{"id":18756,"date":"2025-01-21T20:39:18","date_gmt":"2025-01-21T17:09:18","guid":{"rendered":"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/"},"modified":"2025-01-21T20:39:18","modified_gmt":"2025-01-21T17:09:18","slug":"%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7","status":"publish","type":"post","link":"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/","title":{"rendered":"\u0631\u0648\u0634 \u0633\u0627\u062e\u062a \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0628\u0644\u0627\u062f\u0631\u0646\u06af \u0628\u0627 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0648 Open-Source \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u0647\u0627"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0633\u0631\u0641\u0635\u0644\u0647\u0627\u06cc \u0645\u0637\u0644\u0628<\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d9%81%d9%87%d8%b1%d8%b3%d8%aa_%d9%85%d8%b7%d8%a7%d9%84%d8%a8\" >\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%a2%d8%b4%d9%86%d8%a7%db%8c%db%8c_%d8%a8%d8%a7_%d8%a7%d9%86%d9%88%d8%a7%d8%b9_ids\" >\u0622\u0634\u0646\u0627\u06cc\u06cc \u0628\u0627 \u0627\u0646\u0648\u0627\u0639 IDS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%da%86%da%af%d9%88%d9%86%d9%87_%d9%85%d8%ad%db%8c%d8%b7_%d8%aa%d9%88%d8%b3%d8%b9%d9%87_%d8%ae%d9%88%d8%af_%d8%b1%d8%a7_%d8%b1%d8%a7%d9%87_%d8%a7%d9%86%d8%af%d8%a7%d8%b2%db%8c_%da%a9%d9%86%db%8c%d8%af\" >\u0686\u06af\u0648\u0646\u0647 \u0645\u062d\u06cc\u0637 \u062a\u0648\u0633\u0639\u0647 \u062e\u0648\u062f \u0631\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d8%a4%d9%84%d9%81%d9%87_%d9%87%d8%a7%db%8c_core_ids\" >\u0633\u0627\u062e\u062a \u0645\u0624\u0644\u0641\u0647 \u0647\u0627\u06cc Core IDS<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d9%88%d8%aa%d9%88%d8%b1_%d8%b6%d8%a8%d8%b7_%d8%a8%d8%b3%d8%aa%d9%87_%d9%87%d8%a7\" >\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0647\u0627<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d8%a7%da%98%d9%88%d9%84_%d8%aa%d8%ad%d9%84%db%8c%d9%84_%d8%aa%d8%b1%d8%a7%d9%81%db%8c%da%a9\" >\u0633\u0627\u062e\u062a \u0645\u0627\u0698\u0648\u0644 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d9%88%d8%aa%d9%88%d8%b1_%d8%aa%d8%b4%d8%ae%db%8c%d8%b5\" >\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%b3%d8%a7%d8%ae%d8%aa%d9%86_%d8%b3%db%8c%d8%b3%d8%aa%d9%85_%d9%87%d8%b4%d8%af%d8%a7%d8%b1\" >\u0633\u0627\u062e\u062a\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d9%82%d8%b1%d8%a7%d8%b1_%d8%af%d8%a7%d8%af%d9%86_%d8%a2%d9%86_%d9%87%d9%85%d9%87_%d8%a8%d8%a7_%d9%87%d9%85\" >\u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 \u0622\u0646 \u0647\u0645\u0647 \u0628\u0627 \u0647\u0645<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%a7%db%8c%d8%af%d9%87_%d9%87%d8%a7%db%8c%db%8c_%d8%a8%d8%b1%d8%a7%db%8c_%da%af%d8%b3%d8%aa%d8%b1%d8%b4_ids\" >\u0627\u06cc\u062f\u0647 \u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u06af\u0633\u062a\u0631\u0634 IDS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d9%85%d9%84%d8%a7%d8%ad%d8%b8%d8%a7%d8%aa_%d8%a7%d9%85%d9%86%db%8c%d8%aa%db%8c\" >\u0645\u0644\u0627\u062d\u0638\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%aa%d8%b3%d8%aa_ids_%d8%b1%d9%88%db%8c_%d8%af%d8%a7%d8%af%d9%87_%d9%87%d8%a7%db%8c_%d8%b3%d8%a7%d8%ae%d8%aa%da%af%db%8c\" >\u062a\u0633\u062a IDS \u0631\u0648\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u06af\u06cc<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d8%b3%d8%a7%d8%ae%d8%aa-%db%8c%da%a9-%d8%b3%db%8c%d8%b3%d8%aa%d9%85-%d8%aa%d8%b4%d8%ae%db%8c%d8%b5-%d9%86%d9%81%d9%88%d8%b0-%d8%a8%d9%84%d8%a7%d8%af%d8%b1%d9%86%da%af-%d8%a8%d8%a7\/#%d8%a8%d8%b3%d8%aa%d9%87_%d8%a8%d9%86%d8%af%db%8c\" >\u0628\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc<\/a><\/li><\/ul><\/nav><\/div>\n<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 