Idea for GSOC 2013

[Muhammad Junaid Muzammil <mjunaidmuzammil () gmail com>]

Hello,

I am Junaid from National University of Sciences and Technology, Pakistan.
Currently I am a student of MS Electrical Engineering.

*I have an idea for developing an anomaly detector that can be used for the
detection of zero day attacks (where rule based IDS fails). This will
utilize the application of stochastic and machine learning concepts. A base
line model will be generated on the basis of classification algorithm from
a training data set. The training data set represents the statistical
discriminators as indicated in [1]. Due to multi dimensional nature of the
problem, the classification of traffic (whether it falls into friendly or
hostile class) depends upon multiple features. Hence, Bayesian Chain
Classifier appears to be a suitable candidate (work is in progress) [2].*
*
*
*The implementation will include Bayesian Chain Classifier, Machine
learning mechanism from training data set (format of training data set will
be ARFF as in [1]), testing over real network traffic.  The programming
languages will be C/C++. Test cases will be generated using Python Scapy
lib.*
*
*
*References:*
*[1] A. Moore, D. Zuev and M. Crogan, “Discriminators for use in flow based
Classification,” Queen Marry University of London, August 2005, ISSN
1470-5559*
*
*
*[2] J. H. Zaragoza, L. E. Sucar, E. F. Morales, C. Bielza and P.
Larranaga, "Bayesian Chain Classifiers for Multidimensional
Classification," Proceedings of 22nd International Joint Conference on
Artificial Intelligence.*

I would like to have feedback over this idea. I think that this will not be
able to meet up the three month gsoc timeline.

Regards,
Junaid
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/