Introducing Lightbulb

I've changed my script into an open source project! I'd like to formally introduce lightbulb. Lightbulb is a utility to read in proxy log data and use entropy based analysis to determine beacons associated with malware. You can tailor it to do just about anything you'd like and it may provide network admins with a deeper understanding of their network and the activity happening around them.

For the first official release of lightbulb I wanted to make some significant improvements to the code and the reporting. There are more changes to come, but what you'll find new in this version is.

  • Reporting back of the actual beacon time intervals
  • Outliers listed according to the standard deviation of all data
It's a nice improvement and it's coming a long way. The next version has a scheduled change in the backbone to boost performance. As well as taking a look at different learning algorithms. Stay tuned for more changes. All updates on the project will now be hosted at google code as well as on here. I'll try to keep the changelog up to date. :)

http://code.google.com/p/lightbulb

About this entry

Youre currently reading Introducing Lightbulb.

Published:
at 11:17 AM on Saturday, April 25, 2009
Category:
, ,
Previous:
Older Post
Next:
Newer Post
 

1 comments:

  1. Dan August 27, 2009 at 6:34 AM

    Sir,
    when are we going to get more info on this blog.
    It seems to have been a while

     

Post a Comment