Anomaly-Based Intrusion Detection Workbench 🔍

This is a workbench for the research and development of Anomaly-Based Intrusion Detection Systems.

Demo

Some Features 📋

• Easily develop complete & usable machine learning and deep learning pipelines 🧠
• Utilize 3rd Party Datasets (such as NSL-KDD, KDD-99, ISCX-NBXX) 📊
• Connect and import CSV datasets through your AWS S3 buckets 🗃️
• Perform Live Packet Capture & predict network attacks using your developed ML/DL Model! ☢️🔍
• Export comparative Metrics of executed pipelines 📑
• Simple and Intuitive GUI 🖥️
• Cloud-Deployable ☁️
• Tons of Data exploration, preprocessing, machine learning, and deep learning tools! 💻
• Cross-Platform usability 💻📱🖥️

Tested Platforms 🖥️

• Deployed on Windows 10 (20H2), Mac OS 10.14, Ubuntu 18.04/20.04
• Access through any device with your browser of choice (tested on Firefox, Safari, MS Edge, Chrome, Opera).

Installation 📜

• Install requirements:

pip install requirements.txt

Usage⌨️

• Run app:

streamlit run app.py

• Use through your browser of choice.

• Or Try a ready cloud-deployed instance here

Packet Capture Dependencies 🔍

• Libpcap:

pip install libpcap-dev

• GCC (installation instructions)
• KDD Feature extractor (repo or use my prebuilt repo)

note: please make sure the KDD Feature extractor is in the root directory (ex: ~/Kdd99-Feature-Extractor-Prebuilt/kdd99_feature_extractor-master)

Published literature:

M. S. Abdel-Wahab, A. M. Neil and A. Atia, "A Comparative Study of Machine Learning and Deep Learning in Network Anomaly-Based Intrusion Detection Systems," 2020 15th International Conference on Computer Engineering and Systems (ICCES), 2020, pp. 1-6, doi: 10.1109/ICCES51560.2020.9334553.