Skip to content

polarking/ss7-anomaly-detection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

jss7-attack-simulator @ ae30b99

jss7-attack-simulator @ ae30b99

 
 

logstash

logstash

 
 

ss7-ml-analysis @ ec24901

ss7-ml-analysis @ ec24901

 
 

ss7-ml-preprocess @ a08e1fa

ss7-ml-preprocess @ a08e1fa

 
 

.gitmodules

.gitmodules

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

SS7 Anomaly Detection

Anomaly detection for the SS7 Attack Simulator using the ELK stack, Apache Kafka, and Apache Spark.

This project merge together each component required to run the SS7 Attack Simulator and analysis its generated traffic using Apache Spark.

This project is part of a master thesis currently being done at NTNU Gjøvik, Norway.

Instructions

Clone the project using git:

git clone --recursive https://github.com/polarking/ss7-anomaly-detection

Please see the individual subproject's README.md for how to compile and run each individual project.

  1. Make sure Elasticsearch and Apache Kafka is running on localhost.
  2. Create the Kafka topics ss7-raw-input and ss7-preprocessed,
  3. Start logstash, which reads network traffic on localhost using tshark: logstash -t logstash/tshark-kafka-es.conf
  4. Start the SS7 Attack Simulator following the instructions on the project page.
  5. Start the ss7-ml-preprocess and the ss7-ml-analysis Spark applications following the instructions on the project pages.
  6. After some time, data should start to appear in Elasticsearch.

About

Detecting anomalies in SS7 using Apache Spark

Resources

Readme

License

Apache-2.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published