Poseidon was started as a joint effort by two IQT labs: Cyber Reboot and Lab41. The aim of the project is to explore approaches to better identify nodes in a computer network and to understand their behavior.
The project uses Definite Software networking and machine learning to automatically record network traffic, extract relevant features from this traffic, perform classifications through trained models, transfer results and provide mechanisms for further action.
While the project works best utilizing modern SDNs, parts of it can still be used with a little more than pcap.
Poseidon was initially started as an experiment to test the benefits of using SDN techniques and machine learning to detect abnormal network behavior.
While this long-term goal remains, the unfortunate reality is that the state of the tagged, public and up-to-date network data sets for ML training is quite poor.
Developers are working to improve the availability of network training suites, but in the near future the project will remain focused, improving the accuracy of locating what a node is (based on IP header data) and development of Poseidon for the "utilization of machine learning techniques of the species for additional uses.
sudo usermod -aG docker $ USER curl -L https://raw.githubusercontent.com/CyberReboot/poseidon/master/bin/poseidon -o / usr / local / bin / poseidon chmod + x / usr / local / bin / poseidon export FAUCET_EVENT_SOCK = 1 export FAUCET_CONFIG_STAT_RELOAD = 1 sudo mkdir / opt / poseidon sudo cp config / poseidon.config / opt / poseidon
$ poseidon help Poseidon, an application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. For more info visit: https://github.com/CyberReboot/poseidon Usage: poseidon [option] Options: -a, api get url to the Poseidon API -c, config display current configuration info -d, delete delete Poseidon installation ( uses sudo) -e, shell enter into the Poseidon shell, requires Poseidon to already be running -h, help print this help -i, install install Poseidon repo (uses sudo) -l, logs display the information logs about what Poseidon is doing -r, restart restart the Poseidon service (uses sudo) -s, start start the Poseidon service (uses sudo) -S, stop stop the Poseidon service (uses sudo) -u, update update Poseidon repo, optionally supply a version (uses sudo) -v, viz / visualize get url to visualize Poseidon with CRviz -V, version get the version installed
Information about the installation and use of the program, you will find here..