DeepReTiNA stands for Real-Time Anomaly Detection IDS with a Deep and comprehensive study on the CSE-CIC-IDS2018 Dataset. Click here to read the related paper.
The main contribution is the creation of a classifier model that has been integrated in the CICFlowMeter tool, originally developed by A. H. Lashkari (CICFlowmeter-V4.0) to detect Real-Time cyber-attacks and act as a simple Intrusion Detection System (IDS).
The dataset training has been developed in a Google Colab document and it is provided on the GitHub repository as a Juniper file (.ipynb). Simply import it into Google Colab to start working on it.
The modified version of the CICFlometer tool is developed in Java. Please make sure a Java JDK is installed in your machine additionally with Apache Maven. Then clone this repository as follows:
git clone https://github.com/erikmurtaj/DeepReTiNA.git
Please make sure WinCap is installed in your machine. If not install the latest version and re-start the computer.
Move to the DeepReTiNA/CICFlowMeter-classifier/jnetpcap/win/jnetpcap-1.4.r1425 folder. Then run:
mvn install:install -file -Dfile=jnetpcap.jar -DgroupId=org.jnetpcap -DartifactId=jnetpcap -Dversion=1.4.1 -Dpackaging=jar
Move to the DeepReTiNA/CICFlowMeter-classifier/jnetpcap/linux/jnetpcap-1.4.r1425 folder. Then run:
sudo mvn install:install -file -Dfile=jnetpcap.jar -DgroupId=org.jnetpcap -DartifactId=jnetpcap -Dversion=1.4.1 -Dpackaging=jar
Run eclipse with sudo in Linux or as administrator in Windows. Then:
1. Right click App.java -> Run As -> Run Configurations -> Arguments -> VM arguments:
-Djava.library.path="* jnetpcap_path *" -> Run
2. Right click App.java -> Run As -> Java Application
Replace the “jnetpcap_path“ string with the following path for Linux:
"* pathtoproject */jnetpcap/linux/jnetpcap-1.4.r1425"
Or with the following string for Windows:
"* pathtoproject *\jnetpcap\win\jnetpcap-1.4.r1425"
Where the “pathtoproject“ referes to the location the project have been saved, in particular of the CICFlowmeter-classifier folder. For example:
"C:\user\Documents\DeepRetina\CICFlowmeter-classifier"
Open a Terminal in the IDE and for Linux run the following commands:
$ sudo bash
$ ./gradlew execute
Instead for Windows run:
$ gradlew execute
At the project root run the following command:
mvn package
Open a Terminal in the IDE and for Linux run the following command:
$ ./gradlew distZip
Instead for Windows run:
$ gradlew distZip