The project — Visual Progger, was an extension to the cloud based application — Progger, developed in house in the University of Waikato’s CROW research lab. The cloud based logging application is used primarily for cloud logging to provide details on provenance.
The project aims to study the patterns and behaviour of malware such as ransomewares on computer users.
Visual Progger allows you to dive into the activities and patterns of the ransomeware - the type of libraries it utilises, directories and files it traverses to encrypts them.
The project was to create a visualisation that was intuitive for all users. It also allows meaningful insights to be extracted from the data, such as detecting ransomware in real time.
Project dated from — 05/05/2017
The source code has been modified to provide presentation only functionalities. This means that /live view will only playback from a previous dataset and not be able to provide realtime visualisation from another host or cloud machine.
The project consists of two visualisation namely Static and Live please visit these routes to view them after installation.
http://localhost:5000
http://localhost:5000/live
http://localhost:5000/
http://localhost:5000/live
Please wait for animation to end before proceeeding to next phase.
Press SPACEBAR on your keyboard to start.
Press 1 to start the first phase of Ransomeware traversing Libraries.
Press 2 to start the second phase of Ransomeware traversing Files.
Press 3 to start the third phase of Ransomeware encrypting.
Just wait to view the magic :).
- Node.js, NPM, JavaScript, Babel — core platform and dev tools
- Express, [cors][cors] etc. — common HTTP-server features
- MongoDB — NoSQL, document, data access and migrations
- Handlebars, ThreeJS — client side technologies.
- Docker — Container.
- Progger — Logging Provenance for Security.
├── /app/ # The folder for source code and application
├── /seed/ # Seed data to kickstart the visualisation
It is recommended to initialise the project with Docker
Install Docker from Docker
Docker supports macOS, Windows and Ubuntu platforms.
Run the Docker Compose command once docker has been installed.
$ docker-compose build
$ docker-compose up -d // detaches
Run these commands to clean up and terminate the containers.
$ docker-compose down
$ docker system prune
Ensure you have mongodb installed on your host machine. Installation of Mongo.
Run npm i in the /app directory.
cd ./app && npm i
Rename .env.cp to .env from the /app Directory. Fill in your custom credentials. i.e PORT=8080,
mv .env.cp .env
In order to view the visuals of visual progger, the seed data captured from our research will be needed. In short, populate the database with the seed data.
mongorestore -d visualprogger ./seed/dump