Published on January 6th, 2016 | by MaxiSoler


AIEngine v1.4 (Artificial Inteligent Engine)

AIEngine is a next generation interactive/programmable Python/Ruby/Java packet inspection engine with capabilities of learning without any human intervention, NIDS(Network Intrusion Detection System) functionality, DNS domain classification, network collector, network forensics and many others.

AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

The main functionalities of AIEngine are:

  • Support for interacting/programing with the user while the engine is running.
  • Support for PCRE JIT for regex matching.
  • Support for regex graphs.
  • Support five types of NetworkStacks (lan,mobile,ipv6,virtual and oflow).
  • Support Sets and Bloom filters for IP searches.
  • Support Linux, FreeBSD and MacOS operating systems.
  • Support for HTTP,DNS and SSL Domains matching.
  • Support for banned domains and hosts for HTTP, DNS, SMTP and SSL.
  • Frequency analysis for unknown traffic and auto-regex generation.
  • Generation of Yara signatures.
  • Easy integration with databases (MySQL, Redis, Cassandra, Hadoop, etc…) for data correlation.
  • Easy integration with other packet engines (Netfilter).
  • Support memory clean caches for refresh stored memory information.
  • Support for detect DDoS at network/application layer.
  • Support for rejecting TCP/UDP connections.
  • Support for network forensics on real time.


Changelog v1.4

  • (TODO) Update on real time the setScheduler functionality (TODO multiple setScheduler, for having more functions).
  • Support for Java Language.
  • Support for RegexManagers on IPSets.
  • Support for network forensics on real time.
  • Enable rejecting for StackLanIPv6.
  • SSDP protocol support.
  • Support for regex on HTTP l7 payloads (DomainNames with RegexManagers).
  • Bug fixing.

Thanks to Lucho for sharing this tool with us. 😉

Tags: , , , ,

About the Author

www.artssec.com @maxisoler

Back to Top ↑