We wanted to create a product that could detect intruders earlier and more efficiently than many on the market today.
What it does
Our product detects anomalies in the network before reaching the host through the use of machine learning. It is meant to understand the normal network traffic and can detect abnormalities and differentiate the attacks into categories and can display it through a graph.
How we built it
We built our project using the sci-kit libraries from python to train our machine learning algorithm. We used data from the Nebraska Applied Research Institute to train our algorithm.
Challenges we ran into
Challenges were how to make the product as full-proof as possible. We needed to make it appealing, but also not too user interactive to decrease the amount that a user, or hacker, may alter the settings for the sake of security. It also needed to be able to update regularly and conveniently so to make it consistently secure. In order to create a more robust machine learning model, this required being able to differentiate key "features" that our algorithm could use to tell malicious network activity from normal behavior. A major challenge in this was determining what made malicious, or anomalous behavior, recognizable. How we approached this problem was through visualization of network (packets) data. By plotting and comparing good behavior against network attacks for various correlations, we were able to see certain features we could use to train our model. In order to address this further, more time is required to continue to train on these problems.
Accomplishments that we're proud of
We were able to make a working prototype that shows how we may display the network information graphically. As well as a future idea.
What we learned
We've learned many things on cyber security and machine learning.
What's next for Omniscience
To fully implement some features and fully flesh out the software.