Programming & Development
1
UPVOTE
dev.to

Three Detection Paradigms. One Dataset. One Result.

Three Detection Paradigms. One Dataset. One Result. For the last 147 days I’ve been building aRGus, an open-source Network Detection & Response (NDR) pipeline focused on behavioral detection using machine learning and real packet telemetry. Today we completed something I personally wanted to see for a long time: A direct comparison between three radically different network security paradigms on the same dataset, same hardware, and same analysis conditions. Not “which tool is better”. But what each paradigm is actually capable of seeing. The Experiment We used the CTU-13 Neris botnet scenario from 2011. The malicious corpus contains: 646 malicious flows IRC beaconing HTTP anomalies SMB lateral movement classic botnet behavior patterns Three systems analyzed the same capture: System Paradigm Suricata Signature-based IDS Zeek Telemetry & anomaly observation aRGus Behavioral ML-based NDR Environment: Commodity hardware Same
Original Siri

Original Siri

3d ago
1 0

Discussion

Break the silence

Take the opportunity to kick things off.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

user26540

Stefani

StefaniUpvoted 3d ago9 comments · 99 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

dev.to
Why I Built an Open-Source Alternative to Shorebird for Flutter…

Shorebird is a great product. If it fits your team's needs, you should probably just use it. This post is for the cases where it doesn't. The Proble…
JR

Jamie Rodriguez

41m ago
0
infoq.com
Presentation: What I Learned Building Multi-Agent Systems From …

Paulo Arruda discusses Shopify’s evolution in AI adoption, moving from simple chat tools to a sophisticated swarm of specialized agents. He explains the transi…
IN

InfoQ

3h ago
0
dev.to
Building a Production-Grade Kubernetes Cluster from Scratch — P…

Part 1 of 2 — From bare VMs to a fully running 3-service application on a self-managed Kubernetes cluster. No managed services. No shortcuts. Just raw kubeadm.…
DC

DEV Community

4h ago
0
infoq.com
Article: The Mathematics of Backlogs: Capacity Planning for Que…

Backlogs in distributed systems are arithmetic problems, not mysteries. This article provides practical formulas for calculating backlog drain time, sizing con…
IN

InfoQ

6h ago
0
arxiv.org
Deterministic Fully-Static Whole-Binary Translation Without Heu…

Comments
HN

Hacker News

10h ago
0
dev.to
Tired of typing `cd`? I built a Proton-T is a smarter cd comman…

As developers, we live in the terminal. And for me, living in the terminal is a choice for two things: speed and coolness. But let's be honest, typing cd . .…
TL

Thomas Lefevre

11h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Programming & Development.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

dev.to
Why I Built an Open-Source Alternative to Shorebird for Flutter…

Shorebird is a great product. If it fits your team's needs, you should probably just use it. This post is for the cases where it doesn't. The Proble…
JR

Jamie Rodriguez

41m ago
0
dev.to
Building a Production-Grade Kubernetes Cluster from Scratch — P…

Part 1 of 2 — From bare VMs to a fully running 3-service application on a self-managed Kubernetes cluster. No managed services. No shortcuts. Just raw kubeadm.…
DC

DEV Community

4h ago
0
dev.to
Tired of typing `cd`? I built a Proton-T is a smarter cd comman…

As developers, we live in the terminal. And for me, living in the terminal is a choice for two things: speed and coolness. But let's be honest, typing cd . .…
TL

Thomas Lefevre

11h ago
0
dev.to
Let Your AI Agent Pay for APIs Automatically with x402 + Agenti…

Here's the problem with AI agents today: they can do incredible things, but they can't pay for them. You've built a LangChain agent, a CrewAI team, or a custo…
DC

DEV Community

14h ago
0
dev.to
I shipped an AI-generated PR that violated four of our own arch…

`--- title: "I shipped an AI-generated PR that violated four of our own architecture decisions. Nobody caught it. " published: false description: "AI coding ag…
Sofia Bennett

Sofia Bennett

2d ago
0
dev.to
Local Multimodal LLM on iOS with `llama.cpp` (Swift + ObjC++)

I want a real local pipeline: image in, structured JSON out, no cloud dependency. Optimized to run Metal / ANE or whatever apple exposes ? My goal is to infer…
DC

DEV Community

2d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest