aius | AIUS Repository
kandi X-RAY | aius Summary
kandi X-RAY | aius Summary
aius is a Python library. aius has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. However aius build file is not available. You can download it from GitHub.
AIUS Repository (EDMAND/CAPTAR combination). This folder contains codes for the framework named Aius. It's a framework for anomaly detection and attack reasoning in SCADA systems. The three folders contain different files: code: This folder stores all the code files (Bro and Python scripts) for the framework. Each file will be described in more details later in this ReadMe. csv: This folder stores '.csv' files that contain simulated measurement data in ITI testbed. They are used to generate baseline traffic and anomaly data for evaluation puporse. trace: This folder stores several trace files for traffic in SCADA systems for test purpose. To run the framework, run the 'run.sh' file. Two running mode can be selected using the following two different commands: "./run.sh real": This runs the framework based on traffic stored in a specified trace file. The trace file can be specified in the run.sh. "./run.sh": This runs the framework based on traffic generated by our traffic generator. A brief description of each file in the 'code' folder is given as follows: 'end_point.bro': Bro script that serves as the end point for communication with the Python part. 'flow_level.bro': Data extractor module file for the transport level traffic. 'protocol_level.bro': Data extractor module file for the protocol level traffic. 'protocol_level_modbus.bro': Sub-module file responsible for the Modbus protocol level extraction. 'protocol_level_dnp3.bro': Sub-module file responsible for the DNP3 protocol level extraction. 'data_level.bro': Data extractor module for the content level traffic. 'data_level_modbus.bro': Sub-module file responsible for the Modbus content level extraction. 'data_level_dnp3.bro': Sub-module file responsible for the DNP3 content level extraction. 'edmand.py': Main file for the anomaly detection sub-framework named EDMAND. 'parse_packet.py': File for the transport level parser. 'packet.py': File to store the input data structure for packet level anomlay detection. 'parse_operation.py': File for the protocol level parser. 'operation.py': File to store the input data structure for protocol level anomaly detection. 'parse_data_value.py': File for the content level parser. 'data_value.py': File to store the input data structure for content level anomaly detection. 'analyze_packet.py': File for the packet processor. 'analyze_flow.py': File for the flow processor. 'flow.py': File to store the input data structure for flow level anomaly detection. 'anomaly.py': File to store the anomaly data. 'den_stream.py': File for the clustering anomaly detection mechanism. 'inc_mean_std.py': File for the Mean-STD anomaly detection mechanism. 'manage_anomaly.py': File for the alert manager. 'generate_traffic': File for the synthetic traffic generator. 'analyze_alert': Main file for the attack reasoning sub-framework named CAPTAR. 'anomaly_analyzer.py': File for the causal reasoning engine. 'correlate_alert.py': File for the alert correlator. 'attack_step.py': File to store the attack step node in the causal polytree. 'attack_template.py': File to store the attack tempalte (causal polytree). 'generate_template': File to create the attack templates.
AIUS Repository (EDMAND/CAPTAR combination). This folder contains codes for the framework named Aius. It's a framework for anomaly detection and attack reasoning in SCADA systems. The three folders contain different files: code: This folder stores all the code files (Bro and Python scripts) for the framework. Each file will be described in more details later in this ReadMe. csv: This folder stores '.csv' files that contain simulated measurement data in ITI testbed. They are used to generate baseline traffic and anomaly data for evaluation puporse. trace: This folder stores several trace files for traffic in SCADA systems for test purpose. To run the framework, run the 'run.sh' file. Two running mode can be selected using the following two different commands: "./run.sh real": This runs the framework based on traffic stored in a specified trace file. The trace file can be specified in the run.sh. "./run.sh": This runs the framework based on traffic generated by our traffic generator. A brief description of each file in the 'code' folder is given as follows: 'end_point.bro': Bro script that serves as the end point for communication with the Python part. 'flow_level.bro': Data extractor module file for the transport level traffic. 'protocol_level.bro': Data extractor module file for the protocol level traffic. 'protocol_level_modbus.bro': Sub-module file responsible for the Modbus protocol level extraction. 'protocol_level_dnp3.bro': Sub-module file responsible for the DNP3 protocol level extraction. 'data_level.bro': Data extractor module for the content level traffic. 'data_level_modbus.bro': Sub-module file responsible for the Modbus content level extraction. 'data_level_dnp3.bro': Sub-module file responsible for the DNP3 content level extraction. 'edmand.py': Main file for the anomaly detection sub-framework named EDMAND. 'parse_packet.py': File for the transport level parser. 'packet.py': File to store the input data structure for packet level anomlay detection. 'parse_operation.py': File for the protocol level parser. 'operation.py': File to store the input data structure for protocol level anomaly detection. 'parse_data_value.py': File for the content level parser. 'data_value.py': File to store the input data structure for content level anomaly detection. 'analyze_packet.py': File for the packet processor. 'analyze_flow.py': File for the flow processor. 'flow.py': File to store the input data structure for flow level anomaly detection. 'anomaly.py': File to store the anomaly data. 'den_stream.py': File for the clustering anomaly detection mechanism. 'inc_mean_std.py': File for the Mean-STD anomaly detection mechanism. 'manage_anomaly.py': File for the alert manager. 'generate_traffic': File for the synthetic traffic generator. 'analyze_alert': Main file for the attack reasoning sub-framework named CAPTAR. 'anomaly_analyzer.py': File for the causal reasoning engine. 'correlate_alert.py': File for the alert correlator. 'attack_step.py': File to store the attack step node in the causal polytree. 'attack_template.py': File to store the attack tempalte (causal polytree). 'generate_template': File to create the attack templates.
Support
Quality
Security
License
Reuse
Support
aius has a low active ecosystem.
It has 2 star(s) with 3 fork(s). There are 3 watchers for this library.
It had no major release in the last 6 months.
aius has no issues reported. There are no pull requests.
It has a neutral sentiment in the developer community.
The latest version of aius is current.
Quality
aius has no bugs reported.
Security
aius has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
License
aius is licensed under the MIT License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.
Reuse
aius releases are not available. You will need to build from source code and install.
aius has no build file. You will be need to create the build yourself to build the component from source.
Top functions reviewed by kandi - BETA
kandi has reviewed aius and discovered the below as its top functions. This is intended to give you an instant insight into aius implemented functionality, and help decide if they suit your requirements.
- Generate TCP SYN .
- Initialize the experiment .
- Prepares the data for processing .
- Perform anomaly analysis .
- Updates the configuration for a given packet .
- Merge two centers
- Finds the relationship between the given alert and alert .
- String representation .
- Identify the parameters of the simulation .
- Function to receive alert messages .
Get all kandi verified functions for this library.
aius Key Features
No Key Features are available at this moment for aius.
aius Examples and Code Snippets
No Code Snippets are available at this moment for aius.
Community Discussions
No Community Discussions are available at this moment for aius.Refer to stack overflow page for discussions.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install aius
You can download it from GitHub.
You can use aius like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
You can use aius like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