9<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span><p> <br \/>\n<\/p>\n<section class=\"post-content \" data-test-label=\"post-content\">\n<p>\u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 (IDS) \u0645\u0627\u0646\u0646\u062f \u06cc\u06a9 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0627\u0633\u062a. \u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0641\u06cc\u0632\u06cc\u06a9\u06cc \u06a9\u0645\u06a9 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u06cc\u06a9 IDS \u0646\u06cc\u0632 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0631\u0627 \u06a9\u0646\u062a\u0631\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f \u062a\u0627 \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0647\u0631\u06af\u0648\u0646\u0647 \u062d\u0645\u0644\u0647 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0627\u0644\u0642\u0648\u0647 \u0648 \u0646\u0642\u0636 \u0627\u0645\u0646\u06cc\u062a \u06a9\u0645\u06a9 \u06a9\u0646\u062f.<\/p>\n<p>\u062f\u0631 \u067e\u0627\u06cc\u0627\u0646 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u0631\u0648\u0634 \u0639\u0645\u0644\u06a9\u0631\u062f \u06cc\u06a9 IDS \u0631\u0627 \u0645\u06cc\u200c\u062f\u0627\u0646\u06cc\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0627\u06cc\u062a\u0648\u0646\u060c \u0633\u06cc\u0633\u062a\u0645 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0634\u0628\u06a9\u0647 \u062e\u0648\u062f \u0631\u0627 \u062f\u0631 \u0632\u0645\u0627\u0646 \u0648\u0627\u0642\u0639\u06cc \u0628\u0633\u0627\u0632\u06cc\u062f.<\/p>\n<h2 id=\"heading-table-of-contents\"><span class=\"ez-toc-section\" id=\"%d9%81%d9%87%d8%b1%d8%b3%d8%aa_%d9%85%d8%b7%d8%a7%d9%84%d8%a8\"><\/span>\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul>\n<li>\n<p>\u0622\u0634\u0646\u0627\u06cc\u06cc \u0628\u0627 \u0627\u0646\u0648\u0627\u0639 IDS<\/p>\n<\/li>\n<li>\n<p>\u0686\u06af\u0648\u0646\u0647 \u0645\u062d\u06cc\u0637 \u062a\u0648\u0633\u0639\u0647 \u062e\u0648\u062f \u0631\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f<\/p>\n<\/li>\n<li>\n<p>\u0633\u0627\u062e\u062a \u0645\u0624\u0644\u0641\u0647 \u0647\u0627\u06cc Core IDS<\/p>\n<ul>\n<li>\n<p>\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0647\u0627<\/p>\n<\/li>\n<li>\n<p>\u0633\u0627\u062e\u062a \u0645\u0627\u0698\u0648\u0644 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9<\/p>\n<\/li>\n<li>\n<p>\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635<\/p>\n<\/li>\n<li>\n<p>\u0633\u0627\u062e\u062a\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631<\/p>\n<\/li>\n<li>\n<p>\u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 \u0622\u0646 \u0647\u0645\u0647 \u0628\u0627 \u0647\u0645<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li>\n<p>\u0627\u06cc\u062f\u0647 \u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u06af\u0633\u062a\u0631\u0634 IDS<\/p>\n<\/li>\n<li>\n<p>\u0645\u0644\u0627\u062d\u0638\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc<\/p>\n<\/li>\n<li>\n<p>\u062a\u0633\u062a IDS \u0631\u0648\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u06af\u06cc<\/p>\n<\/li>\n<li>\n<p>\u0628\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"heading-understanding-the-types-of-ids\"><span class=\"ez-toc-section\" id=\"%d8%a2%d8%b4%d9%86%d8%a7%db%8c%db%8c_%d8%a8%d8%a7_%d8%a7%d9%86%d9%88%d8%a7%d8%b9_ids\"><\/span>\u0622\u0634\u0646\u0627\u06cc\u06cc \u0628\u0627 \u0627\u0646\u0648\u0627\u0639 IDS<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0642\u0628\u0644 \u0627\u0632 \u0627\u06cc\u0646\u06a9\u0647 \u0648\u0627\u0631\u062f \u0628\u062e\u0634 \u06a9\u062f\u0646\u0648\u06cc\u0633\u06cc \u0634\u0648\u06cc\u0645\u060c \u0628\u06cc\u0627\u06cc\u06cc\u062f \u0627\u0646\u0648\u0627\u0639 IDS \u0631\u0627 \u062f\u0631\u06a9 \u06a9\u0646\u06cc\u0645:<\/p>\n<ol>\n<li>\n<p><strong>IDS \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0634\u0628\u06a9\u0647 (NIDS)<\/strong>: \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0641\u0639\u0627\u0644\u06cc\u062a \u0645\u0634\u06a9\u0648\u06a9 \u0631\u0635\u062f \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<\/li>\n<li>\n<p><strong>IDS \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0645\u06cc\u0632\u0628\u0627\u0646 (HIDS)<\/strong>: \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0644\u0627\u06af \u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0648 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a \u0641\u0627\u06cc\u0644 \u0647\u0627 \u0631\u0627 \u0631\u0635\u062f \u0645\u06cc \u06a9\u0646\u062f \u0631\u0648\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646 \u0641\u0631\u062f\u06cc \u0627\u0633\u062a \u0648 \u0645\u0633\u062a\u0642\u06cc\u0645\u0627\u064b \u062f\u0631 \u0634\u0628\u06a9\u0647 \u0645\u0633\u062a\u0642\u0631 \u0646\u06cc\u0633\u062a.<\/p>\n<\/li>\n<li>\n<p><strong>IDS \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627<\/strong>: \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u06cc\u0627 \u062f\u0631 \u0634\u0628\u06a9\u0647 \u0627\u0633\u062a \u06cc\u0627 \u0631\u0648\u06cc \u0631\u0627 host \u0648 \u0627\u0644\u06af\u0648\u0647\u0627\u06cc \u062d\u0645\u0644\u0647 \u0631\u0627 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc \u06a9\u0646\u062f \u0631\u0648\u06cc \u0627\u0644\u06af\u0648\u0647\u0627\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647<\/p>\n<\/li>\n<li>\n<p><strong>IDS \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc<\/strong>: \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0641\u062a\u0627\u0631 \u063a\u06cc\u0631\u0639\u0627\u062f\u06cc \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0644\u06af\u0648\u0631\u06cc\u062a\u0645 \u0647\u0627\u06cc \u0627\u06a9\u062a\u0634\u0627\u0641\u06cc \u0648 \u067e\u06cc\u0634 \u0628\u06cc\u0646\u06cc \u06a9\u0647 \u0622\u0645\u0648\u0632\u0634 \u062f\u06cc\u062f\u0647 \u0627\u0646\u062f \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u0631\u0648\u06cc \u0627\u0644\u06af\u0648\u0647\u0627\u06cc \u062d\u0645\u0644\u0647 \u0642\u0628\u0644\u0627 \u062f\u06cc\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n<\/li>\n<\/ol>\n<p>\u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u0634\u0645\u0627 \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0631\u06a9\u06cc\u0628\u06cc \u0645\u06cc \u0633\u0627\u0632\u06cc\u062f \u06a9\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627 \u0648 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u062a\u0631\u06a9\u06cc\u0628 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<h2 id=\"heading-how-to-setup-your-development-environment\"><span class=\"ez-toc-section\" id=\"%da%86%da%af%d9%88%d9%86%d9%87_%d9%85%d8%ad%db%8c%d8%b7_%d8%aa%d9%88%d8%b3%d8%b9%d9%87_%d8%ae%d9%88%d8%af_%d8%b1%d8%a7_%d8%b1%d8%a7%d9%87_%d8%a7%d9%86%d8%af%d8%a7%d8%b2%db%8c_%da%a9%d9%86%db%8c%d8%af\"><\/span>\u0686\u06af\u0648\u0646\u0647 \u0645\u062d\u06cc\u0637 \u062a\u0648\u0633\u0639\u0647 \u062e\u0648\u062f \u0631\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u06cc\u0627\u06cc\u06cc\u062f \u0628\u0627 \u062a\u0646\u0638\u06cc\u0645 \u0645\u062d\u06cc\u0637 \u067e\u0627\u06cc\u062a\u0648\u0646 (\u0645\u0646 \u0627\u0632 \u067e\u0627\u06cc\u062a\u0648\u0646 3 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u0645) \u0648 \u0646\u0635\u0628 \u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u0645:<\/p>\n<pre><code class=\"lang-bash\">pip install scapy\npip install python-nmap\npip install numpy\npip install sklearn\n<\/code><\/pre>\n<h2 id=\"heading-building-the-core-ids-components\"><span class=\"ez-toc-section\" id=\"%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d8%a4%d9%84%d9%81%d9%87_%d9%87%d8%a7%db%8c_core_ids\"><\/span>\u0633\u0627\u062e\u062a \u0645\u0624\u0644\u0641\u0647 \u0647\u0627\u06cc Core IDS<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>IDS \u0645\u0627 \u0627\u0632 \u0686\u0647\u0627\u0631 \u062c\u0632\u0621 \u0627\u0635\u0644\u06cc \u062a\u0634\u06a9\u06cc\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a:<\/p>\n<ol>\n<li>\n<p>\u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647<\/p>\n<\/li>\n<li>\n<p>\u0645\u0627\u0698\u0648\u0644 \u0622\u0646\u0627\u0644\u06cc\u0632 \u062a\u0631\u0627\u0641\u06cc\u06a9<\/p>\n<\/li>\n<li>\n<p>\u06cc\u06a9 \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635<\/p>\n<\/li>\n<li>\n<p>\u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631<\/p>\n<\/li>\n<\/ol>\n<h3 id=\"heading-building-the-packet-capture-engine\"><span class=\"ez-toc-section\" id=\"%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d9%88%d8%aa%d9%88%d8%b1_%d8%b6%d8%a8%d8%b7_%d8%a8%d8%b3%d8%aa%d9%87_%d9%87%d8%a7\"><\/span>\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0647\u0627<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0628\u06cc\u0627\u06cc\u06cc\u062f \u0628\u0627 \u0645\u0648\u062a\u0648\u0631 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u0645. \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0627\u0632 Scapy \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. Scapy \u06cc\u06a9 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u0634\u0628\u06a9\u0647 \u0627\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0645\u0627 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0639\u0645\u0644\u06cc\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0634\u0628\u06a9\u0647 \u0648 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u0645.<\/p>\n<p>\u0627\u0628\u062a\u062f\u0627 \u0645\u0627 \u062e\u0648\u062f\u0645\u0627\u0646 \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u0645\u06cc \u06a9\u0646\u06cc\u0645 <code>PacketCapture<\/code> \u06a9\u0644\u0627\u0633\u06cc \u06a9\u0647 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u067e\u0627\u06cc\u0647 IDS \u0645\u0627 \u0639\u0645\u0644 \u062e\u0648\u0627\u0647\u062f \u06a9\u0631\u062f.<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-keyword\">from<\/span> scapy.all <span class=\"hljs-keyword\">import<\/span> sniff, IP, TCP\n<span class=\"hljs-keyword\">from<\/span> collections <span class=\"hljs-keyword\">import<\/span> defaultdict\n<span class=\"hljs-keyword\">import<\/span> threading\n<span class=\"hljs-keyword\">import<\/span> queue\n\n<span class=\"hljs-class\"><span class=\"hljs-keyword\">class<\/span> <span class=\"hljs-title\">PacketCapture<\/span>:<\/span>\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">__init__<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        self.packet_queue = queue.Queue()\n        self.stop_capture = threading.Event()\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">packet_callback<\/span>(<span class=\"hljs-params\">self, packet<\/span>):<\/span>\n        <span class=\"hljs-keyword\">if<\/span> IP <span class=\"hljs-keyword\">in<\/span> packet <span class=\"hljs-keyword\">and<\/span> TCP <span