Intrusion Detection System en rust con aya + burn #27
Description
Descripción
eBPF is a new technology which allows dynamically loading pieces of code into the Linux kernel. It can greatly speed up networking since it enables the kernel to process certain packets before any other process.
The idea is to show how to implement an ebpf program that uses ML to detect network attacks. It is implemented using rust language for both the ebpf program (using aya https://github.com/aya-rs/aya) and ML based detection system (using Burn)
First part is how to use CIC-IDS2017 (https://www.unb.ca/cic/datasets/ids-2017.html) dataset which contains benign and the most up-to-date common attacks to train a prediction model using burn library,
And seconf part is how to integrate the model in an epbf program to detect attacks in a real environment.
El codigo está aquí: https://github.com/jglara/hackathon-ids
Bio de los ponentes
Nivel
Intermedio
Duración
30 minutos