Poseidon was started as a joint effort by two IQT labs: Cyber Reboot and Lab41. His goal project is to explore approaches to identify better the nodes into one network computers and understand their behavior.
The project uses Software Defined networking and engineering learning to automatically record network traffic, extract relevant features from that traffic, perform classifications through trained models, transfer results and provide mechanisms for further action.
While the project works best utilizing modern SDNs, parts of it can still be used with a little more than pcap.
Poseidon was initially started as an experiment to test the benefits of using SDN techniques and machine learning to detect abnormal network behavior.
While this long-term goal remains, the unfortunate reality is that the state of the tagged, public and up-to-date network data sets for ML training is quite poor.
Developers are working to improve the availability of network training suites, but in the near future the project will remain focused, improving the accuracy of locating what a node is (based on IP header data) and development of Poseidon for the "utilization of machine learning techniques of the species for additional uses.
Installation
sudo usermod -aG docker $ USER curl -L https://raw.githubusercontent.com/CyberReboot/poseidon/master/bin/poseidon -o / usr / local / bin / poseidon chmod + x / usr / local / bin / poseidon export FAUCET_EVENT_SOCK = 1 export FAUCET_CONFIG_STAT_RELOAD = 1 sudo mkdir / opt / poseidon sudo cp config / poseidon.config / opt / poseidon
Use
$ poseidon help Poseidon, an application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. For more info visit: https://github.com/CyberReboot/poseidon Usage: poseidon [option] Options: -a, api get url to the Poseidon API -c, config display current configuration info -d, delete delete Poseidon installation ( uses sudo) -e, shell enter into the Poseidon shell, requires Poseidon to already be running -h, help print this help -i, install install Poseidon repo (uses sudo) -l, logs display the information logs about what Poseidon is doing -r, restart restart the Poseidon service (uses sudo) -s, start start the Poseidon service (uses sudo) -S, stop stop the Poseidon service (uses sudo) -u, update update Poseidon repo, optionally supply a version (uses sudo) -v, viz / visualize get url to visualize Poseidon with CRviz -V, version get the version installed
Information about the installation and use of the program, you will find here.