macOS-based Intrusion Detection System using machine learning for adaptive network security
Project description
MacIDS - macOS Intrusion Detection System
MacIDS is a comprehensive network monitoring and intrusion detection system designed specifically for macOS. It provides real-time network traffic analysis, application identification, and visualization tools to help users monitor and secure their network connections.
Features
- Real-time Network Monitoring: Capture and analyze network traffic on your macOS system in real-time
- Application Identification: Identify which applications are generating network traffic
- Website Tracking: Monitor and analyze websites and domains accessed from your system
- Geolocation Visualization: See where your network connections are going on a world map
- Data Export: Export connection data for further analysis
Requirements
- macOS 10.14 or newer
- Python 3.7+
- Administrator privileges (for packet capture functionality)
Installation
Using pip
pip install MacIDS
From source
git clone https://github.com/Nandhan-KA/MacIDS.git
cd MacIDS
pip install -e .
Usage
Network Monitor
To start the network monitoring tool:
sudo macids-netmon
Administrator privileges are required for capturing network packets.
You can also run it through Python:
sudo python -m macids.netmon
How It Works
MacIDS uses Scapy to capture and analyze network packets at the system level. The application identifies processes associated with network connections, resolves domain names, and provides geographical information about connections.
Key components:
- Packet capture engine using Scapy
- Process-connection correlation
- Domain name resolution
- Geolocation services
- Interactive visualization using Matplotlib and Tkinter
Key Differences from WinIDS
- Uses Scapy for packet capture instead of WinDivert
- Adapted for macOS network stack and process management
- Updated UI to match macOS design patterns
- Modified packet handling for macOS network architecture
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgments
- Original WinIDS project by Nandhan K
- MaxMind for GeoLite2 geolocation data
- Scapy project for packet manipulation tools
- Matplotlib for visualization components
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file macids-1.2.tar.gz.
File metadata
- Download URL: macids-1.2.tar.gz
- Upload date:
- Size: 18.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3a3cb87cd9d6d92900c5a9ba662803de14e1f18e63e41fa9e259047bf33f8de4
|
|
| MD5 |
f21d45594008381e7f1c4575775c1455
|
|
| BLAKE2b-256 |
8c3a66f7a7bc0b48ec82ae84e45ff420163cc97561bf0b86c9ac13f5d018a2a4
|
File details
Details for the file macids-1.2-py3-none-any.whl.
File metadata
- Download URL: macids-1.2-py3-none-any.whl
- Upload date:
- Size: 20.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
98da404e65c7db85b6bf02e9ad6d53b2bbe7f4540858a8c0c72f2dc0414899a8
|
|
| MD5 |
8549892400477662215ed43cef1cbb77
|
|
| BLAKE2b-256 |
810cffcb932d75087c46c6c1d25e64f21e685e83ce9923257f87fc628270d2ab
|
