
Show HN: Intrusion Detection in Real-time - siddhartb_
https://arxiv.org/abs/1911.04464
======
siddhartb_
Code is available in C++, Python, Ruby, R, and Rust at
[https://github.com/bhatiasiddharth/MIDAS](https://github.com/bhatiasiddharth/MIDAS)

------
janesconference
Really cool project. I'm doing a real-time version (gets input on stdin, sends
output on stdout), will probably release the code soon.

------
shivin9
Can this detect DDoS like attacks also?

~~~
siddhartb_
We handle locality in terms of both source and destination, therefore we
should be able to handle both DoS and DDoS attacks.

------
NimishMishra
Looks interesting. Better than some of the static detection algorithms out
there

------
GurbakshSharma
can you list out use cases where we can use this algorithm?

~~~
siddhartb_
In addition to detecting intrusions, it can detect fake ratings and frauds.
Basically finding anomalous and suspicious behavior in any dynamic (time-
evolving) graph.

~~~
udaychopra
Hi, how will the performance be affected if let's say time ticks are not
uniform?

~~~
siddhartb_
Great question, it will be interesting to try it out. Temporal relations
should be affected a bit but MIDAS should be able to detect anomalies.

------
shera
Are you taking context into consideration? For example, Donald Trump's tweets
will be much higher than an ordinary person's.

~~~
siddhartb_
Yes, we take expected count of a particular user/source node into
consideration.

