Welcome to AIEngine wiki page

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. AIEngine helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Malware analysis, Traffic classifiers and so on.

The aim of this wiki is to have a guide of how to use the engine with multiple languages, environments and so on. Feel free to provide use cases that have been value for you.

Binary

• For command line examples check the wiki page

  https://bitbucket.org/camp0/aiengine/wiki/ExtractInformation

• Metasploit encoders(generation and detection)

  https://bitbucket.org/camp0/aiengine/wiki/Metasploit

• Malware Analysis Part 1

  https://bitbucket.org/camp0/aiengine/wiki/Malware%20Analysis%20Part%201

Python API

AIEngine is written in c++11 and Python, so by using the flexibility of Python, AIEngine could be integrated easily with other functionalities and modules in a easy way.

For advance configurations check the configuration wiki page

https://bitbucket.org/camp0/aiengine/wiki/Configurations

• Example of the interactive shell functionality

  https://bitbucket.org/camp0/aiengine/wiki/InteractiveShellPython

• Example of integration with non relational databases (Redis, Cassandra, Hadoop,...)

  https://bitbucket.org/camp0/aiengine/wiki/DatabaseIntegrationPython

• Example for multicore systems

  https://bitbucket.org/camp0/aiengine/wiki/MulticoreStacksPython

• Example for detect mobile malware

  https://bitbucket.org/camp0/aiengine/wiki/MobileMalwarePython

• Example for detect Zeus Malware

  https://bitbucket.org/camp0/aiengine/wiki/ZeusMalwarePython

• Example for detect malware on Cloud/Virtual environments

  https://bitbucket.org/camp0/aiengine/wiki/VirtualCloudMalwareBasedDetectionPython

• Example for detect the SSL Heartbeat vulnerability

  https://bitbucket.org/camp0/aiengine/wiki/SSLHeartbeatsPython

• Example of IPSet/IPBloomSet by detecting Tor activity on networks

  https://bitbucket.org/camp0/aiengine/wiki/TorNetworkPython

• Example of DNS Hijack on virtual/cloud networks.

  https://bitbucket.org/camp0/aiengine/wiki/DNSHijackingPython

• Example for query the network on real time

  https://bitbucket.org/camp0/aiengine/wiki/EasyQueryEnginePython

• Example for detect DDoS attacks.

  https://bitbucket.org/camp0/aiengine/wiki/DDoSAttacksPython

If you are interested on some extra examples of functionality just let us know! Have fun!

Ruby API

AIEngine is written in c++11 and Ruby also, so you can integrate it with your ruby code.

• Example for detect mobile malware

  https://bitbucket.org/camp0/aiengine/wiki/MobileMalwareRuby

• Example of IPSet/IPBloomSet by detecting Tor activity on networks

  https://bitbucket.org/camp0/aiengine/wiki/TorNetworkRuby

• Example of integration with non relational databases (Redis)

  https://bitbucket.org/camp0/aiengine/wiki/DatabaseIntegrationRuby

• Example for detect the SSL Heartbeat vulnerability

  https://bitbucket.org/camp0/aiengine/wiki/SSLHeartbeatsRuby

• Example for detect DDoS attacks.

  https://bitbucket.org/camp0/aiengine/wiki/DDoSAttacksRuby

Java API

AIEngine is written in c++11 and Java also, so you can integrate it with your java code.

• Example for detect mobile malware

  https://bitbucket.org/camp0/aiengine/wiki/MobileMalwareJava

• Example of integration with non relational databases (Redis)

  https://bitbucket.org/camp0/aiengine/wiki/DatabaseIntegrationJava