The goal is to write a classifier based on daily pulls on real-time malicious network data which aids in the process of real-time deep packet inspection.
Just random forest classification - made with maple 🍁
&&& && & &&
&& &\/&\|& ()|/ @, &&
&\/(/&/&||/& /_/)_&/_&
&() &\/&|()|/&\/ '%" & ()
&_\_&&_\ |& |&&/&__%_/_& &&
&& && & &| &| /& & % ()& /&&
()&_---()&\&\|&&-&&--%---()~
&& \|||
||==~
🍂 |||--🪣
|||
, -=-~ .-^- 🥞 _
`
- Run tree_tap.py
- Select Network Interface
- Check anomaly.log for abnormal packet sizes W.I.P
- Run class.py
- Use peristed PKL classifier model or Apache Parquet model
Currently using the CIC-IDS-2018 dataset to train the model
- Specify ELK connection i) either localhost ii) or cloud deployment
- run elk_shipping.py to ship anomaly.log files