antinex发布者用户核心,用于处理深度神经网络的训练和预测请求,以近乎实时地检测使用keras和tensorflow的网络开发。
antinex-core的Python项目详细描述
利用高精度预训练的深层神经网络实现网络攻击检测的自动化。
截至2018-03-12,Core可以通过使用预先录制的AntiNex datasets和自动定标器规范化的~99.8%交叉验证分数,反复预测对Django、Flask、React+Redux、Vue和Spring应用服务器的攻击。
精确性+培训+Jupyter笔记本中的交叉验证
在Jupyter笔记本中使用预先训练好的深层神经网络
概述
核心是一个芹菜工人池,用于处理深层神经网络的训练和预测请求,以近乎实时地使用keras和tensorflow检测网络开发(nex)。在内部,每个工人管理一个缓冲区,缓冲区由初始培训请求中的label标识。一旦经过训练,只要对预测请求使用相同的label名称,就可以使用模型进行快速预测测试。还可以使用具有相同label的训练api重新训练模型。虽然最初的重点是网络开发,但存储库还包括模拟股票数据,用于演示如何运行一个工人池,以便使用许多经过预训练的深层神经网络快速预测回归数据(如股票价格)。
此存储库是一个独立的培训和预测工作池,它与antinex rest api分离:
https://github.com/jay-johnson/train-ai-with-django-swagger-jwt
Antinex堆栈状态
antinex核心工作进程是antinex堆栈的一部分:
Component | Build | Docs Link | Docs Build |
---|---|---|---|
REST API | Docs | ||
Core Worker | Docs | ||
Network Pipeline | Docs | ||
AI Utils | Docs | ||
Client | Docs |
安装
pip安装antinex核心
可用于生成图像
如果你想生成图片,请在ubuntu上安装python3-tk。
sudo apt-get install python3-tk
码头工人
使用jupyter启动用于浏览的容器:
# if you do not have docker compose installed, you can try installing it with: # pip install docker-compose cd docker ./start-stack.sh
使用django deep神经网络分析打开jupyter笔记本
默认密码是:admin
http://localhost:8888/notebooks/AntiNex-Protecting-Django.ipynb
查看笔记本演示文稿幻灯片
- 在笔记本中使用Alt + r。
- 使用非垂直的scolling url:http://localhost:8889/Slides-AntiNex-Protecting-Django.slides.html
- 使用非垂直的scolling url:http://localhost:8890/Slides-AntiNex-Using-Pre-Trained-Deep-Neural-Networks-For-Defense.slides.html
运行
启动Core之前,请确保Redis正在运行并可访问:
redis-cli 127.0.0.1:6379>
运行redis并在python 3运行时安装antinex core pip后,使用此命令启动核心:
./run-antinex-core.sh
或芹菜:
celery worker -A antinex_core.antinex_worker -l DEBUG
发布预测请求
要使用新的自动定标器规范化数据集进行训练和预测,其预测精度为99.8%,可以使用带有AntiNex datasets的宽两层深层神经网络检测攻击,请执行以下步骤。
克隆
请确保将数据集repo克隆到预先配置的位置:
mkdir -p -m 777 /opt/antinex git clone https://github.com/jay-johnson/antinex-datasets.git /opt/antinex/antinex-datasets
Django-训练和预测
./antinex_core/scripts/publish_predict_request.py -f training/scaler-full-django-antinex-simple.json
烧瓶-训练和预测
./antinex_core/scripts/publish_predict_request.py -f training/scaler-full-flask-antinex-simple.json
反应和重复-训练和预测
./antinex_core/scripts/publish_predict_request.py -f training/scaler-full-react-redux-antinex-simple.json
Vue-训练和预测
./antinex_core/scripts/publish_predict_request.py -f training/scaler-full-vue-antinex-simple.json
弹簧-训练和预测
./antinex_core/scripts/publish_predict_request.py -f training/scaler-full-spring-antinex-simple.json
准确度和预测报告
几分钟后,最终报告将打印出来,如下所示:
2018-03-11 23:35:00,944 - antinex-prc - INFO - sample=30178 - label_value=1.0 predicted=1 label=attack 2018-03-11 23:35:00,944 - antinex-prc - INFO - sample=30179 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,944 - antinex-prc - INFO - sample=30180 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,944 - antinex-prc - INFO - sample=30181 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,944 - antinex-prc - INFO - sample=30182 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30183 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30184 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30185 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30186 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30187 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30188 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30189 - label_value=1.0 predicted=1 label=attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30190 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,945 - antinex-prc - INFO - sample=30191 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30192 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30193 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30194 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30195 