-
Notifications
You must be signed in to change notification settings - Fork 2
/
riseup_pad
98 lines (63 loc) · 2.44 KB
/
riseup_pad
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
PARGAV
Privacy Aware Research of Generic Anomalies and Visualisations
Robert https://github.com/robert-kisteleki
Antonios https://github.com/akoskinas/
Peter
Petros
Anna
Grissel https://github.com/grisselfaura
Github repository:
https://github.com/vgiotsas/pargav-iot-hackathon
Slack channel:
iot-hackathon-rdam.slack.com
web stuff: https://kistel.eu/static/PARGAV/
0. PRE-PROCESSING
per device CSV format: 1 minute sampling
timestamp (unix epoch), bandwidth up(kbits/s), bandwidth down(kbits/s), connections made, different ports accessed, different IPs accessed
DNS?
3 CSVs per device:
1) idle
2) Controlled:
- power
- activities
3) Uncontrolled
Example:
tv.LAN.uncontrolled.csv:
1570873590, 5, 2000, 10, 1, 1
1570873650, 4, 1900, 8, 1, 1
tv.WAN.idle.csv:
1570873590, 5, 2000, 10, 1, 1
1570873650, 4, 1900, 8, 1, 1
roomba.LAN.idle.csv
1570873590, 1, 1, 1, 12
1570873590, 2, 2, 2, 2
roomba.WAN.controlled.csv
1570873590, 1, 1, 1, 1
1570873590, 2, 2, 2, 2
fake data:
https://kistel.eu/static/PARGAV/fakedata.py
https://kistel.eu/static/PARGAV/tv.LAN.uncontrolled.csv
https://kistel.eu/static/PARGAV/tv.WAN.uncontrolled.csv
https://kistel.eu/static/PARGAV/tv.LAN.uncontrolled-withsignal.csv
https://kistel.eu/static/PARGAV/tv.WAN.uncontrolled-withsignal.csv
1. VISUALISATION
https://kistel.eu/static/PARGAV/
times = pd.to_datetime(df.timestamp_col)
DATA:
https://drive.google.com/file/d/1ZCa5j22EF_3W2qe7xIouYTkRJZ0NzVAB/view
TOOLS FOR PRE-PROCESS:
https://github.com/NEU-SNS/intl-iot/tree/master/destination
Libraries anomaly detection:
Vasilis with Luminol, Petros with Prophet
- https://facebook.github.io/prophet/docs/quick_start.html
- https://towardsdatascience.com/anomaly-detection-time-series-4c661f6f165f
- https://github.com/linkedin/luminol
- https://github.com/etsy/skyline
Just something to look into later:
https://en.wikipedia.org/wiki/IP_Flow_Information_Export
### DATA Processing ###
tshark -r 2019-04-25_idle.pcap -T fields -e frame.number -e frame.time_epoch -e eth.src -e eth.dst -e ip.src -e ip.dst -e ip.proto -e tcp.srcport -e udp.srcport -e tcp.dstport -e udp.dstport -e frame.len -E header=y -E separator=, -E quote=n -E occurrence=f > ~/Desktop/test.csv
https://drive.google.com/drive/folders/1CGTWoc0lzrmEZmlUzyVO-SNCOKbVte6t?usp=sharing
NAME OF THE DATA:
Mon(IoT)r Testbed https://moniotrlab.ccis.neu.edu/tools/
Presentation: https://drive.google.com/drive/folders/1UKpD2_cv1t2Js-FDzLd8yIact_UjLmsu