Giters

liujie40 / AI-IDS

AI-IDS software for Splunk

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

License

Our AI-IDS software contains the following license and notice below: Licensed under the MIT License.

AI-IDS

AI-IDS: Application of Deep Learning to Real-time Web Intrusion Detection

We implemented and applied our Artificial Intelligence-based Intrusion Detection System (AI-IDS) to real-time web traffic for distinguishing sophisticated attacks such as unknown patterns, encoded payload or obfuscated attacks, from benign traffic. It also helps writing and improving Snort rules based on newly identified patterns. The AI-IDS is a flexible and scalable system that is implemented based on Docker images, separating user-defined functions by independent images. We designed a CNN-LSTM model structure based on normalized UTF-8 encoding in bigdata-scale web traffic.

payload_analysis

This AI-IDS software that can be running in Splunk environment.

More details: The paper "AI-IDS: Application of Deep Learning to Real-time Web Intrusion Detection" has been published in IEEE Access, Vol. 8, 2020. doi:10.1109/ACCESS.2020.2986882 Authors: Aechan Kim, Mohyun Park, DongHoon Lee

Bio

Aechan Kim (ackim@fsec.or.kr) is an assistant manager in Financial Security Institute (FSI), Yongin, South Korea. He received the B.S. degree in Industrial Engineering from Seoul National University of Science and Technology, Seoul, South Korea, in 2009, and the M.S. degree in financial information security from Korea University, Seoul, in 2014, where he is currently pursuing the Ph.D. degree in Graduate School of Information Security.

Mohyun Park (mhpark@fsec.or.kr) is a manager in Financial Security Institute (FSI), Yongin, South Korea. He received the B.S. degree in Computer Science from Seoul National University, Seoul, South Korea, in 2013.

Dong Hoon Lee (donghlee@korea.ac.kr) received the B.S. degree from the Department of Economics, Korea University, Seoul, in 1985, and the M.S. and Ph.D. degrees in computer science from The University of Oklahoma, Norman, in 1988 and 1992, respectively. Since 1993, he has been with the Faculty of Computer Science and Information Security, Korea University. He is currently a Professor and the Director of the Graduate School of Information Security, Korea University.

Acknowledgments

This research was supported by Financial Security Institute (FSI), South Korea.

About

AI-IDS software for Splunk

License:MIT License

Languages

Language:Python 95.6%Language:Dockerfile 3.2%Language:Shell 1.2%