Metis

Metis: Understanding and Enhancing Regular Expressions in Network

Dataset Architecture

-- Data
  -- snort
    -- <rule name>
      -- <rule name>.csv
      -- dataset-<label ratio>.pkl

Code Architecture

-- ByteLevelTokenization
   -- create_logic_mat_bias.py
   -- create_snort_automata.py
   -- decompose_snort_automata.py
   -- dfa_from_rule.py
   -- fsa_to_tensor.py
   -- load_dataset.py
   -- process_snort_data.py
-- Distilltion
  -- RNNeval.py
  -- SSPKD.py
  -- SoftTree.py
-- Hardware
  -- data_plane.p4
-- models
   -- BRNN.py
   -- BRNN_O.py
   -- Baseline.py
   -- net.py
-- utils
   -- data.py
   -- utils.py
-- RE.py
-- README.md
-- requirements.txt
-- run_dfa2brnn.py
-- train_brnn.py
-- val.py

Run Code

Byte-Level Tokenization

Download Snort rules and unzip them to "./data/snort/rules/".

https://www.snort.org/downloads

Process Snort rules.

python3 process_snort_data.py

Create m-DFA based on Snort rules.

# to create "category_name"'s m-DFA of Snort, save as "automata_name"
python3 create_snort_automata.py --dataset category_name --automata_name automata_name

Prepare byte-level dataset.

# to prepare "category_name" datset, divide into training set, test set and val set with 7:2:1 and using 1% training data.
python3 load_dataset.py --dataset category_name --test_split 0.1 --val_split 0.2 --datset_split 0.01

Run DFA2BRNN

Train a BRNN.

# to train a BRNN based on "category_name", see more parameters in our source code.
python3 run_dfa2BRNN --dataset "category_name" --model_type Onehot

Train other baselines (e.g., LSTM).

# to train a LSTM based on "category_name", see more parameters in our source code.
python3 run_dfa2BRNN --dataset "category_name" --model_type MarryUp -rnn LSTM

Run RNNeval

This code is used for generate soft labels after BRNN training.

# to get the soft labels generated by BRNN of chat trained by 1% labeled data
python3 RNNeval --mode_name chat_0.01.m

Run SSPKD

This code is used for training and testing of SRF after generating soft labels.

# to train SRFs with 1% labeled data.
python3 SSPKD --mode train --label_r 0.01
# to train SRFs with 10% labeled data.
python3 SSPKD --mode train --label_r 0.1
# to train SRFs with 100% labeled data.
python3 SSPKD --mode train --label_r 1
# to test SRF of chat trained by 1% labeled data.
python3 SSPKD --mode test --snort_name chat --label_r 0.01
# to test baselines.
python3 SSPKD --mode <baseline name(dt, dtdistill, rf, rfdistill)> --snort_name <str> label_r <float>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Metis

Dataset Architecture

Code Architecture

Run Code

Byte-Level Tokenization

Run DFA2BRNN

Run RNNeval

Run SSPKD

About

Releases

Packages

Contributors 3

Languages

Name		Name	Last commit message	Last commit date
Latest commit History 33 Commits
ByteLevelTokenization		ByteLevelTokenization
Distillation		Distillation
Hardware		Hardware
data/snort		data/snort
models		models
utils		utils
RE.py		RE.py
README.md		README.md
requirements.txt		requirements.txt
run_dfa2brnn.py		run_dfa2brnn.py
train_brnn.py		train_brnn.py
val.py		val.py

YouAreSpecialToMe/Metis

Folders and files

Latest commit

History

Repository files navigation

Metis

Dataset Architecture

Code Architecture

Run Code

Byte-Level Tokenization

Run DFA2BRNN

Run RNNeval

Run SSPKD

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 3

Languages

Packages