Re: ML features for Metron

Haven't seen one. Hence I started a thread. Metron is a community project so please feel free to start a google doc. And then we can get feedback from the users. Thx Debo Sent from my iPhone > On Jun 9, 2016, at 12:28 PM, Yazan Boshmaf wrote: > > Do we have a roadmap

Re: ML features for Metron

Do we have a roadmap for ML support in Metron? If not, how someone reach out to existing users of Metron and get more input so that we at least collect functional requirements? >From my side, I can share some of the nice-to-have features from a research perspective (i.e., feature that would make

Re: ML features for Metron

Thx Egon. The idea of labeled data collection is awesome, else we have to resort to unsupervised alone. Maybe one of the things the website could do is to point to labeled data contributed by users of Metron. On Mon, Jun 6, 2016 at 12:03 AM, Egon Kidmose wrote: > Hi all, > >

Re: ML features for Metron

Thanks Yazan ... these seem like great use cases. Online clustering/classification makes sense and Metron could leverage Spark On Sat, Jun 4, 2016 at 8:02 AM, Yazan Boshmaf wrote: > One use case of Apache Metron (or OpenSOC) is to analyze amplification DDoS > attacks

Re: ML features for Metron

Hi all, I'd be interested in joining that discussion. I'm a phd student applying ML in the security monitoring domain. It is my expectation that I'll be able to contribute with some event correlation and alert filtering methods. (Corelation: Finding events that are relevant to each other.

Re: ML features for Metron

One use case of Apache Metron (or OpenSOC) is to analyze amplification DDoS attacks . With honeypots as information sources (e.g., AmptPot ), you have the typical UDP/IP

Re: ML features for Metron

I'm in On Sat, Jun 4, 2016, 09:53 Yazan Boshmaf wrote: > Me too. > > On Sat, Jun 4, 2016 at 9:43 AM, Franck Vervial wrote: > > > hi, > > > > i am interested. > > > > regards > > On Fri, 3 Jun 2016 at 3:43 PM, Debo Dutta (dedutta) > >