Botnet Simulation Framework (BSF)

From Embedded Lab Vienna for IoT & Security
Jump to: navigation, search

Summary

The Botnet Simulation Framework tries to make the race between the botnet users and the botnet defenders more even. It offers the playing field for defenders to evaluate new botnet monitoringtechniques and countermeasures. You can create realisitic peer-to-peer network simulations and visualize them to analyse them further. The simulation part is based on OMNeT++ originally based on version 4.5.1 in this documentation the latest version was 5.6.2 which also worked. The visualization part is based on dash. In this documentation you will learn how to install all components of the BSF and get it running.

Requirements

Installation Guide

OMNet++ download

First we need to download the generic archive of OMNeT++ from the link above and copy it to the directory you want to install it.

Then navigate to the directory you choose and enter this command in the shell with the version number that you downloaded in my case:

tar xvfz omnetpp-5.6.2-src.tgz

This will create an omnetpp-5.6.2 subdirectory with the OMNeT++ files in it.

Next we need to set the environment variables by editing the .bashrc file in your home dircetory for example with gedit or nano:

gedit ~/.bashrc

Add this line with the version number you downloaded at the end and save it:

export PATH=$HOME/omnetpp-5.6.2/bin:$PATH

After this we will need to restart the terminal to make the changes happen.

OMNet++ required packages

Now we come to the packages we need. If you do not want to use the terminal to install all the packages you can use Synaptic and install the via the graphical interface.

For ther Terminal we first enter:

sudo apt-get update

then come these lines to install the required packages:

sudo apt-get install build-essential gcc g++ bison flex perl
sudo apt-get install python python3 qt5-default libqt5opengl5-dev tcl-dev tk-dev
sudo apt-get install libxml2-dev zlib1g-dev default-jre doxygen graphviz libwebkitgtk-3.0-0 

Next is the installation of the osgearth development package and OpenSceneGraph:

sudo apt-get install openscenegraph-plugin-osgearth libosgearth-dev
sudo apt-get install openmpi-bin libopenmpi-dev

And the you can optional install PCAP:

sudo apt-get install libpcap-dev

dash install

To install dash for the visualization of the botnets we need python-pip installed.

sudo apt install python-pip

When this is done we just have 5 pip commands to enter:

pip install dash==1.2.0
pip install dash-daq==0.1.0
pip install networkx
pip install natsort 
pip install numpy

With this dash is installed and we are ready to get things running.

Get things running

Download the BSF files from the github linked above and unzip it at your home directory.

Since BSF only uses the command line we don't need to use the UI of OMNeT++ and can do all of the funktionality via command line. The makefile is under a different license, as I was told from the creator, so it is not included in the github. Therefore we need to generate our makefile with:

opp_makemake -f --deep -O out -I

Sometimes the include path doesn't always get set correctly in the created makefile so edit the generated makefile with gedit for example and add the for you corrected line:

INCLUDE_PATH = I/home/username/path_to_omnet/omnetpp-5.6.2/include/

The next step is to build the project. This happens from the root folder of the BSF projekt

make MODE=release all

Then you can navigate to the simulations folder. The *.ini files are the settings of the simulations you can run. Like how long you want to simulate or how many bots can be active.

Ini example.jpg

If you want to run a simulation just enter the following line while in the simulations directory:

../BSF -r 0 -m -u Cmdenv -c SampleConfig_Crawler -n .. samples.ini

The simulations then will get calculated which can take a while. When the simulation is finished you can navigate to the visualization folder and run

python app.py

When this is finished you can open a webbrowser and go to http://127.0.0.1:8050. The graph of the simulation should open and look something like this

BSF-Plot.png

At the bottom you have a bar where you can skip through the timeline of your simulation. At the top right you can choose the simulation which were run with your ini-config.

Have fun playing around with the configurtation files to test a botnet.


Courses

References