OpenSec Atlas

RAELN: An Open Source Tool for Threat Intelligence | OpenSec Atlas

Threat Intelligence

Tool

RAELN

RAELN is a machine learning-based classifier that uses L2-Regularized Autoencoder Enabled Ladder Networks for accurate multi-class classification of network intrusion malware.

View on GitHub

About This Tool

L2-Regularized Autoencoder Enabled Ladder Networks (RAELN) for multi-class classification of network intrusion malware.

Primary Use Case

This tool is designed for cybersecurity analysts and researchers to classify and detect network intrusion malware using advanced semi-supervised learning techniques with reduced label dependency. It is particularly useful for analyzing network traffic datasets like UNSW-NB15 and NSL-KDD to improve malware detection accuracy in real-time environments.

Key Features

L2-Regularized Autoencoder Enabled Ladder Networks for classification
Supports semi-supervised learning with reduced label dependency
Feature selection techniques including FSFC and various autoencoder variants
Trained and tested on benchmark datasets UNSW-NB15 and NSL-KDD
Implemented in both PyTorch v1.5.1 and TensorFlow v1.15
Provides PCA analysis for optimal feature selection
Includes multiple classification algorithms such as Ladder Networks, Random Forest, and Naive Bayes
Outputs performance metrics including overall and per-class accuracy

Insights & Recommendations

Requires Python version <= 3.7 for TensorFlow v1.15 compatibility; ensure PyTorch/TensorFlow installation directories are added to system PATH. Using virtual environments is recommended to manage dependencies and avoid conflicts.

Installation

Clone the repository using: git clone https://github.com/PRISHIta123/RAELN.git
Navigate to src/PyTorch-v1.5.1 for PyTorch or src/tf-v15.0 for TensorFlow implementation
Create a virtual environment with Python 3.7: virtualenv -p /path/to/Python3.7/python.exe env
Activate the virtual environment: For Windows use \env\Scripts\Activate, for Mac/Linux use source /env/Scripts/Activate
Install dependencies using: pip install -r requirements.txt

Usage

python PCA_Components.py --dataset=DATASET

Performs Principal Component Analysis on the specified dataset to determine the optimal number of features.

python main.py --dataset=DATASET --feature_selector=FEATURE_SELECTION_ALGO --classifier=CLASSIFICATION_ALGO

Runs the RAELN model with specified dataset, feature selection algorithm, and classification algorithm.

Smart Usage Notes

Integrate RAELN with SIEM platforms for enhanced real-time malware detection and alerting.Use semi-supervised learning to continuously improve detection models with minimal labeled data.Leverage PCA and feature selection to optimize model performance and reduce false positives.Deploy RAELN in network traffic monitoring pipelines to detect novel and evolving malware threats.Combine RAELN outputs with threat intelligence feeds to prioritize incident response efforts.