Skip to content
/ Active_fuzzer Public

Corresponding code to the paper "Active Fuzzing for Testing and Securing Cyber-Physical Systems" by authors: Yuqi Chen, Bohan Xuan, Christopher M. Poskitt, Jun Sun and Fan Zhangin in ISSTA2020.

7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yuqiChen94/Active_fuzzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.idea
.idea
 
 
Main
Main
 
 
raspberry_Pi
raspberry_Pi
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Requirement

Hardware

1.Four raspberry Pis with a wireless network adapter and an ethernet adapter 2.One laptop with a Linux OS
3.USB Ethernet adaptors
4.Ethernet cable extenders

Software

python 2.7.16
matplotlib 2.2.4 (https://matplotlib.org/)
netfilter 0.6.4 (https://www.netfilter.org/)
numpy 1.16.2 (https://numpy.org/)
pandas 0.24.1 (https://pandas.pydata.org/)
pyzmq 18.0.1 (https://pyzmq.readthedocs.io/en/latest/)
scapy 2.4.2 (https://scapy.net/)
scikit-learn 0.20.3 (https://scikit-learn.org/)
tcpdump 4.9.2 (https://www.tcpdump.org/manpages/tcpdump.1.html)

Setup

  1. Physically connect the Raspberry Pis to all PLCs in level0. (USB Ethernet adaptors are used here since Raspberry Pis typically has only one ethernet port.)
  2. Edit and run start_lvl0.sh to enable bridge-Netfilter to set up bridges for all Raspberry Pis.
  3. Make sure all the Raspberry Pis and the laptop are put onto the same wireless subnet.

Code structure

This project contains three modules:

  • Packet collection
  • Active learning
  • Attack implications

Usage

Data collection

  1. For each Raspberry Pi, copy the scripts from the fold 'raspberry_Pi' to the corresponding Raspberry Pis.
  2. Edit the ipadress, port number and file names according to yours.
  3. Run the script 'raspberry_Pi/tcpdump.sh' to sniff packets in level 0 for different PLC. (You should install the required software for your raspberry and check that bridge works.)
  4. Collect corresponding sensor values from the dataset in the meantime.
  5. Edit and run the script 'main/extract_bits.py' and 'main/extra_log.py' to generate the feature vectors and sensor values used for training.

Active learning

  1. Edit and run script 'main/train.py' to get a pre-training model using the data collected above.
  2. For each Raspberry Pi, edit and run the corresponding 'stage_server.py' ,'stage_client.py' and 'stage_AL.py' from the fold 'raspberry_Pi'. (For the sensor value, you can also collect it from the database directly.)
  3. In the meantime, edit and run 'main/zmq/main_client.py' , 'main/zmq/main_server.py' and 'main_predict.py' on the laptop. The 'client' and the 'server' scripts are used to pass all the packets captured by each pi to the laptop and send the new packets generated by our active fuzzing algorithm to each pi.The 'main_predict.py' is the implementation of our algorithm and the 'stage_AL.py' is specially designed to capture packets from the network and modify them.

About

Corresponding code to the paper "Active Fuzzing for Testing and Securing Cyber-Physical Systems" by authors: Yuqi Chen, Bohan Xuan, Christopher M. Poskitt, Jun Sun and Fan Zhangin in ISSTA2020.

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages