Giters

iharsh234 / poseidon

Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict both the type of device and if the device is acting normally or abnormally.

Repository from Github https://github.comiharsh234/poseidonRepository from Github https://github.comiharsh234/poseidon

We are coding again. After a brief pause we are ready to extend Poseidon. Look for additional refinements to the machine learning, a simpler architecture, and better results.

Status

Currently the code is going through a simplification stage. Many classes are being axed to get things to run in a single docker container. The code at this point is not functional.

Poseidon

POSEIDON is now BlackDuck 2016 OpenSource Rookie of the year

License CircleCI codecov Codacy Badge

Situational awareness underpins informed decisions. Understanding what comprises a network, and what network elements are doing is essential. Without situational awareness and context, defending a network remains a difficult proposition.

Can SDN and machine learning answer:

  • What devices comprise my network?
  • What are devices doing?

Install Instructions

git clone https://github.com/CyberReboot/poseidon.git
cd poseidon
*editor* config/poseidon.config
docker build -f ./Dockerfile.poseidon -t poseidon .
docker run poseidon

Makefile Options

You can use make to simplify the building process. To build the container, simply run:

git clone https://github.com/CyberReboot/poseidon.git
cd poseidon
make build_poseidon

To build and run the container, run this command from inside the poseidon directory:

make run_poseidon

This first builds poseidon, then runs it. After it finishes running, the container is removed.

To populate the current volume with the contents of the containers' "poseidonWork/" directory, run:

make run_dev

To run poseidon with sh as entrypoint, run:

make run_sh

This also removes the container after it has finished running.

If you want to build the docs, then invoke:

make build_docs

To build and then open the docs in a container on port 8080:

make run_docs

Configuration

config/poseidon.config

[Monitor]

rabbit_server = RABBIT_SERVER
rabbit_port = RABBIT_PORT
collector_nic = COLLECTOR_NIC
vent_ip = VENT_IP
vent_port = VENT_PORT

RABBIT_SERVER - ip address of the rabbit-mq server
RABBIT_PORT - rabbit-mq server server port
COLLECTOR_NIC - name of the network interface that will be listening for packets
VENT_IP - ip address of serever running vent
VENT_PORT - vent server port

[NorthBoundControllerAbstraction:Update_Switch_State]

controller_uri = https://CONTROLLER_SERVER:8443/api/v1/
controller_user = USERNAME
controller_pass = PASSWORD

CONTROLLER_SERVER - BCF controller ip
USERNAME - username for BCF login
PASSWORD - password for BCF login

Required Dependencies

  • Docker

Documentation

Tests

Tests are currently written in py.test for Python. The tests are automatically run when building the containers.

Contributing to Poseidon

Want to contribute? Awesome! Issue a pull request or see more details here.

About

Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict both the type of device and if the device is acting normally or abnormally.

License:Other

Languages

Language:Python 99.7%Language:Makefile 0.3%