SlideShare une entreprise Scribd logo

Generating Signatures for cyberattacks.

Shyamsundar Das
Shyamsundar Das

Packet inspection & Signature Generation using AIEngine (Artificial Intelligence)

Technologie
1  sur  13
1 “PACKET INSPECTION AND SIGNATURE GENERATION USING AIENGINE” A Project Submitted in partial fulfillment for the award of Post-Graduation Diploma in IT Infrastructure And System Security Submitted to C-DAC Electronics City Bengaluru Karnataka (India) Submitted By Rishabh Tamrakar – 170851923034 Rishi Kumar – 170851923035 Neha Singh– 170851923026 Shyamsundar Das – 170851923041 Under the Guidance of Mr. Murali
2 Table of Contents Page No Introduction Objective 3 Scope 4 Purpose 5 Design Architecture 6 Installation & Configuration Snaps 7-13
3 Objective This project covers Installation And Configuration Of Tool AIEngine (Author:Luis Campo Giralte). And With The Help Of Tool Generating Signature related to SYN and ICMP Packet In System.
4 Scope The aim of this document is to explain and describe the functionality that AIEngine a New Generation Network Intrusion Detection System engine brings. AIEngine is a next generation programmable network intrusion detection system. Supports x86_64, ARM and over operating systems such as Linux, FreeBSD and MacOS. Our aim is to detect SYN and ICMP scans in system and generating signature so that, This signature can be given to Firewall or IDS/IPS system to prevent it and stop the attacks like Dos.
5 Purpose The purpose of this project is to use AIEngine for the packet inspection because it needs less human interaction. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on. AIEngine is useful for frequently analysis for unknown traffic And Support for detect DDoS at network/application layer also Support for rejecting TCP/UDP connections.
6 Architecture The core of AIEngine is a complex library implemented on C++11/14 standard that process packets on real time. This library uses a external layer of high level programming languages, such as Python, Ruby or even Java, that brings to the engine the flexibility of this type of languages and the speed and performance of C++14 standard. All the internal architecture is based on objects that could link or not, depending on customer requirements, with other objects for bring a specific functionality. On the other hand, all the memory connections have internal caches that allows to the system to process more than 5.000.000 concurrent TCP connections with no memory problems.
7 Installation & Configuration We need to install dependencies related to AIEngine apt-get install libpcap-dev
8 apt-get install libboost-all-dev Apt-get install libpcre3-dev
9 apt-get install m4 apt-get install automake
10 Download the repository of AIEngine from https://bitbucket.org/cam0 and unZip it. Go inside the folder of camp0-aiengine and chance permission of 2 files 1: autogen.sh 2:configure.ac
11 Now run the file ./autogen.sh Now run ./configure
12 After configuration run ‘make’ command
13 After make run ‘make install’ aiengine is installed and configured now start the engine

Recommandé

IO Visor Summit 2017: Welcome & Overview via Pere Monclus
IO Visor Summit 2017: Welcome & Overview via Pere MonclusIO Visor Summit 2017: Welcome & Overview via Pere Monclus
IO Visor Summit 2017: Welcome & Overview via Pere MonclusIO Visor Project
 
Drive into calico architecture part 2
Drive into calico architecture part 2Drive into calico architecture part 2
Drive into calico architecture part 2Anirban Sen Chowdhary
 
Abhishek resume
Abhishek resumeAbhishek resume
Abhishek resumeAbhishek Pratap Singh
 
RESUME _ PRATHAMESH PISE
RESUME _ PRATHAMESH PISERESUME _ PRATHAMESH PISE
RESUME _ PRATHAMESH PISEPrathamesh Pise
 
I psecurity
I psecurityI psecurity
I psecurityZainabNoorGul
 
Neutron Extension API
Neutron Extension APINeutron Extension API
Neutron Extension APIVietnam Open Infrastructure User Group
 
VPN
VPNVPN
VPNSwarup Kumar Mall
 
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...Cohesive Networks
 

Recommandé

IO Visor Summit 2017: Welcome & Overview via Pere Monclus
IO Visor Summit 2017: Welcome & Overview via Pere MonclusIO Visor Summit 2017: Welcome & Overview via Pere Monclus
IO Visor Summit 2017: Welcome & Overview via Pere MonclusIO Visor Project
 
Drive into calico architecture part 2
Drive into calico architecture part 2Drive into calico architecture part 2
Drive into calico architecture part 2Anirban Sen Chowdhary
 
Abhishek resume
Abhishek resumeAbhishek resume
Abhishek resumeAbhishek Pratap Singh
 
RESUME _ PRATHAMESH PISE
RESUME _ PRATHAMESH PISERESUME _ PRATHAMESH PISE
RESUME _ PRATHAMESH PISEPrathamesh Pise
 
I psecurity
I psecurityI psecurity
I psecurityZainabNoorGul
 
Neutron Extension API
Neutron Extension APINeutron Extension API
Neutron Extension APIVietnam Open Infrastructure User Group
 
