AIEngine – Network Monitoring Tool

0

AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go intrusion detection system engine with capabilities of without any human intervention, DNS domain classification, Spam detection, collector, forensics and many others.

AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

The main functionalities of AIEngine are:

  • Support for interacting/programming with the user while the engine is running.
  • Support for PCRE JIT for regex matching.
  • Support for regex graphs (complex detection patterns).
  • Support five types of NetworkStacks (lan,,lan6,virtual and oflow).
  • Support Sets and Bloom filters for IP searches.
  • Supports x86_64, ARM and MIPS architecture over operating systems such as , FreeBSD and MacOS.
  • Support for HTTP,DNS and SSL Domains matching.
  • Support for banned domains and hosts for HTTP, DNS, SMTP and SSL.
  • Frequency analysis for unknown traffic and auto-regex generation.
  • Generation of Yara signatures.
  • Easy integration with databases (MySQL, Redis, Cassandra, Hadoop, etc…) for data correlation.
  • Easy integration with other packet engines (Netfilter).
  • Support memory clean caches for refresh stored memory information.
  • Support for detect DDoS at network/application layer.
  • Support for rejecting TCP/UDP connections.
  • Support for network forensics on real time.
  • Supports protocols such as Bitcoin, CoAP, DHCPv4/DHCPv6, DNS, GPRS, GRE, HTTP, ICMPv4/ICMPv6, IMAP, IPv4/v6, Modbus, MPLS, MQTT, Netbios, NTP, OpenFlow, PPPoE, POP, Quic, RTP, SIP, SMB, SMTP, SSDP, SSH, SSL, TCP, UDP, VLAN, VXLAN.

You might also like

Leave A Reply

Your email address will not be published.