Feature #4770: eve: specialized output for ML on packet sizes and similar properties - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #4770

open

VJ CT

eve: specialized output for ML on packet sizes and similar properties

Feature #4770: eve: specialized output for ML on packet sizes and similar properties

Added by Victor Julien over 4 years ago. Updated almost 2 years ago.

Status:

New

Priority:

Normal

Assignee:

Community Ticket

Target version:

TBD

Effort:

Difficulty:

Label:

Description

Following Johan Mazel's Suricon 2021 talk on detecting protocols inside various encrypted (VPN) protocols, he mentioned that it would be helpful if Suricata would output some of the features the models use.

To be updated based on the paper/slides to include the actual features.

Related issues 1 (1 open — 0 closed)

History
Property changes

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
#1

Related to Task #4762: Suricon 2021 brainstorm added

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
#2

Assignee set to Community Ticket
Target version set to TBD

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #4770

eve: specialized output for ML on packet sizes and similar properties

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
#1

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
#2

Project

General

Profile

Suricata

Custom queries

Feature #4770

eve: specialized output for ML on packet sizes and similar properties

VJ Updated by Victor Julien over 4 years ago ActionsCopy link #1

PA Updated by Philippe Antoine almost 2 years ago ActionsCopy link #2

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
#1

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
#2