[+dev]
On Tue, Jan 29, 2019 at 9:42 PM Senthalan Kanagalingam <sentha...@wso2.com>
wrote:
> Hi all,
>
> I have tried to change the authentication script to publish the event from
> it rather than our analytical event publisher to overcome the faced issue.
> Here is the script.
>
> function getPayload(context, isSucess) {
> var username = '';
> if (isSucess === true) {
> username = context.currentKnownSubject.username;
> }
> var contextId = '12324232';
> var timestamp = new Date().getTime();
> var remoteIp = context.request.ip;
> var payloadData = {
> 'username' : username,
> 'contextId' : contextId,
> 'authenticationSuccess' : isSucess,
> '_timestamp' : timestamp,
> 'remoteIp' : remoteIp,
> 'eventType' : 'step'
> };
> return payloadData;
> }
>
> function onLoginRequest(context) {
> executeStep(1, {
>
> onSuccess: function (context) {
>
> var payloadData = getPayload(context, true);
>
> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>
> onSuccess : function(context, data) {
>
> Log.info('--------------- Received suspicious ' + data.suspicious);
>
> if (data.suspicious) {
>
> executeStep(2);
>
> }
>
> }, onFail : function(context, data) {
>
> Log.info('--------------- Failed to call analytics engine');
>
> executeStep(2);
>
> }
>
> });
>
> }, onFail : function(context) {
> var payloadData = getPayload(context, false);
>
> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>
> onSuccess : function(context, data) {
>
> Log.info('--------------- Data published ');
>
> }, onFail : function(context, data) {
>
> Log.info('--------------- Data publish failed');
>
> }
>
> });
>
> }
>
> });
> }
>
> Here we can make the getPayload() as a function library function.
>
> To move the calling tensor flow part to the function library as well, I
> have tried the following. Because we can't return the result from the
> callback to the onLoginRequest function
>
> var stepNo;
> function getTensorFlowResult(context, stepUpNo) {
> stepNo = stepUpNo;
> var payloadData = getPayload(context, true);
> httpPost('http://127.0.0.1:5000/publish', payloadData, {
> onSuccess : function(context, data) {
> Log.info('--------------- Received suspicious ' + data.suspicious);
> if (data.suspicious) {
> executeStep(stepNo);
> }
> }, onFail : function(context, data) {
> Log.info('--------------- Failed to call analytics engine');
> executeStep(stepNo);
> }
> });
> }
>
> function publishToTensorFlow(context) {
> var payloadData = getPayload(context, false);
> httpPost('http://127.0.0.1:5000/publish', payloadData, {
> onSuccess : function(context, data) {
> Log.info('--------------- Data published ');
> }, onFail : function(context, data) {
> Log.info('--------------- Data publish failed');
> }
> });
> }
>
> function onLoginRequest(context) {
> executeStep(1, {
> onSuccess: function (context) {
> getTensorFlowResult(context, 2);
> }, onFail : function(context) {
> publishToTensorFlow(context);
> }
> });
> }
>
> But our script validation didn't activate the script as the executeStep(
> *2*) is not found in the script. So I think we can't make the TensorFlow
> calls as the functions library.
>
> Thanks and Regards,
> Senthalan
>
> On Mon, Jan 21, 2019 at 8:50 AM Dilin Dampahalage <di...@wso2.com> wrote:
>
>> Hi All,
>>
>> I was working on a personnel project about "Using Tensor Flow for an
>> Adaptive Authentication Scenario". The idea is to implement a suspicious
>> login detection framework using tensor flow and utilize it to prompt
>> additional authentication steps in adaptive authentication flow. Following
>> is the progress so far.
>>
>>
>> - Simulated Identity Server authentication event stream and trained a
>> Tensor Flow model to detect suspicious logins
>> - Build a Python Flask based REST API to expose the model
>> - Configured an event publisher in IS to publish data to the TF API
>> - Detect suspicious logins (In the current model, if you
>> consecutively failed to login to the Identity Server few times, and you
>> login the next time, it is considered as a suspicious login)
>>
>>
>> As the next step I was trying to utilize the Tensor Flow model in a
>> conditional authentication script. But I was unable to get it working so
>> far. The problem is for some reason the event stream is getting published
>> after the conditional script query the TF API for a suspicious login.
>> Therefore the action for a suspicious login is taken in the next login.
>> Following is the conditional authentication script I used.
>>
>> function onLoginRequest(context) {
>>>
>>> executeStep(1, {
>>>
>>> onSuccess: function (context) {
>>>
>>> var username = context.currentKnownSubject.username;
>>>
>>> httpGet('http://127.0.0.1:5000/evaluate?username=' + username, {
>>>
>>> onSuccess : function(context, data) {
>>>
>>> Log.info('--------------- Received suspicious ' + data.suspicious);
>>>
>>> if (data.suspicious) {
>>>
>>> executeStep(2);
>>>
>>> }
>>>
>>> }, onFail : function(context, data) {
>>>
>>> Log.info('--------------- Failed to call analytics engine');
>>>
>>> }
>>>
>>> });
>>>
>>>
>>>
>>> }
>>>
>>> });
>>>
>>> }
>>>
>>>
>>>
>> I would really appreciate your feedback and help on this.
>>
>> I have attached the event publisher and all the resources I used. You can
>> find the medium article I have written in [4].
>>
>> [1] git repo: https://github.com/dilin993/SuspiciousLoginDetection
>> [2] getting started with tensor flow:
>> https://www.tensorflow.org/tutorials/
>> [3] pandas documentation:
>> https://pandas.pydata.org/pandas-docs/stable/index.html
>> [4]
>> https://medium.com/@dilinlalindradampahalage/suspicious-login-detection-for-wso2-is-using-tensor-flow-introduction-a9070289fdd
>>
>> Thanks,
>> Dilin
>>
>> --
>>
>> *Dilin Dampahalage*
>> Software Engineer | WSO2
>>
>> Email : di...@wso2.com
>> Mobile : +94 771 462939
>> web : http://wso2.com
>>
>> <http://wso2.com/signature>
>>
>
>
> --
>
> *Senthalan Kanagalingam*
> *Software Engineer - WSO2 Inc.*
> *Mobile : +94 (0) 77 18 77 466*
> <http://wso2.com/signature>
>
--
*Senthalan Kanagalingam*
*Software Engineer - WSO2 Inc.*
*Mobile : +94 (0) 77 18 77 466*
<http://wso2.com/signature>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
