Tech ChroniclesRamblings of a Tech Dude
AIEngine – AI-driven Network Intrusion Detection System

AIEngine – AI-driven Network Intrusion Detection System



AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with capabilities of learning without any human intervention, DNS domain classification, Spam detection, network collector, network forensics and many others.

AIEngine - AI-driven Network Intrusion Detection System

AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Functionality of AIEngine AI-driven Network Intrusion Detection System

The main functionalities of AIEngine are:

  • Support for interacting/programing with the user while the engine is running.
  • Support for PCRE JIT for regex matching.
  • Support for regex graphs (complex detection patterns).
  • Support six types of NetworkStacks (lan, mobile, lan6, virtual, oflow and mobile6).
  • Support Sets and Bloom filters for IP searches.
  • Supports x86_64, ARM and MIPS architecture over operating systems such as Linux, FreeBSD and MacOS.
  • Support for HTTP, DNS and SSL Domains matching.
  • Support for banned domains and hosts for HTTP, DNS, SMTP and SSL.
  • Frequency analysis for unknown traffic and auto-regex generation.
  • Generation of Yara signatures.
  • Easy integration with databases (MySQL, Redis, Cassandra, Hadoop, etc…) for data correlation.
  • Easy integration with other packet engines (Netfilter).
  • Support memory clean caches for refresh stored memory information.
  • Support for detect DDoS at network/application layer.
  • Support for rejecting TCP/UDP connections.
  • Support for network forensics on real time.
  • Support for JA3 TLS Signatures on SSL.
  • Supports protocols such as Bitcoin, CoAP, DHCPv4/DHCPv6, DNS, GPRS, GRE, HTTP, ICMPv4/ICMPv6, IMAP, IPv4/v6, Modbus, MPLS, MQTT, Netbios, NTP, OpenFlow, PPPoE, POP, Quic, RTP, SIP, SMB, SMTP, SSDP, SSH, SSL, TCP, UDP, VLAN, VXLAN.
  • Integration of HTTP Server for retrieve and configure the system.

Using AIEngine AI-driven Network Intrusion Detection System

To use AIEngine(reduce version) just execute the binary aiengine or use the python/ruby/java/lua binding.

You can download AIEngine here:


Or read more here.

Tech Chronicles