The main idea of this project is using bioinformatic features in detecting masquerading attacks.
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
git clone https://github.com/Dr-Livsey/dna_ids.git
cd dna_ids
pip3 install -r requirements.txt
python run.py -h
Let you dataset located in datasets/CSV/IEEE-IoT/dos-syn-flooding-1 folder. So, running options of this IDS suit will be the next:
py -3 run.py \
--train_dataset datasets/CSV/IEEE-IoT/dos-syn-flooding-1/train.csv \
--test_dataset datasets/CSV/IEEE-IoT/dos-syn-flooding-1/test.csv \
--codetable datasets/CSV/IEEE-IoT/dos-syn-flooding-1/codetable.json
If you want to do test analysis of the IDS use the "--test_dataset" option.
To test this IDS prepare you datasets folders in the following way. For example, let we have 2 datasets to test. Firstly, put them into different folders, each of which should be contains 3 files:
- train.csv - Train subset
- test.csv - Test subset
- codetable.json - Will be used in process of encoding traffic into DNA sequences.
So, we have 2 folders. For example:
- datasets/CSV/IEEE-IoT/dos-syn-flooding-1
- datasets/CSV/IoT/mirai-httpflooding-1
To run IDS test suit for above folder structure, use:
py -3 scripts/ids_test.py --dir datasets
This run will produce metrics.csv file with IDS characteristics which will be located in each above folder.
- Implement interfaces for Dataset and IDS classes
- Implement multithreaded searching of the best signature
- Use "Builder" pattern when implementing the main IDS algo
- To implement Smith-Waterman local alignment
- Smith-Waterman & Needleman–Wunsch comparasion
- Add ROC-curve metric
- IEEEDataPort IoT Network Intrusion Dataset
- Stratosphere Lab Malware on IoT Dataset
- NSW Canberra The BoT-IoT Dataset
- Biopython - Main python module to work with DNA sequences