Machine learning powered network traffic analysis software. Trained on individual services i.e. HTTP Servers, DNS etc, to decrease the problem space and increase accuracy (reduced false positives). Reduced false positives are a requirement for commercial viability.
Implemented in Ruby with some C. Redis, Mongo, SQL and microservices backend.
- Bloodlust - ML implementation
- Backbone - Public API
- Agents - Client side agents
- Attrition Log Server - Internal API for processing logs
- Battlefield - ML Features processing (implemented in C)