Botnet Simulation Framework (BSF)
The Botnet Simulation Framework tries to make the race between the botnet users and the botnet defenders more even. It offers the playing field for defenders to evaluate new botnet monitoringtechniques and countermeasures. You can create realisitic peer-to-peer network simulations and visualize them to analyse them further. The simulation part is based on OMNeT++ originally based on version 4.5.1 in this documentation the latest version was 5.6.2 which also worked. The visualization part is based on dash. In this documentation you will learn how to install all components of the BSF and get it running.
First we need to download the generic archive of OMNeT++ from the link above and copy it to the directory you want to install it.
Then navigate to the directory you choose and enter this command in the shell with the version number that you downloaded in my case:
tar xvfz omnetpp-5.6.2-src.tgz
This will create an omnetpp-5.6.2 subdirectory with the OMNeT++ files in it.
Next we need to set the environment variables by editing the .bashrc file in your home dircetory for example with gedit or nano:
Add this line with the version number you downloaded at the end and save it:
After this we will need to restart the terminal to make the changes happen.
OMNet++ required packages
Now we come to the packages we need. If you do not want to use the terminal to install all the packages you can use Synaptic and install the via the graphical interface.
For ther Terminal we first enter:
sudo apt-get update
then come these lines to install the required packages:
sudo apt-get install build-essential gcc g++ bison flex perl sudo apt-get install python python3 qt5-default libqt5opengl5-dev tcl-dev tk-dev sudo apt-get install libxml2-dev zlib1g-dev default-jre doxygen graphviz libwebkitgtk-3.0-0
Next is the installation of the osgearth development package and OpenSceneGraph:
sudo apt-get install openscenegraph-plugin-osgearth libosgearth-dev sudo apt-get install openmpi-bin libopenmpi-dev
And the you can optional install PCAP:
sudo apt-get install libpcap-dev
To install dash for the visualization of the botnets we need python-pip installed.
sudo apt install python-pip
When this is done we just have 5 pip commands to enter:
pip install dash==1.2.0 pip install dash-daq==0.1.0 pip install networkx pip install natsort pip install numpy
With this dash is installed and we are ready to get things running.
Get things running
Download the BSF files from the github linked above and unzip it at your home directory.
Since BSF only uses the command line we don't need to use the UI of OMNeT++ and can do all of the funktionality via command line. The makefile is under a different license, as I was told from the creator, so it is not included in the github. Therefore we need to generate our makefile with:
opp_makemake -f --deep -O out -I
Sometimes the include path doesn't always get set correctly in the created makefile so edit the generated makefile with gedit for example and add the for you corrected line:
INCLUDE_PATH = I/home/username/path_to_omnet/omnetpp-5.6.2/include/
The next step is to build the project. This happens from the root folder of the BSF projekt
make MODE=release all
Then you can navigate to the simulations folder. The *.ini files are the settings of the simulations you can run. Like how long you want to simulate or how many bots can be active.
If you want to run a simulation just enter the following line while in the simulations directory:
../BSF -r 0 -m -u Cmdenv -c SampleConfig_Crawler -n .. samples.ini
The simulations then will get calculated which can take a while. When the simulation is finished you can navigate to the visualization folder and run
When this is finished you can open a webbrowser and go to http://127.0.0.1:8050. The graph of the simulation should open and look something like this
At the bottom you have a bar where you can skip through the timeline of your simulation. At the top right you can choose the simulation which were run with your ini-config.
Have fun playing around with the configurtation files to test a botnet.