Snort mailing list archives
Re: Machine Learning preprocessor for Snort
From: "Costas Kleopa \(ckleopa\) via Snort-devel" <snort-devel () lists snort org>
Date: Tue, 14 Aug 2018 17:25:47 +0000
And to add to Carter’s comment, currently we have not added any machine learning capabilities in the open source snort as a preprocessor but we have that on our roadmap. Thanks Costas From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of "Carter Waxman (cwaxman) via Snort-devel" <snort-devel () lists snort org> Reply-To: "Carter Waxman (cwaxman)" <cwaxman () cisco com> Date: Tuesday, August 14, 2018 at 10:36 AM To: Hossein Torbat <devtorbat () gmail com>, "snort-devel () lists snort org" <snort-devel () lists snort org> Subject: Re: [Snort-devel] Machine Learning preprocessor for Snort Might I suggest trying to build this as an inspector in Snort 3? Plugin development is far simpler: Define a Module subclass – This defines your configuration. Define an Inspector subclass – This runs your packet processing code Define the InspectApi – This provides the loading hooks and define what you want delivered to the Inspector and how Build against your Snort 3 installation Drop the .so in your dynamic plugin folder and run Take a look at the README and some of the examples in the snort_extra tarball. src/inspectors/dpx would be a good start. -Carter From: Snort-devel <snort-devel-bounces () lists snort org> on behalf of Hossein Torbat via Snort-devel <snort-devel () lists snort org> Reply-To: Hossein Torbat <devtorbat () gmail com> Date: Tuesday, August 14, 2018 at 8:07 AM To: "snort-devel () lists snort org" <snort-devel () lists snort org> Subject: [Snort-devel] Machine Learning preprocessor for Snort We are trying to integrate our Machine Learning traffic detection algorithm (written in python) to snort as a preprocessor component, but as we are new to snort, I want to know if there were any previous effort for adding a similar algorithm to snort, or are there any guide which can help us to develop this faster.
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Machine Learning preprocessor for Snort Hossein Torbat via Snort-devel (Aug 14)
- Re: Machine Learning preprocessor for Snort Carter Waxman (cwaxman) via Snort-devel (Aug 14)
- Re: Machine Learning preprocessor for Snort Costas Kleopa (ckleopa) via Snort-devel (Aug 14)
- Re: Machine Learning preprocessor for Snort Carter Waxman (cwaxman) via Snort-devel (Aug 14)