Code Monkey home page Code Monkey logo

grindwall's Introduction

GRINDWALL

ML based Firewall System

Description:


Grindwall is an ML based Firewall System that uses a machine learning model to filter out bad or malicious requests to the server.

  • Each model uses a specefic classification algorithm to determine the nature of incoming packets and classifies them on the basis of the vulnerability that the request tries to exploit.
  • Bad Packets are dropped by the server and the client is displayed with a message.

    • Contents:

      Datasets

    1. full_xss_sqli_dataset.csv = Dataset for training the model - Version 1
    2. version_4_full.csv - Full dataset for Version 4(includes cmdi)
    3. new_specs_dataset.csv - Dataset for classifying according to vulnerability.

      Scripts

    4. network_sec.ipynb = Notebook file used for creating the model and other operations related to ML
    5. grindwall.py = Main Script used to setup the firewall
    6. requirements.txt = Python Requirements for running the script
    7. test.csv = Dataset used for testing the model
    8. gring_gui.py = Scipt to run Grindwall as GUI

      Models

    9. model1_grindwall.pkl = The saved model checkpoint which is loaded into the script for use in the firewall, only filters sqli - Uses Random Forest Classifier
    10. model2_grindwall = The saved model Checkpoint, which filters sql injections and XSS payloads - Uses Ada Boost Classifier
    11. model3_grindwall = Saved Model checkpoint that filters on the basis of the vulnerability that the packet tries to exploit; "sqli","xss" or "good"- Uses Random Forest Classifier
    12. model4_grindwall = Saved Model checkpoint that filters on the basis of the vulnerability that the packet tries to exploit; "sqli","xss","cmdi" or "good" - Uses Light Gradient Boosting Machine Classification

      13. Wordlists

    13. sqlInjection.txt = Wordlist containing payloads for SQL injection attacks used for dataset preparation
    14. xss_payloads.txt = Wordlist containing XSS payloads
    15. cmdi_payloads.txt = Wordlist containing cmdi payloads

    Installation And Working

    • Clone this Repo Install the requirements using the command
    pip install -r requirements.txt
    • Once dependencies are installed run
    python cli.py

    Grindwall CLI

  • Alternatively you can also run the GUI version of Grindwall using : 
    python gring_gui.py
    grindwall GUI



  • Once the firewall is up and running configure your browser or computer to utilize proxy server running on port 1234 ( You can change this setting in grindwall.py file).
    You can use windows proxy settings by accessing
    Settings > Network And Internet > Proxy > Enable proxy with

    Address - 127.0.0.1
    Port - 1234

    Or you can use extensions like Foxy Proxy to use a proxy server for just your browser.
  • Once your browser is configured to listen using the proxy server, all your requests pass through the ML model, which determines if your request is malicious or not and alerts you by dropping the packet.
  • You can view all the outgoing requests in the terminal and log file.

    Good Requests
  • Any malicious requests will be returned with the 'bad' classification and the following message will be displayed.
    Block message

  • The terminal log displays the prediction label according to the vulnerability

    Terminal Information

    Video Demo:

    grindwall_demo.mp4

    Future Implementations:

    Support for other Web Vulnerabilities Including

  • Cross Site Scripting = Completed
  • Command Injections = Completed
  • Support For HTTPS connections
  • Comprehensive GUI
  • Analytics

    • Recommend Projects

    • React photo React

      A declarative, efficient, and flexible JavaScript library for building user interfaces.

    • Vue.js photo Vue.js

      ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

    • Typescript photo Typescript

      TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

    • TensorFlow photo TensorFlow

      An Open Source Machine Learning Framework for Everyone

    • Django photo Django

      The Web framework for perfectionists with deadlines.

    • D3 photo D3

      Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

    Recommend Topics

    • javascript

      JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

    • web

      Some thing interesting about web. New door for the world.

    • server

      A server is a program made to process requests and deliver data to clients.

    • Machine learning

      Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

    • Game

      Some thing interesting about game, make everyone happy.

    Recommend Org

    • Facebook photo Facebook

      We are working to build community through open source technology. NB: members must have two-factor auth.

    • Microsoft photo Microsoft

      Open source projects and samples from Microsoft.

    • Google photo Google

      Google โค๏ธ Open Source for everyone.

    • D3 photo D3

      Data-Driven Documents codes.