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30196 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30197 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30198 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,946 - antinex-prc - INFO - sample=30199 - label_value=-1.0 predicted=-1 label=not_attack 2018-03-11 23:35:00,947 - antinex-prc - INFO - Full-Django-AntiNex-Simple-Scaler-DNN made predictions=30200 found=30200 accuracy=99.84685430463577 2018-03-11 23:35:00,947 - antinex-prc - INFO - Full-Django-AntiNex-Simple-Scaler-DNN - saving model=full-django-antinex-simple-scaler-dnn
如果没有在本地克隆数据集,则可以使用repo中包含的最小化数据集:
./antinex_core/scripts/publish_predict_request.py -f training/scaler-django-antinex-simple.json
发布列车请求
./antinex_core/scripts/publish_train_request.py
发布回归预测请求
./antinex_core/scripts/publish_regression_predict.py
JSON API
antinex核心管理一个工作池,这些工作池订阅了两个队列中的进程任务(webapp.train.requests和webapp.predict.requests)。任务定义为JSON字典,必须具有以下结构:
{ "label": "Django-AntiNex-Simple-Scaler-DNN", "dataset": "./tests/datasets/classification/cleaned_attack_scans.csv", "apply_scaler": true, "ml_type": "classification", "predict_feature": "label_value", "features_to_process": [ "eth_type", "idx", "ip_ihl", "ip_len", "ip_tos", "ip_version", "tcp_dport", "tcp_fields_options.MSS", "tcp_fields_options.Timestamp", "tcp_fields_options.WScale", "tcp_seq", "tcp_sport" ], "ignore_features": [ ], "sort_values": [ ], "seed": 42, "test_size": 0.2, "batch_size": 32, "epochs": 10, "num_splits": 2, "loss": "binary_crossentropy", "optimizer": "adam", "metrics": [ "accuracy" ], "histories": [ "val_loss", "val_acc", "loss", "acc" ], "model_desc": { "layers": [ { "num_neurons": 250, "init": "uniform", "activation": "relu" }, { "num_neurons": 1, "init": "uniform", "activation": "sigmoid" } ] }, "label_rules": { "labels": [ "not_attack", "not_attack", "attack" ], "label_values": [ -1, 0, 1 ] }, "version": 1 }
还支持回归预测任务,下面是一个包含模拟股价的数据集的示例:
{ "label": "Scaler-Close-Regression", "dataset": "./tests/datasets/regression/stock.csv", "apply_scaler": true, "ml_type": "regression", "predict_feature": "close", "features_to_process": [ "high", "low", "open", "volume" ], "ignore_features": [ ], "sort_values": [ ], "seed": 7, "test_size": 0.2, "batch_size": 32, "epochs": 50, "num_splits": 2, "loss": "mse", "optimizer": "adam", "metrics": [ "accuracy" ], "model_desc": { "layers": [ { "activation": "relu", "init": "uniform", "num_neurons": 200 }, { "activation": null, "init": "uniform", "num_neurons": 1 } ] } }
splunk环境变量
此存储库使用Spylunking记录器,该记录器支持将日志发布到经过身份验证的hec rest api上。您可以将这些环境变量设置为发布到splunk:
export SPLUNK_ADDRESS="<splunk address host:port>" export SPLUNK_API_ADDRESS="<splunk api address host:port>" export SPLUNK_USER="<splunk username for login>" export SPLUNK_PASSWORD="<splunk password for login>" export SPLUNK_TOKEN="<Optional - username and password will login or you can use a pre-existing splunk token>" export SPLUNK_INDEX="<splunk index>" export SPLUNK_QUEUE_SIZE="<num msgs allowed in queue - 0=infinite>" export SPLUNK_RETRY_COUNT="<attempts per log to retry publishing>" export SPLUNK_RETRY_BACKOFF="<cooldown in seconds per failed POST>" export SPLUNK_SLEEP_INTERVAL="<sleep in seconds per batch>" export SPLUNK_SOURCE="<splunk source>" export SPLUNK_SOURCETYPE="<splunk sourcetype>" export SPLUNK_TIMEOUT="<timeout in seconds>" export SPLUNK_DEBUG="<1 enable debug|0 off - very verbose logging in the Splunk Publishers>"
开发
virtualenv -p python3 ~/.venvs/antinexcore && source ~/.venvs/antinexcore/bin/activate && pip install -e .
测试
全部运行
python setup.py test
运行测试用例
python -m unittest tests.test_train.TestTrain.test_train_antinex_simple_success_retrain
起毛
薄片8。
PycodeStyle。
许可证
apache 2.0-有关详细信息,请参阅LICENSE