How suricata combine with AI to write effective rules automatically?

Hi! I’m trying to implement a function in suricata. It can make suricata adjusts its rule bases or write new rules according to network condition by its own. This function may need help from AI like gpt, etc. So does suricata offer any interfaces to do this and how should I start?



I think as a start this idea / project needs a much more detailed set of goals and explanation of how it’s supposed to work.

Thanks for your idea! Actually, I have already got the tasks which need IDS system to realize.

We need to use appropriate machine learning or deep learning algorithms to detect anomalies and identify patterns. Base to my knowledge, suricata use static rule bases, but when meets some new flow rate attack, it may not have appropriate rules to defend.

So we want to use AI that give network condition data, detect some evil attack and train the AI model (whether it can be sampled by machine itself?). By this, we want this model can identify network attack, and write appropriate rules by this model .

I am a low grade student and trying to do some research in IDS (like suricata), thanks for your reply again.

1 Like