search

bibs2091 / Anomaly-detection-system

Machine learning based Intrusion detection system (IDS)
47 stars 16 forks source link

java.io.FileNotFoundException: ./interface (No such file or directory) #11

Closed shubhamdhingra38 closed 2 years ago

shubhamdhingra38 commented 3 years ago

Hi, I followed the instructions in the repository. I am running CICFlowmeter using sudo gradle run I see it only goes uptil 75% executing, and when the java application with the button opens and I click "Scan", I get this error. Please help Error:

java.io.FileNotFoundException: ./interface (No such file or directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at java.io.FileReader.<init>(FileReader.java:72)
        at cic.cs.unb.ca.flow.ui.FlowMonitorPane.startTrafficFlow(FlowMonitorPane.java:261)
        at cic.cs.unb.ca.flow.ui.FlowMonitorPane.lambda$scanButton$0(FlowMonitorPane.java:165)
        at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
        at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348)
        at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
        at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
        at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:252)
        at java.awt.Component.processMouseEvent(Component.java:6539)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
        at java.awt.Component.processEvent(Component.java:6304)
        at java.awt.Container.processEvent(Container.java:2239)
        at java.awt.Component.dispatchEventImpl(Component.java:4889)
        at java.awt.Container.dispatchEventImpl(Container.java:2297)
        at java.awt.Component.dispatchEvent(Component.java:4711)
        at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4904)
        at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4535)
        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4476)
        at java.awt.Container.dispatchEventImpl(Container.java:2283)
        at java.awt.Window.dispatchEventImpl(Window.java:2746)
        at java.awt.Component.dispatchEvent(Component.java:4711)
        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:760)
        at java.awt.EventQueue.access$500(EventQueue.java:97)
        at java.awt.EventQueue$3.run(EventQueue.java:709)
        at java.awt.EventQueue$3.run(EventQueue.java:703)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:84)
        at java.awt.EventQueue$4.run(EventQueue.java:733)
        at java.awt.EventQueue$4.run(EventQueue.java:731)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:730)null

        at org.GNOME.Accessibility.AtkWrapper$6.dispatchEvent(AtkWrapper.java:705)
        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:205)
        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
        at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
        at cic.cs.unb.ca.flow.ui.FlowMonitorPane.startTrafficFlow(FlowMonitorPane.java:275)
        at cic.cs.unb.ca.flow.ui.FlowMonitorPane.lambda$scanButton$0(FlowMonitorPane.java:165)
        at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
        at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348)
        at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
        at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
        at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:252)
        at java.awt.Component.processMouseEvent(Component.java:6539)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
        at java.awt.Component.processEvent(Component.java:6304)
        at java.awt.Container.processEvent(Container.java:2239)
        at java.awt.Component.dispatchEventImpl(Component.java:4889)
        at java.awt.Container.dispatchEventImpl(Container.java:2297)
        at java.awt.Component.dispatchEvent(Component.java:4711)
        at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4904)
        at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4535)
        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4476)
        at java.awt.Container.dispatchEventImpl(Container.java:2283)
        at java.awt.Window.dispatchEventImpl(Window.java:2746)
        at java.awt.Component.dispatchEvent(Component.java:4711)
        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:760)
        at java.awt.EventQueue.access$500(EventQueue.java:97)
        at java.awt.EventQueue$3.run(EventQueue.java:709)
        at java.awt.EventQueue$3.run(EventQueue.java:703)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:84)
        at java.awt.EventQueue$4.run(EventQueue.java:733)
        at java.awt.EventQueue$4.run(EventQueue.java:731)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:730)
        at org.GNOME.Accessibility.AtkWrapper$6.dispatchEvent(AtkWrapper.java:705)
        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:205)
        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
        at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
shubhamdhingra38 commented 3 years ago

