-
Notifications
You must be signed in to change notification settings - Fork 1
/
BotDetect.py
146 lines (121 loc) · 3.94 KB
/
BotDetect.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/usr/bin/env python
############
from __future__ import print_function, division
from SBDet import *
import pylab as P
import networkx as nx
from subprocess import check_call
from Util import load, zload
def get_ips(data, format_=None):
nnx = NetworkXGraph(data=data)
if format_ is not None:
return [format_(ip) for ip in nnx.get_vertices()]
return nnx.get_vertices()
def ab_traf_bot_det(adj_mats, w1, w2, lamb):
#### Identify the Pivot Nodes ######
# tr = load('./Result/GCM_tr.pk')
# weights = tr['solution']
node_num = adj_mats[0].shape[0]
weights = np.ones((node_num, )) / node_num
p_nodes = ident_pivot_nodes(adj_mats, weights, 0.8)
#### Calculate interactions of nodes with pivot nodes ####
inta = cal_inta_pnodes(adj_mats, weights, p_nodes)
#### Calculate the correlation graph ####
A, npcor = cal_cor_graph(adj_mats, p_nodes, 0.2)
# import ipdb;ipdb.set_trace()
P0, q0, W = com_det_reg(A, inta, w1=w1, w2=w2, lamb=0, out='./prob.sdpb')
# W = com_det_reg2(A, inta, w1=w1, w2=w2, lamb=0, out='./prob.sdpb')
check_call('./csdp6.1.0linuxp4/bin/csdp ./prob.sdpb ./botnet.sol',
shell=True)
node_num = len(inta)
Z, X = parse_CSDP_sol('./botnet.sol', node_num+1)
solution = randomization(X, P0, q0)
inta_diff = np.dot(inta, solution)
print('inta_diff', inta_diff)
botnet, = np.nonzero(solution > 0)
print('[%i] ips out of [%i] ips are detected as bots' %
(len(botnet), node_num))
return botnet
def ana1(w1, w2, lamb):
data = load('./Result/small_prob.pk')
# bot_ids = ab_traf_bot_det(data['adj_mats'], w1=10, w2=0.001, lamb=0)
bot_ids = ab_traf_bot_det(data['adj_mats'], w1=w1, w2=w2, lamb=lamb)
bot_ips = [data['ips'][i] for i in bot_ids]
# print('bot_ips', bot_ips)
ddos_ips = data['ddos_ips']
stat = get_quantitative(ddos_ips, bot_ips,
data['ips'], show=True)
return stat, bot_ips
# return stat
##########################
# stat_vec = []
# w1_set = P.linspace(0, 2, 10)
# for w1 in w1_set:
# stat_vec.append(ana1(w1, w2=0.001, lamb=0))
# tr = dict(w1=w1_set, stat_vec=stat_vec)
# zdump(tr, './Result/w1_stat_vec.pkz')
# fpr, tpr = roc(zip(*stat_vec))
# P.plot(fpr, tpr, '+-')
##########################
# P.plot(w1_set, fpr, '+-')
# P.plot(w1_set, tpr, 'x--')
# P.xlabel('w1')
# P.legend(['fpr', 'tpr'])
# P.title('Influence of w1 on fpr and tpr')
# P.savefig('./w1_influ.pdf')
# P.show()
###########################
# stat_vec = []
# w2_set = P.linspace(0, 1, 10)
# for w2 in w2_set:
# stat_vec.append(ana1(w1=4, w2=w2, lamb=0))
# tr = dict(w2=w2_set, stat_vec=stat_vec)
# zdump(tr, './Result/w1_stat_vec.pkz')
# fpr, tpr = roc(zip(*stat_vec))
# P.plot(fpr, tpr, '+-')
###########################
# P.subplot(211)
# P.plot(w2_set, fpr, '+-')
# P.plot(w2_set, tpr, 'x--')
# P.legend(['fpr', 'tpr'])
# P.title('Influence of w2 on fpr and tpr')
# P.subplot(212)
# P.plot(w2_set, P.array(tpr)-P.array(fpr), '*-.')
# P.legend(['tpr-fpr'])
# P.xlabel('w2')
# P.savefig('./w2_influ.pdf')
# P.show()
###########################
# stat_vec = []
# lamb_set = P.linspace(0, 30, 10)
# for lamb in lamb_set:
# stat_vec.append(ana1(w1=4, w2=0.1, lamb=lamb))
# fpr, tpr = roc(zip(*stat_vec))
# P.plot(fpr, tpr, '+-')
##########################
# P.subplot(211)
# P.plot(lamb_set, fpr, '+-')
# P.plot(lamb_set, tpr, 'x--')
# P.legend(['fpr', 'tpr'])
# P.title('Influence of lambda on fpr and tpr')
# P.subplot(212)
# P.plot(lamb_set, P.array(tpr)-P.array(fpr), '*-.')
# P.legend(['tpr-fpr'])
# P.xlabel('lambda')
# P.savefig('./lamb_influ.pdf')
# P.show()
###########################
stat_vec = []
w2_set = P.linspace(0, 1, 10)
dv = []
for w2 in w2_set:
stat, detected_ips = ana1(w1=4, w2=w2, lamb=0)
dv.append(len(detected_ips))
###########
P.plot(w2_set, dv, '+-')
P.xlabel('w2')
P.ylabel('no. of reported bots')
P.title('Influence of regularization weight')
P.savefig('./w2_reported_bots.pdf')
P.show()
##########