Wiki
Clone wikipig / OverallStructure
- The router logs all traffic passing through it, and sends this data to the logging machine.
- The packet reader processes all this data, reading it into a database
- The analyzer software reads these packets and stores attack data in a database.
- The controller class reads the packets from the database in chunks, and saves them to its buffer.
- The controller class reads packets from its buffer, determining which connection they go to and then telling that connection to buffer them.
- The connection class then passes the packets to each of the attack analyzers.
- The analyzers run each packet through their built in automata. If they identify an attack, they log it in the database and return True.
- The GUI (backend + frontend) reads and analyzes the attack data from the attack database and displays it to the user.
Updated