Gradle 4.4.1

Build time: 2012-12-21 00:00:00 UTC Revision: none

Groovy: 2.4.17 Ant: Apache Ant(TM) version 1.10.7 compiled on October 24 2019 JVM: 1.8.0_292 (Private Build 25.292-b10) OS: Linux 5.8.0-50-generic amd64

bibs2091 commented 3 years ago

Hello, Did you run the python server? $ python model/app.py The java interface is a legacy code that needs to be removed, the main work now is with the web interface, after running the python server you'll be given a link to follow to access the web ui, next step is to run the java server. Then you can click the start button (on web)

shubhamdhingra38 commented 3 years ago

Yes, I ran the python server and could see the interface there too. After that how do I run the java server? With sudo gradle run I get the application interface, is that the server or there's something else?

bibs2091 commented 3 years ago

yes with sude gradle run or with ./gradlew execute / gradlew execute, you'll get the java interface, don't use it

shubhamdhingra38 commented 3 years ago

Using the python webapp interface, as soon as I click the button I get

[2021-05-12 23:59:27,067] ERROR in app: Exception on /start [POST]
Traceback (most recent call last):
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/flask/app.py", line 2051, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/flask/app.py", line 1501, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/flask/app.py", line 1499, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/flask/app.py", line 1485, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "app.py", line 78, in start
    app_get.startTrafficFlow()
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/py4j/java_gateway.py", line 1309, in __call__
    return_value = get_return_value(
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/py4j/protocol.py", line 326, in get_return_value
    raise Py4JJavaError(
py4j.protocol.Py4JJavaError: An error occurred while calling t.startTrafficFlow.
: java.lang.NullPointerException
    at cic.cs.unb.ca.flow.ui.FlowMonitorPane.startTrafficFlow(FlowMonitorPane.java:275)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at py4j.reflection.MethodInvoker.invoke(MethodInvoker.java:244)
    at py4j.reflection.ReflectionEngine.invoke(ReflectionEngine.java:357)
    at py4j.Gateway.invoke(Gateway.java:282)
    at py4j.commands.AbstractCommand.invokeMethod(AbstractCommand.java:132)
    at py4j.commands.CallCommand.execute(CallCommand.java:79)
    at py4j.GatewayConnection.run(GatewayConnection.java:238)
    at java.lang.Thread.run(Thread.java:748)

192.168.29.173 - - [12/May/2021 23:59:27] "POST /start HTTP/1.1" 500 -

and on the java server

Check command to run the interface script
java.io.FileNotFoundException: ./interface (No such file or directory)
        at java.io.FileInputStream.open0(Native Method)
        at java.io.FileInputStream.open(FileInputStream.java:195)
        at java.io.FileInputStream.<init>(FileInputStream.java:138)
        at java.io.FileReader.<init>(FileReader.java:72)
        at cic.cs.unb.ca.flow.ui.FlowMonitorPane.startTrafficFlow(FlowMonitorPane.java:261)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at py4j.reflection.MethodInvoker.invoke(MethodInvoker.java:244)
        at py4j.reflection.ReflectionEngine.invoke(ReflectionEngine.java:357)
        at py4j.Gateway.invoke(Gateway.java:282)
        at py4j.commands.AbstractCommand.invokeMethod(AbstractCommand.java:132)
        at py4j.commands.CallCommand.execute(CallCommand.java:79)
        at py4j.GatewayConnection.run(GatewayConnection.java:238)
        at java.lang.Thread.run(Thread.java:748)
shubhamdhingra38 commented 3 years ago

Also, one thing not sure if it matters, I have to run the app.py using cd model python3 app.py

if I run it from root directory of project using python3 model/app.py

I get

[ERROR] './server.py' does not exist
Traceback (most recent call last):
  File "model/app.py", line 185, in <module>
    socketio, app = create_app()
  File "model/app.py", line 47, in create_app
    model_server = process('./server.py')
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/pwnlib/tubes/process.py", line 251, in __init__
    executable_val, argv_val, env_val = self._validate(cwd, executable, argv, env)
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/pwnlib/tubes/process.py", line 575, in _validate
    self.error("%r does not exist"  % executable)
  File "/home/shubham/MajorProject/venv/lib/python3.8/site-packages/pwnlib/log.py", line 424, in error
    raise PwnlibException(message % args)
pwnlib.exception.PwnlibException: './server.py' does not exist
shubhamdhingra38 commented 3 years ago

I hard-coded the network interface name which I got running python3 interface.py in CICFlowmeter repository.