VPN
VPNVPN
VPNSwarup Kumar Mall
 
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...
Microsoft Infopedia webinar "Secure Your Azure Cloud Deployments with VNS3 Ov...Cohesive Networks
 
Ipsecurity
IpsecurityIpsecurity
IpsecurityChinmay Patel
 
IP Sec by Amin Pathan
IP Sec by Amin PathanIP Sec by Amin Pathan
IP Sec by Amin Pathanaminpathan11
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overviewdavisli
 
Cns unit4
Cns unit4Cns unit4
Cns unit4PRADEEPJ30
 
Policy Driven Deployment for Container Networking
Policy Driven Deployment for Container NetworkingPolicy Driven Deployment for Container Networking
Policy Driven Deployment for Container NetworkingDocker, Inc.
 
message passing interface
message passing interfacemessage passing interface
message passing interfaceZTech Proje
 
A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005Nadeer Abu Jraerr
 
How to Set iRidium Server?
How to Set iRidium Server?How to Set iRidium Server?
How to Set iRidium Server?iRidiumMobile365
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istioWisnuPrabowo20
 
Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in frescoAmit Lanjewar
 
Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideasVIT University
 
Resume
ResumeResume
ResumeMohd Arif Khan
 
Design and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerDesign and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerIJERA Editor
 
License Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCVLicense Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCVVishal Polley
 
Resume_Appaji
Resume_AppajiResume_Appaji
Resume_AppajiAppaji K
 
Pranav Kumbhar Resume
Pranav Kumbhar ResumePranav Kumbhar Resume
Pranav Kumbhar ResumePRANAV KUMBHAR
 
ashok
ashokashok
ashokChelli Ashok
 
chelli ashok - resume
chelli ashok - resumechelli ashok - resume
chelli ashok - resumeChelli Ashok
 
Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...Ashley Carter
 
ashok
ashokashok
ashokChelli Ashok
 
Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...Iaetsd Iaetsd
 
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal NetworkRemotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Networkijtsrd
 

Contenu connexe

Tendances

IP Sec by Amin Pathan
IP Sec by Amin PathanIP Sec by Amin Pathan
IP Sec by Amin Pathanaminpathan11
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overviewdavisli
 
Policy Driven Deployment for Container Networking
Policy Driven Deployment for Container NetworkingPolicy Driven Deployment for Container Networking
Policy Driven Deployment for Container NetworkingDocker, Inc.
 
message passing interface
message passing interfacemessage passing interface
message passing interfaceZTech Proje
 
A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005Nadeer Abu Jraerr
 
How to Set iRidium Server?
How to Set iRidium Server?How to Set iRidium Server?
How to Set iRidium Server?iRidiumMobile365
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istioWisnuPrabowo20
 
Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in frescoAmit Lanjewar
 

Tendances (10)

Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 
IP Sec by Amin Pathan
IP Sec by Amin PathanIP Sec by Amin Pathan
IP Sec by Amin Pathan
 
IPSec Overview
IPSec OverviewIPSec Overview
IPSec Overview
 
Cns unit4
Cns unit4Cns unit4
Cns unit4
 
Policy Driven Deployment for Container Networking
Policy Driven Deployment for Container NetworkingPolicy Driven Deployment for Container Networking
Policy Driven Deployment for Container Networking
 
message passing interface
message passing interfacemessage passing interface
message passing interface
 
A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005A technical comparison of ip sec and ssl 2005
A technical comparison of ip sec and ssl 2005
 
How to Set iRidium Server?
How to Set iRidium Server?How to Set iRidium Server?
How to Set iRidium Server?
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istio
 
Security & fault tolerance in fresco
Security & fault tolerance in frescoSecurity & fault tolerance in fresco
Security & fault tolerance in fresco
 

Similaire à Generating Signatures for cyberattacks.

Design and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerDesign and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerIJERA Editor
 
License Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCVLicense Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCVVishal Polley
 
Resume_Appaji
Resume_AppajiResume_Appaji
Resume_AppajiAppaji K
 
chelli ashok - resume
chelli ashok - resumechelli ashok - resume
chelli ashok - resumeChelli Ashok
 
Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...Ashley Carter
 
Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...Iaetsd Iaetsd
 
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal NetworkRemotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Networkijtsrd
 
OSMC 2022 | Current State of icinga by Bernd Erk
OSMC 2022 | Current State of icinga by Bernd ErkOSMC 2022 | Current State of icinga by Bernd Erk
OSMC 2022 | Current State of icinga by Bernd ErkNETWAYS
 
Cisco Certified Network Associate
Cisco Certified Network AssociateCisco Certified Network Associate
Cisco Certified Network AssociateSumit K Das
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioGünter Obiltschnig
 
IRJET- Intelligent Home Security System using Artificial Intelligence
IRJET- Intelligent Home Security System using Artificial IntelligenceIRJET- Intelligent Home Security System using Artificial Intelligence
IRJET- Intelligent Home Security System using Artificial IntelligenceIRJET Journal
 