class=\"hljs-keyword\">in<\/span> packet:\n            self.packet_queue.put(packet)\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">start_capture<\/span>(<span class=\"hljs-params\">self, interface=<span class=\"hljs-string\">\"eth0\"<\/span><\/span>):<\/span>\n        <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">capture_thread<\/span>():<\/span>\n            sniff(iface=interface,\n                  prn=self.packet_callback,\n                  store=<span class=\"hljs-number\">0<\/span>,\n                  stop_filter=<span class=\"hljs-keyword\">lambda<\/span> _: self.stop_capture.is_set())\n\n        self.capture_thread = threading.Thread(target=capture_thread)\n        self.capture_thread.start()\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">stop<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        self.stop_capture.set()\n        self.capture_thread.join()\n<\/code><\/pre>\n<p>\u0628\u06cc\u0627\u06cc\u06cc\u062f \u0628\u0647 \u0633\u0631\u0639\u062a \u06a9\u062f \u0631\u0627 \u0645\u0631\u0648\u0631 \u06a9\u0646\u06cc\u0645 \u0648 \u0628\u0641\u0647\u0645\u06cc\u0645 \u06a9\u0647 \u0627\u06cc\u0646 \u062a\u0648\u0627\u0628\u0639 \u0686\u0647 \u06a9\u0627\u0631\u06cc \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u0646\u062f. \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631\u060c \u0627\u0632 threading \u0648 \u0635\u0641\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0622\u0645\u062f\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u062f process \u0648 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0636\u0628\u0637 \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>init<\/code> \u0645\u062a\u062f \u06a9\u0644\u0627\u0633 \u0631\u0627 \u0628\u0627 \u0627\u06cc\u062c\u0627\u062f a \u0645\u0642\u062f\u0627\u0631\u062f\u0647\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f <code>queue.Queue<\/code> \u0628\u0631\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u0628\u0633\u062a\u0647\u200c\u0647\u0627\u06cc \u0636\u0628\u0637\u200c\u0634\u062f\u0647 \u0648 \u06cc\u06a9 \u0631\u0648\u06cc\u062f\u0627\u062f \u0631\u0634\u062a\u0647\u200c\u0627\u06cc \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u0632\u0645\u0627\u0646 \u062a\u0648\u0642\u0641 \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647. \u0627\u06cc\u0646 <code>packet_callback<\/code> \u0645\u062a\u062f \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0646\u0646\u062f\u0647 \u0628\u0631\u0627\u06cc \u0647\u0631 \u0628\u0633\u062a\u0647 \u0636\u0628\u0637 \u0634\u062f\u0647 \u0639\u0645\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0628\u0631\u0631\u0633\u06cc \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0622\u06cc\u0627 \u0628\u0633\u062a\u0647 \u062f\u0627\u0631\u0627\u06cc \u0647\u0631 \u062f\u0648 \u0644\u0627\u06cc\u0647 IP \u0648 TCP \u0627\u0633\u062a. \u0627\u06af\u0631 \u0686\u0646\u06cc\u0646 \u0627\u0633\u062a\u060c \u0622\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u067e\u0631\u062f\u0627\u0632\u0634 \u0628\u06cc\u0634\u062a\u0631 \u0628\u0647 \u0635\u0641 \u0627\u0636\u0627\u0641\u0647 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>start_capture<\/code> \u0631\u0648\u0634 \u0634\u0631\u0648\u0639 \u0628\u0647 \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647 \u0647\u0627 \u0645\u06cc \u06a9\u0646\u062f \u0631\u0648\u06cc \u06cc\u06a9 \u0631\u0627\u0628\u0637 \u0645\u0634\u062e\u0635 (\u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0628\u0647 <code>eth0<\/code> \u0628\u0631\u0627\u06cc \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647 \u0647\u0627 \u0627\u0632 \u0631\u0627\u0628\u0637 \u0627\u062a\u0631\u0646\u062a). \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <code>ifconfig<\/code> \u0628\u0631\u0627\u06cc \u062f\u0631\u06a9 \u0631\u0627\u0628\u0637 \u0647\u0627\u06cc \u0645\u0648\u062c\u0648\u062f \u0648 \u0627\u0646\u062a\u062e\u0627\u0628 \u0631\u0627\u0628\u0637 \u0645\u0646\u0627\u0633\u0628 \u0627\u0632 \u0644\u06cc\u0633\u062a.