DCI Sample Implementation

Download: https://github.com/dimitrs/DCI-NIDS/tree/DCI-NIDS-1 In this post I present an experimental network protocol analyzer implementation (in C++) based on the Data, context and interaction (DCI) paradigm and code snippets from Snort. My intention was to get first hand experience with DCI in C++, understand its benefits and its limitations,...

Read More

Web applications in Python without Javascript, CSS, HTML

Download: rctk_zk.tar.gz If would like to know how to write rich web applications in pure Python without any knowledge of Javascript, CSS, HTML or Ajax then continue reading this post. Take a look at the screen-shot. It is the demo application of a framework called RCTK – which makes the development of complex web applications as easy...

Read More

A case for replacing polymorphism with switch-statements

Download: switch_benchmark.tar.gz In this post I benchmark and compare virtual function calls to functionally equivalent if-else and switch statements. In object oriented design switch statements are substituted by polymorphism. The reason is to make the code more compact, readable and maintainable. However, the benchmark indicates that there...

Read More

Python Bindings for Sally (a machine learning tool)

Download:   sally-0.6.1-with-bindings.tar.gz One of the tools I have used recently in my machine-learning projects is Sally. As Sally’s web page describes it: “There are many applications for Sally, for example, in the areas of natural language processing, bioinformatics, information retrieval and computer security”. You can look at the example...

Read More

Restructured text table reports

Download: rst2pdf-read-only.tar.gz I use rst2pdf to create PDF documents from reStructuredText (ReST). It is relatively easy to generate table reports from a database, like the ones shown below. In this example, the table does not fit into one page and spans two. Although it is easy to execute statistical queries such as sum a column...

Read More

Benchmarking function call overhead in C++

Download: benchmark.tar.gz The are two types of function calls I benchmark here: 1) Virtual functions 2) CRTP, used to simulate dynamic binding (with and without inlining) One particular use of the CRTP is to simulate dynamic binding. The technique achieves a similar effect to the use of virtual functions, without the costs of dynamic polymorphism....

Read More

Automated Pattern Discovery From Network Traffic (2)

Last time, I described a way to find pattern strings in network traffic using machine-learning tools and techniques and it is the goal of this post to describe the method and results of applying these techniques to real network traffic. As an experiment or proof-of-concept, I looked for patterns in Bit-torrent traffic. The results look very promising....

Read More

Automated Pattern Discovery From Network Traffic

From time to time I browse the projects listed on freshmeat.net. I came accross Sally, a tool for mapping strings into vector spaces. This mapping allows one to apply machine learning techniques and data mining to the analysis of string data. I looked at two of the examples given; Sally can be used to map documents to a vector space and build...

Read More

Test Code Coverage with Objdump and Valgrind

I was working on a C++ project recently where gcov inexplicitly failed to report correct results, especially for template files. Some templated code was incorrectly being reported as not-covered by my tests. Instead of doing the right thing by finding out why gcov was not working with my source code, I decided to write a python script that combined...

Read More