Intrusion Detection System with Machine Learning
It is important to launch this project with the python virtual environment (.venv). If your python interpreter
## Packages needed to be installed:
- `scapy`
- `duckdb`
- `sklearn`
- `seaborn`
- `matplotlib`
- `numpy`
- `scikit-learn`
- `pandas`
- `tkinter`
- `os`
- `sys`
## Modules Roadmap:
- [X] Module 1: Package capture
- [X] Module 2: Rule-based detection
- [X] 1. Checksom Verification
- [X] 2. Payload Pattern Matching
- [X] 3. Rate-Based Anomaly Detection
- [X] 4. Malformed Packet Detection
- [X] 5. ICMP Flood Detection
- [X] 6. DNS Spoofing Detection
- [X] 7. ARP Spoofing Detection
- [X] 8. Protocol-Specific Anomalies
- [X] 8.1 Fragment checks
- [X] 8.2 Valid Handshake Check
- [X] 9. Content-Learning Mismatch
- [X] Additional checks:
- IP Spoofing Detection
- SYN FIN Combination Detection
- null Packet Detection
- Malicious Ports Detection
- More DNS Spoofing Detection
- Destination Checks
- TCP reset Detection
- [X] Module 3: Anomaly-based detection
- [X] Logistic Regression
- [X] Decision Tree Classifier
- [X] KNN
- [X] Random Forest