Implementing Machine Learning

[gamemann]

Hey all!

I just wanted to start this discussion to see if anybody would be interested in the idea. Unfortunately, I don't have much time right now, but I'm hoping once I get my future project off the ground called The Modding Community (TMC), I can try implementing this system myself if nobody else would like to into the XDP Firewall.

I'd like to make an API back-bone along with a command line utility that can automatically add firewall rules to the XDP Firewall. It'd be neat to implement a machine learning system that analyzes data and feeds the firewall rules to help with (D)DoS mitigation.

There is already a fork of this repository I found that appears to be implementing something like this.

https://github.com/sehbeygi79/XDP-Firewall-ML

With that said, it'd be neat if we could utilize a separate XDP program that is offloaded to the NIC for basic dropping from a BPF Map (e.g. malicious source IPs or ports). We just need to find out a way to have the XDP Firewall loaded into the XDP DRV or SKB hook and then have the separate XDP/BPF project load into the NIC via offload mode.

@sehbeygi79 Going to attempt to tag you here in the case you may be interested in the above 😃 (I found your project really interesting!)

Thank you for your time!

[midhxn]

Btw Nice project. Thank you