[Snort-devel] Question about Artificial Neural Networks + Preprocessors

Cliff Judge (cljudge) cljudge at ...3461...
Wed Apr 12 18:21:43 EDT 2017


You take the packet data and massage it however you want - leave it raw, take the full or partial snort packet structure, and feed that to your net as data.

Then you take whatever rules snort fires from this traffic as the target.

Feed them into your neural network and repeat until smart.


________________________________
From: Joel Esler (jesler)
Sent: Thursday, April 13, 2017 6:31 AM
To: Luan Utimura
Cc: snort-devel at lists.sourceforge.net
Subject: Re: [Snort-devel] Question about Artificial Neural Networks + Preprocessors

This seems like a research paper waiting to happen.

--
Joel Esler | Talos: Manager | jesler at ...3461...<mailto:jesler at ...3461...>






On Apr 12, 2017, at 3:56 PM, Luan Utimura <lnutimura at ...3689...<mailto:lnutimura at ...3689...>> wrote:

Hello everybody,

I'm thinking about creating a system where I can use ANN to learn and classify what type of attacks my network could be suffering based on it's packets informations. At the moment, considering I'm a complete newbie w/ Snort, the methodology would consist of developing a Snort Preprocessor, with an ANN implemented in it.

Is it the best way to approach this problem? Or is it even possible to do the way I just described to you guys?
Feel free to leave your suggestions.

Thanks in advance,
Luan.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org<http://slashdot.org/>! http://sdm.link/slashdot_______________________________________________
Snort-devel mailing list
Snort-devel at lists.sourceforge.net<mailto:Snort-devel at lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/snort-devel

Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20170412/bcc92973/attachment.html>


More information about the Snort-devel mailing list