AIEngine v1.8.0 - Artificial Inteligent Engine.

AIEngine v1.8.0 – Artificial Inteligent Engine.

Changelog aiengine v1.8.0 15/7/2017:
+ Support for extract TXT records from DNS, fix minor issue in OpenFlow and clean code.
– Support for Point to Point over Ethernet protocol.
– Support for multiple schedulers (multiple Timers).
– Support for Radix trees on IP lookups (https://github.com/ytakano/radix_tree).
– Support for SMB(Server Message Block) protocol.
– Support for DHCPv6.
– Provide assign IP address on the DHCP.
– Minor issues and fixes on the SSL.
– Minor Fixes and performance improvements on HTTP/SIP/POP/IMAP and SMTP.

aiengine v1.8.0

AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua packet inspection engine with capabilities of learning without any human intervention, NIDS(Network Intrusion Detection System) functionality, DNS domain classification, network collector, network forensics and many others.
AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

AIEngine v1.7

AIEngine v1.7

The main functionalities of AIEngine are:
* Support for interacting/programing with the user while the engine is running.
* Support for PCRE JIT for regex matching.
* Support for regex graphs (complex detection patterns).
* Support five types of NetworkStacks (lan,mobile,lan6,virtual and oflow).
* Support Sets and Bloom filters for IP searches.
* Supports x86_64, ARM and MIPS architecture over operating systems such as Linux, FreeBSD and MacOS.
* Support for HTTP,DNS and SSL Domains matching.
* Support for banned domains and hosts for HTTP, DNS, SMTP and SSL.
* Frequency analysis for unknown traffic and auto-regex generation.
* Generation of Yara signatures.
* Easy integration with databases (MySQL, Redis, Cassandra, Hadoop, etc…) for data correlation.
* Easy integration with other packet engines (Netfilter).
* Support memory clean caches for refresh stored memory information.
* Support for detect DDoS at network/application layer.
* Support for rejecting TCP/UDP connections.
* Support for network forensics on real time.
* Supports protocols such as Bitcoin,CoAP,DHCP,DNS,GPRS,GRE,HTTP,ICMPv4/ICMPv6,IMAP,IPv4/v6,Modbus, MPLS,MQTT,Netbios,NTP,OpenFlow,POP,Quic,RTP,SIP,SMTP,SSDP,SSL,TCP,UDP,VLAN,VXLAN.

Requirement:
+ Libboost
+ gcc and g++5.x

The system provides the following enable/disable functionalities depending your requirements.
–enable-tcpqos enable TCP QoS Metrics support for measure the QoS of connections.
–enable-bloomfilter enable bloom filter support for IP lookups. This option should have the correct libraries.
–enable-fscompress enable flow serialization compression support for minimize the amount of data write when using DatabaseAdaptors on the library.
–enable-reject enable TCP/UDP reject connection support for break establish connections on StackLans and StackLanIPv6 objects.
–enable-pythongil enable Python Gil support for multithreading applications.
–enable-staticmemory enable static/fixed memory support for systems with low memory requirements (256 Bytes slot).
–disable-releaseflows disable release flow support, for make static analisys of network flows, for pcap file analysis.
Use and download from source:

Source: https://bitbucket.com/camp0 | Our Post Before