Similaire à Generating Signatures for cyberattacks. (20)

Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideas
 
Resume
ResumeResume
Resume
 
Design and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerDesign and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web Server
 
License Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCVLicense Plate Recognition System using Python and OpenCV
License Plate Recognition System using Python and OpenCV
 
Resume_Appaji
Resume_AppajiResume_Appaji
Resume_Appaji
 
Pranav Kumbhar Resume
Pranav Kumbhar ResumePranav Kumbhar Resume
Pranav Kumbhar Resume
 
ashok
ashokashok
ashok
 
chelli ashok - resume
chelli ashok - resumechelli ashok - resume
chelli ashok - resume
 
Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...Automatically partitioning packet processing applications for pipelined archi...
Automatically partitioning packet processing applications for pipelined archi...
 
ashok
ashokashok
ashok
 
Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...Iirdem design and implementation of finger writing in air by using open cv (c...
Iirdem design and implementation of finger writing in air by using open cv (c...
 
Remotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal NetworkRemotely Scanning Organization’s Internal Network
Remotely Scanning Organization’s Internal Network
 
Resume-thilaga
Resume-thilagaResume-thilaga
Resume-thilaga
 
One pk whitepaper
One pk whitepaperOne pk whitepaper
One pk whitepaper
 
OSMC 2022 | Current State of icinga by Bernd Erk
OSMC 2022 | Current State of icinga by Bernd ErkOSMC 2022 | Current State of icinga by Bernd Erk
OSMC 2022 | Current State of icinga by Bernd Erk
 
Cisco Certified Network Associate
Cisco Certified Network AssociateCisco Certified Network Associate
Cisco Certified Network Associate
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
 
Documentation
DocumentationDocumentation
Documentation
 
IRJET- Intelligent Home Security System using Artificial Intelligence
IRJET- Intelligent Home Security System using Artificial IntelligenceIRJET- Intelligent Home Security System using Artificial Intelligence
IRJET- Intelligent Home Security System using Artificial Intelligence
 
Enabling NFV features in kubernetes
Enabling NFV features in kubernetesEnabling NFV features in kubernetes
Enabling NFV features in kubernetes
 

Dernier

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Dernier (20)

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Generating Signatures for cyberattacks.

  • 1. 1 “PACKET INSPECTION AND SIGNATURE GENERATION USING AIENGINE” A Project Submitted in partial fulfillment for the award of Post-Graduation Diploma in IT Infrastructure And System Security Submitted to C-DAC Electronics City Bengaluru Karnataka (India) Submitted By Rishabh Tamrakar – 170851923034 Rishi Kumar – 170851923035 Neha Singh– 170851923026 Shyamsundar Das – 170851923041 Under the Guidance of Mr. Murali
  • 2. 2 Table of Contents Page No Introduction Objective 3 Scope 4 Purpose 5 Design Architecture 6 Installation & Configuration Snaps 7-13
  • 3. 3 Objective This project covers Installation And Configuration Of Tool AIEngine (Author:Luis Campo Giralte). And With The Help Of Tool Generating Signature related to SYN and ICMP Packet In System.
  • 4. 4 Scope The aim of this document is to explain and describe the functionality that AIEngine a New Generation Network Intrusion Detection System engine brings. AIEngine is a next generation programmable network intrusion detection system. Supports x86_64, ARM and over operating systems such as Linux, FreeBSD and MacOS. Our aim is to detect SYN and ICMP scans in system and generating signature so that, This signature can be given to Firewall or IDS/IPS system to prevent it and stop the attacks like Dos.
  • 5. 5 Purpose The purpose of this project is to use AIEngine for the packet inspection because it needs less human interaction. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on. AIEngine is useful for frequently analysis for unknown traffic And Support for detect DDoS at network/application layer also Support for rejecting TCP/UDP connections.
  • 6. 6 Architecture The core of AIEngine is a complex library implemented on C++11/14 standard that process packets on real time. This library uses a external layer of high level programming languages, such as Python, Ruby or even Java, that brings to the engine the flexibility of this type of languages and the speed and performance of C++14 standard. All the internal architecture is based on objects that could link or not, depending on customer requirements, with other objects for bring a specific functionality. On the other hand, all the memory connections have internal caches that allows to the system to process more than 5.000.000 concurrent TCP connections with no memory problems.
  • 7. 7 Installation & Configuration We need to install dependencies related to AIEngine apt-get install libpcap-dev
  • 9. 9 apt-get install m4 apt-get install automake
  • 10. 10 Download the repository of AIEngine from https://bitbucket.org/cam0 and unZip it. Go inside the folder of camp0-aiengine and chance permission of 2 files 1: autogen.sh 2:configure.ac
  • 11. 11 Now run the file ./autogen.sh Now run ./configure
  • 12. 12 After configuration run ‘make’ command
  • 13. 13 After make run ‘make install’ aiengine is installed and configured now start the engine