Adding appsensor content
← Older revision
Revision as of 04:07, 3 February 2017
Line 464:
Line 464:
'''Mentors:'''
'''Mentors:'''
* [[User:devgreg|Greg Anderson]] - OWASP DefectDojo Project Leader
* [[User:devgreg|Greg Anderson]] - OWASP DefectDojo Project Leader
+
+
== OWASP AppSensor ==
+
+
[[OWASP AppSensor Project]] The OWASP AppSensor project is a project to help you build self-defending applications through real-time event detection and response. Previous GSoC students have implemented key AppSensor contributions, and we've had very successful engagements. We look forward to hearing your ideas and hopefully working with you to execute them.
+
+
=== Machine Learning Driven Web Server Log Analysis ===
+
:
+
:'''Brief Explanation:'''
+
:
+
:The goal of this project would be to build a web server log analysis tool suite based on ML (machine learning). This tool suite will accept as input web server logs (apache, nginx) and will provide as output a determination of requests that are considered "attacks" There are a number of key points for this project:
+
:* Almost everybody has web server logs. It's a common format that is well understood, and is a good starting place for many security teams
+
:* Because the format is well understood, the data points (features) are well understood.
+
:* This tool suite would have applicability far beyond just our project. The goal is to give away a tool that can process a set of log files, build a custom model for the traffic, and then be used to process future log files and find attacks (outliers / anomalies)
+
:
+
:Note that this project would extend work done in last year's GSOC to get an initial machine learning capability developed.
+
:
+
:''' Expected Results '''
+
:
+
:* User provides tool suite a set of web server logs (User has option to annotate data set with known attacks)
+
:* System is pre-coded with knowledge of certain anomalous patterns (attacks)
+
:* System builds ML model for processing future log files
+
:* System provides mechanism for processing future logs using trained model.
+
:
+
:''' Knowledge Prerequisite: '''
+
:AppSensor is written in Java, so a good knowledge of this language is recommended. The toolset used previously for the ML effort was scala/spark, but this is not a hard requirement. The preference would be to use either the JVM (java/scala), or possibly python, as both of these stacks are well understood and have significant ML capabilities.
+
:
+
:''' Mentors '''
+
:[https://www.owasp.org/index.php/User:John_Melton John Melton] [mailto:jtmelton@gmail.com @] and the rest of the AppSensor Team
+
:
+
+
=== Your Idea ===
+
:
+
:'''Brief Explanation:'''
+
:
+
:AppSensor is a great tool and many organizations are starting to use it. If you have an idea that is not on this list, please submit it - we would love to give you the chance to work on an idea you came up with!
+
:
+
:''' Getting started '''
+
:* Get in touch with us :)
+
:
+
:'''Expected Results:'''
+
:* A new feature that makes AppSensor even better
+
:
+
:''' Knowledge Prerequisite: '''
+
:AppSensor is written in Java, so a good knowledge of this language is recommended.
+
:
+
:''' Mentors '''
+
:[https://www.owasp.org/index.php/User:John_Melton John Melton] [mailto:jtmelton@gmail.com @] and the rest of the AppSensor Team
+
: