Poseidon was started as a joint effort by two IQT labs: Cyber Reboot and Lab41. The aim of the project is to explore approaches to better identify nodes in a computer network and to understand their behavior.
The project uses Software Defined networking and machine learning to automatic καταγραφή της κίνησης του δικτύου, export relevant features from this release, performing classifications through trained models, transferring results and providing mechanisms for further action.
While the project works best utilizing modern SDNs, parts of it can still be used with a little more than archives package commitment (pcap).
Poseidon was initially started as an experiment to test the benefits of using SDN techniques and machine learning to detect abnormal network behavior.
While this long-term goal remains, the unfortunate reality is that the state of the tagged, public and up-to-date network data sets for ML training is quite poor.
Developers are working to improve the availability of network training kits, but in the near future the project will remain focused, improving the accuracy of locating what a node is (with base the data of the header obtained from IP) and the development of Poseidon for the "utilization of machine learning techniques of the species for additional uses.
Installation
sudo usermod -aG docker $ USER curl -L https://raw.githubusercontent.com/CyberReboot/poseidon/master/bin/poseidon -o / usr / local / bin / poseidon chmod + x / usr / local / bin / poseidon export FAUCET_EVENT_SOCK = 1 export FAUCET_CONFIG_STAT_RELOAD = 1 sudo mkdir / opt / poseidon sudo cp config / poseidon.config / opt / poseidon
Use
$ poseidon help Poseidon, an application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. For more info visit: https://github.com/CyberReboot/poseidon Usage: poseidon [option] Options: -a, api get url to the Poseidon API -c, config display current configuration info -d, delete delete Poseidon installation ( uses sudo) -e, shell enter into the Poseidon shell, requires Poseidon to already be running -h, help print this help -i, install install Poseidon repo (uses sudo) -l, logs display the information logs about what Poseidon is doing -r, restart restart the Poseidon service (uses sudo) -s, start start the Poseidon service (uses sudo) -S, stop stop the Poseidon service (uses sudo) -u, update update Poseidon repo, optionally supply a version (uses sudo) -v, viz / visualize get url to visualize Poseidon with CRviz -V, version get the version installed
Information about the installation and use of the program, you will find here.