The following software has been produced by members of the ARQOS project.

Software for generating IPSec security policies from security requirements. Runs on Linux. 2002-10-01 Zhi Fu, S. Felix Wu, and Yanyan Yang

Software used in DiffServ intrusion detection:
1. thttp: Code to generate the HTTP traffic.
2. TCP_talk TCP_talk code from Arnaud Louet. We modified this code to generate voice packets that marked by Diffserv codepoint. Also another traffic generator.
3. attack (Linux Kernel 2.2) This is a kernel module that attacks a selected traffic flow.
4. dsmon (Linux Kernel 2.2) This is a diffserv traffic monitoring tool.
5. trafmon This is a generic traffic monitoring tool. It uses libpcap to monitor the traffics through the network.
6. probe (Linux Kernel 2.4) This software implements probe traffic generation, and packet attacks.
6.1 ipt_sup Traffic mangling code. It's an iptables implementation for Linux Kernel 2.4.
6.2 pgen Probe traffic generation code.
7. stat This is the statitical abnormal analysis module.
8. rule (including trafmon) This is the rule based intrusion detection module.
9. ns2 This is the ns2 simulation code.
10. ns_dstest This is some ns2 simulation code based on Sean Murphy's diffserv implementation.
11. httpd This directory includes all the files used just for demo purpose. It provides an interface for easy interpretation of the log files.
Also included in the package is a common library code that used in both stat & rule modules which is also used in lots of other ANR projects.

Xiaoyong Wu and Vinay Mahadik

DiffServ capacity planning code. Allows user to specify a network topology and set of traffic demands for EF and BE traffic. Then routes the traffic across the links to ensure adequate quality and minimize total cost.

This is matlab code.

Kehang Wu

DiffServ code for:
1) Router attack (drop tcp packets in a particular macroflow)
2) Monitoring and reporting packet and byte counts per macroflow
3) Intrusion detection using statistical analysis

All code is for Linux.


Xiaoyong Wu

Vinay Mahadik

Linux (file 1)

Linux (file 2)

Linux (file 3)

Version 1.0 of pricing with RSVP / COPS / policy server / mySQL. Consists of 3 files: a readme file, a source code (zipped) archive, and a web interface (zipped) archive.
Kehang Wu, Zhaoning Li, and Hui Gao

Linux (file 1)

Linux (file 2)

Linux (file 3)

Policy server, policy client, and policy database implementation. Modification of COPS and RSVP messages to include pricing information. COPS implementation based on Vovida code.
Zhaoning Li and Hui Gao
TCP packet dropping attack code, analysis code, and data. This method uses a neural net to detect attacks.
Zhi Fu
TCP packet dropping attack code, and analysis code. Includes code for "divert socket" to emulate packet dropping attacks. Also includes readme.txt and data files. This method uses statistical analysis techniques (like NIDES) to detect attacks.
Xiaobing Zhang
RSVP Authentication code, and scripts for testing performance. Hop-by-hop MD5 authentication is compared to selective digital signature authentication.
Zhi Fu


last updated 1-February-2002
contact: webmaster