<\/p>\n<p>\u0627\u06cc\u0646 \u062a\u0627\u0628\u0639 \u06cc\u06a9 \u0631\u0634\u062a\u0647 \u0645\u062c\u0632\u0627 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062a\u0627\u0628\u0639 sniff Scapy \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0637\u0648\u0631 \u0645\u062f\u0627\u0648\u0645 \u0631\u0627\u0628\u0637 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0628\u0633\u062a\u0647 \u0647\u0627 \u0646\u0638\u0627\u0631\u062a \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646 <code>stop_filter<\/code> \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u062a\u0636\u0645\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0636\u0628\u0637 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 <code>stop_capture<\/code> \u0631\u0648\u06cc\u062f\u0627\u062f \u062a\u062d\u0631\u06cc\u06a9 \u0645\u06cc \u0634\u0648\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>stop<\/code> \u0645\u062a\u062f \u0628\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0631\u062f\u0646\u060c \u0636\u0628\u0637 \u0631\u0627 \u0645\u062a\u0648\u0642\u0641 \u0645\u06cc \u06a9\u0646\u062f <code>stop_capture<\/code> \u0631\u0648\u06cc\u062f\u0627\u062f \u0648 \u0645\u0646\u062a\u0638\u0631 \u0645\u06cc \u0645\u0627\u0646\u062f \u062a\u0627 thread \u0627\u062c\u0631\u0627 \u0634\u0648\u062f \u0648 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u0634\u0648\u062f process \u062a\u0645\u06cc\u0632 \u062e\u0627\u062a\u0645\u0647 \u0645\u06cc \u06cc\u0627\u0628\u062f \u0627\u06cc\u0646 \u0637\u0631\u0627\u062d\u06cc \u0627\u0645\u06a9\u0627\u0646 \u06af\u0631\u0641\u062a\u0646 \u0628\u062f\u0648\u0646 \u062f\u0631\u0632 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0628\u0644\u0627\u062f\u0631\u0646\u06af \u0631\u0627 \u0628\u062f\u0648\u0646 \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0631\u0634\u062a\u0647 \u0627\u0635\u0644\u06cc \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<h3 id=\"heading-building-the-traffic-analysis-module\"><span class=\"ez-toc-section\" id=\"%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d8%a7%da%98%d9%88%d9%84_%d8%aa%d8%ad%d9%84%db%8c%d9%84_%d8%aa%d8%b1%d8%a7%d9%81%db%8c%da%a9\"><\/span>\u0633\u0627\u062e\u062a \u0645\u0627\u0698\u0648\u0644 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u062d\u0627\u0644\u0627 \u0628\u06cc\u0627\u06cc\u06cc\u062f \u0645\u0627\u0698\u0648\u0644 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0631\u0627 \u0628\u0646\u0648\u06cc\u0633\u06cc\u0645. \u0627\u06cc\u0646 \u0645\u0627\u0698\u0648\u0644 \u062e\u0648\u0627\u0647\u062f \u0634\u062f process \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0636\u0628\u0637 \u0634\u062f\u0647 \u0648 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637\u0647.