metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sml...@libero.it
Subject Re: Question about the customization of Metron with my machine learining algo.
Date Tue, 06 Jun 2017 16:27:25 GMT
Dear Mr Stella,


I didn't know who you are since today when I read more about you.

So first, thanks for your time answering to my previous post.

Here below, there are some other questions, because I read the available guidelines about
Metron focusing on Maas but for me it is not clear how to deploy my ML model into this tool.

Is there anyway where I can find more details?

thanks for anyone that would help me.

Best regards,

Simone

> Il 5 giugno 2017 alle 19.21 smlabs@libero.it ha scritto:
> 
> 
>     Hello Casey,
> 
>     your answer makes something more clear, but not at all.
> 
>     My question about ML models was because somewhere on the web I read that Metron comes
with ML.
>     But maybe it's better to say that it supports ML models.
> 
>     If I understood well, I can run Metron in a virtual machine connected to my network.
With NIFI I can select the protocols/packets that I would store (similar as Wireshark does).
> 
>     Then, I do not understand how to fill the data in to the ML algorithm.
> 
>     Can you try to explain me something more, or indicate any tutorial that can explain
the implementation process.
> 
>     For example if I have an SVM algo that I would test into Metron and that ML algortihm
has been developed in python using scikit-py.
> 
>     How can I do that?
> 
>     Thank you and I'm sorry for the very basic question.
> 
>     Best Regards,
> 
>     Simone
> 
>         > > 
> >         Il 5 giugno 2017 alle 18.45 Casey Stella <cestella@gmail.com> ha scritto:
> > 
> >         We do not ship any ML models currently with metron, just the infrastructure
> >         to deploy your own models and interact with those models from within
> >         Metron. That being said, you might be interested in
> >         https://gist.github.com/cestella/8dd83031b8898a732b6a5a60fce1b616 That's
> >         the code to take a DGA model written in scikit-learn from
> >         https://github.com/ClickSecurity/data_hacking/tree/master/dga_detection
and
> >         suitable for deployment via MaaS.
> > 
> >         If you want more information about MaaS, I'll be giving a talk on it next
> >         week at DataWorks Summit and that deck will be public.
> > 
> >         On Mon, Jun 5, 2017 at 12:09 PM, <smlabs@libero.it> wrote:
> > 
> >             > > > 
> > >             Hello Simon,
> > > 
> > >             thank you for your prompt replay and for the link as well.
> > > 
> > >             I'm more confortable with Python.
> > > 
> > >             May I ask you if there is any example in python that I use as template
to
> > >             receive network packets and then implement the machine learning
algorithm?
> > > 
> > >             Moreover, where can I find documentation about the ML algorithm
already
> > >             implemeneted into the Metron?
> > > 
> > >             Best Regards,
> > > 
> > >             Simone
> > > 
> > >                 > > > > 
> > > >                 Il 5 giugno 2017 alle 18.00 Simon Elliston Ball <
> > > >                 simon@simonellistonball.com> ha scritto:
> > > > 
> > > >                 Hi Simone, and welcome to the community.
> > > > 
> > > >                 There are a number of extension points in Metron, the
key ones being
> > > >                 around machine learning. I suggest taking a look at
> > > >                 https://github.com/apache/metron/tree/master/metron-
> > > >                 analytics/metron-maas-service for more information about
the model as a
> > > >                 service. This is the bit that helps you add models in
pretty much any
> > > >                 language that will run in a yarn container (python, R
and spark models are
> > > >                 probably the most popular).
> > > > 
> > > >                 Hope that helps, and looking forward to hearing more about
your
> > > >                 research, and any contributions you feel like adding to
the community.
> > > > 
> > > >                 Simon
> > > > 
> > > >                     > > > > > 
> > > > >                         > > > > > > 
> > > > > >                         On 5 Jun 2017, at 16:54, smlabs@libero.it
mailto:
> > > > > >                         smlabs@libero.it wrote:
> > > > > > 
> > > > > >                     > > > > > 
> > > > >                     Dear community,
> > > > > 
> > > > >                     my name is Simone and I'm researcher in the field
of
> > > > >                     cybersecurity.
> > > > > 
> > > > >                     I've just read about Apache Metron and I would
ask:
> > > > > 
> > > > >                         * does it use machine learning or artificial
intelligence?
> > > > > 
> > > > >                         * can I extend the machine learining algo
already present into
> > > > >                           the Metron with mines?
> > > > > 
> > > > >                         * which is the language that I have to use
to extend Metron
> > > > >                           with my algorithms?
> > > > > 
> > > > >                           Thank you.
> > > > > 
> > > > >                           Best Regards,
> > > > > 
> > > > >                           Simone
> > > > > 
> > > > >                           >
> > > > > 
> > > > >                 > > > > 
> > > >             > > > 
> > >         > > 
> >     > 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message