Machine Learning Anomaly Detection System
Project description
Machine Learning for Anomaly Detection in Network Traffic
A Final Year Project by Luke Morris
An overview
I will be attempting to create a solution including machine learning to detect anomalies in a given dataset of network traffic. This will involve picking apart a PCAP provided by the user or using (wire|t)shark / tcpdump to read packets directly from the network to provide the machine learning algorithm with data. The ML algorithm will then be able to 'learn' normal traffic sequences. This enables the algorithm to determine when an anomaly is detected and thus alert the owner of the network.
This project will be in the form of:
- A final report including a literature review
- This software
- A portfolio including meeting minutes, CV and a self review
The software provided in this project contains a database, a machine learning algorithm trained to detect anomalies in a PCAP file, and a system to alert users.
Installing the software
This software is available on PyPI as mlads_lukem_fyp and can be installed using pip:
pip install mlads_lukem_fyp
Running the software
To run the software and begin detecting anomalies, run the MLADS.py file from the mlads_lukem_fyp directory.
Alternatively:
>>> from mlads_lukem_fyp.MLADS import start_mlads
>>> start_mlads()
Using MLADS
View Alerts
The page used to view previous alerts or detections by the software. Alerts can be searched through using the fields at the top of the page.
When an alert is highlighted, further details on the alert can be viewed.
Analyse PCAPs
PCAP files can be 'uploaded' to the software. The file is fed through a feature extractor into a CSV that is then used by the machine learning algorithm.
Alerts are generated and sent via SMS and email. These alerts can also be viewed in the 'View Alerts' page.
This page runs very slowly when loading a large file, please be patient.
Edit Contacts
The contacts to be alerted when the software detects anomalies are kept up to date here, and contacts stored in a database.
Live Capture
Coming soon...
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file mlads-lukem-fyp-1.0.5.tar.gz.
File metadata
- Download URL: mlads-lukem-fyp-1.0.5.tar.gz
- Upload date:
- Size: 21.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.7.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 51530d8fe96b1a90e576e555be56af9a2d065ccc53c768a4428de8ee69e07939 |
|
| MD5 | 084514f76b948095b86d9055537de697 |
|
| BLAKE2b-256 | 4845d2d60fa517e0b6b7b78aa28152ae7fd99533f6a46a5f0aada9ba7aa5fb3c |
File details
Details for the file mlads_lukem_fyp-1.0.5-py2.py3-none-any.whl.
File metadata
- Download URL: mlads_lukem_fyp-1.0.5-py2.py3-none-any.whl
- Upload date:
- Size: 42.3 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.48.0 CPython/3.7.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6c88cf39395401b1c610e38823e45af6a533919e69a16fd71ea014fd7f40c69e |
|
| MD5 | a55ca80f2a32f76ef9368a964092b4df |
|
| BLAKE2b-256 | 28ebf3714fd49da2873c93e89487be06ed4efd1295e6bf85cc423c754339521a |
