Wiki
Clone wikipig / Overall Structure
- The router logs all traffic passing through it, and sends this data to the logger.
- The logging machine processes all this data, reading it into a database
- The analyzer software reads these packets and stores attack data in a database.
- The Controller class reads the packets from the database in chunks, and saves them to its buffer.
- The Controller class reads packets from its buffer, determining which connection they go to and then telling that connection to buffer them.
- The Connection class then passes the packets to each of the attack analyzers.
- The analyzers check each packet against the automata, and returns True if they identify an attack.
- If the analyzers ever identify an attack, they return True. The Controller then logs information about this attack and stores it in the database.
- The GUI (backend + frontend) reads and analyzes the attack data from the attack database and displays it to the user.
Updated