1. Andy Freeland Avatar Andy Freeland
  2. Untitled project
  3. pig

Wiki

Clone wiki

pig / OverallStructure

View History
  1. The router logs all traffic passing through it, and sends this data to the logging machine.
  2. The packet reader processes all this data, reading it into a database
  3. The analyzer software reads these packets and stores attack data in a database.
    1. The controller class reads the packets from the database in chunks, and saves them to its buffer.
    2. The controller class reads packets from its buffer, determining which connection they go to and then telling that connection to buffer them.
    3. The connection class then passes the packets to each of the attack analyzers.
      1. The analyzers run each packet through their built in automata. If they identify an attack, they log it in the database and return True.
  4. The GUI (backend + frontend) reads and analyzes the attack data from the attack database and displays it to the user.

Updated