Screenshot

I don't have any error now it seems but I tried a DDOS attack tool, https://github.com/palahsu/DDoS-Ripper and used it on my local ip which I got through hostname -i but it doesn't show any alerts. I do see in the java server some type of count, and in the python server a dictionary being printed like {'Bot': 8, 'DoS attack': 38, 'Brute Force': 0, 'DDoS attacks': 0, '0': 855} but I don't see the interface saying any alert.

Any idea why or can you suggest some other tool to use?

bibs2091 commented 3 years ago

Refer to this closed issue, we mention the used tools for attacking: https://github.com/bibs2091/Anomaly-detection-system/issues/6

Please report to us the results

shubhamdhingra38 commented 3 years ago

Still not working :( I tried the GoldenEye tool. I am getting 400 status code for any GET request to /socket.io/ Here are some logs

127.0.0.1 - - [13/May/2021 17:25:25] "GET /reset_status HTTP/1.1" 200 -
Data received!
{'Bot': 1, 'DoS attack': 0, 'Brute Force': 0, 'DDoS attacks': 0, '0': 23}
127.0.0.1 - - [13/May/2021 17:25:25] "POST /post-predict HTTP/1.1" 200 -
127.0.0.1 - - [13/May/2021 17:25:25] "GET /reset_status HTTP/1.1" 200 -
Data received!
{'Bot': 4, 'DoS attack': 0, 'Brute Force': 0, 'DDoS attacks': 0, '0': 32}
127.0.0.1 - - [13/May/2021 17:25:25] "POST /post-predict HTTP/1.1" 200 -
127.0.0.1 - - [13/May/2021 17:25:25] "GET /reset_status HTTP/1.1" 200 -
Data received!
{'Bot': 7, 'DoS attack': 0, 'Brute Force': 0, 'DDoS attacks': 0, '0': 39}
127.0.0.1 - - [13/May/2021 17:25:25] "POST /post-predict HTTP/1.1" 200 -
127.0.0.1 - - [13/May/2021 17:25:25] "GET /reset_status HTTP/1.1" 200 -
Data received!
{'Bot': 9, 'DoS attack': 0, 'Brute Force': 0, 'DDoS attacks': 0, '0': 50}
127.0.0.1 - - [13/May/2021 17:25:25] "POST /post-predict HTTP/1.1" 200 -
192.168.29.173 - - [13/May/2021 17:25:28] "GET /socket.io/?EIO=3&transport=polling&t=NbbbEVs HTTP/1.1" 400 -
192.168.29.173 - - [13/May/2021 17:25:34] "GET /socket.io/?EIO=3&transport=polling&t=NbbbFzc HTTP/1.1" 400 -
192.168.29.173 - - [13/May/2021 17:25:40] "GET /socket.io/?EIO=3&transport=polling&t=NbbbHRM HTTP/1.1" 400 -
192.168.29.173 - - [13/May/2021 17:25:46] "GET /socket.io/?EIO=3&transport=polling&t=NbbbIv6 HTTP/1.1" 400 -
192.168.29.173 - - [13/May/2021 17:25:52] "GET /socket.io/?EIO=3&transport=polling&t=NbbbKMs HTTP/1.1" 400 -
192.168.29.173 - - [13/May/2021 17:25:58] "GET /socket.io/?EIO=3&transport=polling&t=NbbbLqc HTTP/1.1" 400 -
bondbenz commented 2 years ago

Inside CICFlowmeter folder create a file called "interface" no extension is needed and put inside it the interface you want to capture for example eth0.

souravs17031999 commented 1 year ago

@shubhamdhingra38 how did you get those dict printed ? I don't get any of those calls ?

souravs17031999 commented 1 year ago

@bondbenz I have what you told still not able to solve this issue. I am not even getting any dict printed as shown in this issue, the flask server continously shows 400 for every polled call.