i would like to build a network intrusion detection system on linux my end goal is to detect some irregular network activiy (scan or ddos) im terrible at programming and this is the maximum i think i can do i think it would be possible to use machine l

Name
Email	Spoiler Image
Comment
File
Password	(For file deletion.)

File: 1770518184230-0.jpg(59 KB, 330x496, guin.jpg)

Linux ML-AI NIDS Rainon 08/02/26 02:36:24 No.42

i would like to build a network intrusion detection system on linux my end goal is to detect some irregular network activiy (scan or ddos) im terrible at programming and this is the maximum i think i can do

i think it would be possible to use machine learning for pattern detection and ai for a attack summary but i dont know what to use for packet capture and im scared of eBPF and the documentation i see isnt friendly

anyone have tooling suggestions or tutorials? the project i think is most similar is sharpeye but maybe someone knowns something else

lost

Rainon 08/02/26 06:12:19 No.43

automated nids doesn't make any sense on a small scale
generating a statistical overview is good enough
just look at it yourself
a list of all ips will give enough insight to notice anything being wrong

Rainon 08/02/26 06:15:22 No.44

have something that also logs the processes associated with the ips on the server that might get intruded
that can also make it very obvious something went wrong if an unknown process starts making connections

Rainon 09/02/26 02:08:25 No.45

thank you rainon(s)

one will try