Develop machine learning module

I want develop a machine learning plugin for suricata that give data from streaming and decoding engine, analysis data and attach result to the suricata output engine. But I can’t find any document for explain engines and work with them. Can you guide or send me a document to do this?
I have attached the model to this message.

I saw the link below explained the pcap output should be used:
https://forum.suricata.io/t/how-to-add-anomaly-detector-in-suricata/1682
Can I then add the result to the output?

and in the below link explained the api will develop on suricata 7:
https://forum.suricata.io/t/suricon-2020-brainstorm-report/884

مدل اجرا886×393 8.67 KB

Amir, Im interested in your machine learning module idea, can we chat.

Yes, Sure. But I am a beginner in this field and I have little information.

Really interesting idea, here is a link to a white paper you might find interesting.

https://www.researchgate.net/publication/357785493_A_Suricata_and_Machine_Learning_Based_Hybrid_Network_Intrusion_Detection_System

thanks, Joseph
Many of dataset for ML in IDS fields, generate with CICFlowMeter. I am working on link suricata and FlowMeter logs.

Hello M. can you help me to have this document by sending me the PDF version by email please? I can’t download and I really need it for my dissertation. Thank you very much

my email address: ghissohounmenou@gmail.com

Hello M., how are you? Have you made progress on the project? how to integrate the plugin with Suricata? and how the streaming and decoding engine works.

Hello, do you have documents about this work? I’m starting to research but I don’t see many documents about this issue. my email: hoangngocdanh.010999@gmail.com. thank you!

Hello, did you complete this project? I need your help in this please help.