12
+ k_pkt_new_3.frame_time_epoch = calculate_epoch_time(
+ k_trace, idx)
+ injected_k_trace.append(k_pkt_new_1)
+ injected_k_trace.append(k_pkt_new_2)
+ injected_k_trace.append(k_pkt_new_3)
+ elif pkt.flags == 'A' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_22_attack(dataset_dict, k_dataset_dict, multipkt=False):
+ raise NotImplementedError
+
+
+def inject_geneva_23_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.flags = 'F'
+ attk_pkt1.ip_len = 78
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.flags = 'F'
+ attk_pkt1.ip_len = 78
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_24_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'S' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.flags = 'SA'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'S' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt1 = copy.deepcopy(pkt)
+ attk_pkt2 = copy.deepcopy(pkt)
+ attk_pkt1.flags = 'SA'
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt1)
+ curr_adv_idx = len(injected_trace)
+ adv_pkt_info[connection_id].append(curr_adv_idx)
+ injected_trace.append(attk_pkt2)
+
+ k_attk_pkt1 = copy.deepcopy(k_pkt)
+ k_attk_pkt1.frame_time_epoch = calculate_epoch_time_prev(
+ k_trace, idx)
+ k_attk_pkt2 = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt1)
+ injected_k_trace.append(k_attk_pkt2)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
+
+
+def inject_geneva_25_attack(dataset_dict, k_dataset_dict, multipkt=False):
+
+ injected_dataset_dict, valid_dataset_dict = {}, {}
+ injected_k_dataset_dict, valid_k_dataset_dict = {}, {}
+ adv_pkt_info = {}
+ for connection_id, trace in dataset_dict.items():
+ k_trace = k_dataset_dict[connection_id]
+ injected_trace = []
+ injected_k_trace = []
+ adv_pkt_info[connection_id] = []
+ has_been_established = False
+ outbound_attk_id = trace[0].get_attack_id()
+ for idx, (pkt, k_pkt) in enumerate(zip(trace, k_trace)):
+ if multipkt:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id:
+ has_been_established = True
+ attk_pkt = copy.deepcopy(pkt)
+ attk_pkt.tcp_opt_uto = randint(0, 65525)
+ adv_pkt_info[connection_id].append(len(injected_trace))
+ injected_trace.append(attk_pkt)
+
+ k_attk_pkt = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ else:
+ if pkt.flags == 'PA' and pkt.get_attack_id() == outbound_attk_id and not has_been_established:
+ has_been_established = True
+ attk_pkt = copy.deepcopy(pkt)
+ attk_pkt.tcp_opt_uto = randint(0, 65525)
+ adv_pkt_info[connection_id].append(len(injected_trace))
+ injected_trace.append(attk_pkt)
+
+ k_attk_pkt = copy.deepcopy(k_pkt)
+ injected_k_trace.append(k_attk_pkt)
+ else:
+ injected_trace.append(pkt)
+ injected_k_trace.append(k_pkt)
+ if has_been_established:
+ injected_dataset_dict[connection_id] = injected_trace
+ injected_k_dataset_dict[connection_id] = injected_k_trace
+ valid_dataset_dict[connection_id] = trace
+ valid_k_dataset_dict[connection_id] = k_trace
+ return injected_dataset_dict, valid_dataset_dict, injected_k_dataset_dict, valid_k_dataset_dict, adv_pkt_info
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:12:16 +0000