<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-class\"><span class=\"hljs-keyword\">class<\/span> <span class=\"hljs-title\">TrafficAnalyzer<\/span>:<\/span>\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">__init__<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        self.connections = defaultdict(list)\n        self.flow_stats = defaultdict(<span class=\"hljs-keyword\">lambda<\/span>: {\n            <span class=\"hljs-string\">'packet_count'<\/span>: <span class=\"hljs-number\">0<\/span>,\n            <span class=\"hljs-string\">'byte_count'<\/span>: <span class=\"hljs-number\">0<\/span>,\n            <span class=\"hljs-string\">'start_time'<\/span>: <span class=\"hljs-literal\">None<\/span>,\n            <span class=\"hljs-string\">'last_time'<\/span>: <span class=\"hljs-literal\">None<\/span>\n        })\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">analyze_packet<\/span>(<span class=\"hljs-params\">self, packet<\/span>):<\/span>\n        <span class=\"hljs-keyword\">if<\/span> IP <span class=\"hljs-keyword\">in<\/span> packet <span class=\"hljs-keyword\">and<\/span> TCP <span class=\"hljs-keyword\">in<\/span> packet:\n            ip_src = packet[IP].src\n            ip_dst = packet[IP].dst\n            port_src = packet[TCP].sport\n            port_dst = packet[TCP].dport\n\n            flow_key = (ip_src, ip_dst, port_src, port_dst)\n\n            <span class=\"hljs-comment\"># Update flow statistics<\/span>\n            stats = self.flow_stats[flow_key]\n            stats[<span class=\"hljs-string\">'packet_count'<\/span>] += <span class=\"hljs-number\">1<\/span>\n            stats[<span class=\"hljs-string\">'byte_count'<\/span>] += len(packet)\n            current_time = packet.time\n\n            <span class=\"hljs-keyword\">if<\/span> <span class=\"hljs-keyword\">not<\/span> stats[<span class=\"hljs-string\">'start_time'<\/span>]:\n                stats[<span class=\"hljs-string\">'start_time'<\/span>] = current_time\n            stats[<span class=\"hljs-string\">'last_time'<\/span>] = current_time\n\n            <span class=\"hljs-keyword\">return<\/span> self.extract_features(packet, stats)\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">extract_features<\/span>(<span class=\"hljs-params\">self, packet, stats<\/span>):<\/span>\n        <span class=\"hljs-keyword\">return<\/span> {\n            <span class=\"hljs-string\">'packet_size'<\/span>: len(packet),\n            <span class=\"hljs-string\">'flow_duration'<\/span>: stats[<span class=\"hljs-string\">'last_time'<\/span>] - stats[<span class=\"hljs-string\">'start_time'<\/span>],\n            <span class=\"hljs-string\">'packet_rate'<\/span>: stats[<span class=\"hljs-string\">'packet_count'<\/span>] \/ (stats[<span class=\"hljs-string\">'last_time'<\/span>] - stats[<span class=\"hljs-string\">'start_time'<\/span>]),\n            <span class=\"hljs-string\">'byte_rate'<\/span>: stats[<span class=\"hljs-string\">'byte_count'<\/span>] \/ (stats[<span class=\"hljs-string\">'last_time'<\/span>] - stats[<span class=\"hljs-string\">'start_time'<\/span>]),\n            <span class=\"hljs-string\">'tcp_flags'<\/span>: packet[TCP].flags,\n            <span class=\"hljs-string\">'window_size'<\/span>: packet[TCP].window\n        }\n<\/code><\/pre>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0642\u0633\u0645\u062a \u06a9\u062f \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u0645\u06cc \u06a9\u0646\u06cc\u0645 <code>TrafficAnalyzer<\/code> \u06a9\u0644\u0627\u0633 \u0628\u0631\u0627\u06cc \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0645\u0627 \u062c\u0631\u06cc\u0627\u0646 \u0647\u0627\u06cc \u0627\u062a\u0635\u0627\u0644 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u0648 \u0622\u0645\u0627\u0631 \u0628\u0633\u062a\u0647 \u0647\u0627 \u0631\u0627 \u062f\u0631 \u0632\u0645\u0627\u0646 \u0648\u0627\u0642\u0639\u06cc \u0645\u062d\u0627\u0633\u0628\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u0645\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 <code>defaultdict<\/code> \u0633\u0627\u062e\u062a\u0627\u0631 \u062f\u0627\u062f\u0647 \u062f\u0631 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0648 \u0622\u0645\u0627\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0628\u0627 \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627 \u0628\u0631 \u0627\u0633\u0627\u0633 \u062c\u0631\u06cc\u0627\u0646 \u0647\u0627\u06cc \u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>__init__<\/code> \u0645\u062a\u062f \u062f\u0648 \u0648\u06cc\u0698\u06af\u06cc \u0631\u0627 \u0645\u0642\u062f\u0627\u0631\u062f\u0647\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f: <code>connections<\/code>\u060c \u06a9\u0647 \u0644\u06cc\u0633\u062a\u06cc \u0627\u0632 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0645\u0631\u062a\u0628\u0637 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0647\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0630\u062e\u06cc\u0631\u0647 \u0645\u06cc \u06a9\u0646\u062f \u0648 <code>flow_stats<\/code>\u060c \u06a9\u0647 \u0622\u0645\u0627\u0631\u0647\u0627\u06cc \u062c\u0645\u0639 \u0622\u0648\u0631\u06cc \u0634\u062f\u0647 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0647\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0630\u062e\u06cc\u0631\u0647 \u0645\u06cc \u06a9\u0646\u062f\u060c \u0645\u0627\u0646\u0646\u062f \u062a\u0639\u062f\u0627\u062f \u0628\u0633\u062a\u0647 \u0647\u0627\u060c \u062a\u0639\u062f\u0627\u062f \u0628\u0627\u06cc\u062a \u0647\u0627\u060c \u0632\u0645\u0627\u0646 \u0634\u0631\u0648\u0639 \u0648 \u0632\u0645\u0627\u0646 \u0622\u062e\u0631\u06cc\u0646 \u0628\u0633\u062a\u0647.<\/p>\n<p>\u0627\u06cc\u0646 <code>analyze_packet<\/code> \u0631\u0648\u0634 \u0647\u0631 \u0628\u0633\u062a\u0647 \u0631\u0627 \u067e\u0631\u062f\u0627\u0632\u0634 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06af\u0631 \u0628\u0633\u062a\u0647 \u062d\u0627\u0648\u06cc \u0644\u0627\u06cc\u0647\u200c\u0647\u0627\u06cc IP \u0648 TCP \u0628\u0627\u0634\u062f\u060c \u0622\u06cc\u200c\u067e\u06cc\u200c\u0647\u0627 \u0648 \u067e\u0648\u0631\u062a\u200c\u0647\u0627\u06cc \u0645\u0628\u062f\u0627 \u0648 \u0645\u0642\u0635\u062f \u0631\u0627 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u06cc\u06a9 \u06cc\u06a9 \u0645\u0646\u062d\u0635\u0631\u0628\u0647\u200c\u0641\u0631\u062f \u0631\u0627 \u062a\u0634\u06a9\u06cc\u0644 \u0645\u06cc\u200c\u062f\u0647\u062f. <code>flow_key<\/code> \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u062c\u0631\u06cc\u0627\u0646 \u0628\u0627 \u0627\u0641\u0632\u0627\u06cc\u0634 \u062a\u0639\u062f\u0627\u062f \u0628\u0633\u062a\u0647 \u0647\u0627\u060c \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0646 \u0627\u0646\u062f\u0627\u0632\u0647 \u0628\u0633\u062a\u0647 \u0628\u0647 \u062a\u0639\u062f\u0627\u062f \u0628\u0627\u06cc\u062a \u0647\u0627 \u0648 \u062a\u0646\u0638\u06cc\u0645 \u06cc\u0627 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0632\u0645\u0627\u0646 \u0634\u0631\u0648\u0639 \u0648 \u0622\u062e\u0631\u06cc\u0646 \u062c\u0631\u06cc\u0627\u0646\u060c \u0622\u0645\u0627\u0631 \u062c\u0631\u06cc\u0627\u0646 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u0645\u06cc \u06a9\u0646\u062f. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a \u062a\u0645\u0627\u0633 \u0645\u06cc \u06af\u06cc\u0631\u062f <code>extract_features<\/code> \u0628\u0631\u0627\u06cc \u0645\u062d\u0627\u0633\u0628\u0647 \u0648 \u0628\u0631\u06af\u0631\u062f\u0627\u0646\u062f\u0646 \u0645\u0639\u06cc\u0627\u0631\u0647\u0627\u06cc \u0627\u0636\u0627\u0641\u06cc.<\/p>\n<p>\u0627\u06cc\u0646 <code>extract_features<\/code> \u0627\u06cc\u0646 \u0631\u0648\u0634 \u0645\u0634\u062e\u0635\u0627\u062a \u062f\u0642\u06cc\u0642 \u062c\u0631\u06cc\u0627\u0646 \u0648 \u0628\u0633\u062a\u0647 \u062c\u0627\u0631\u06cc \u0631\u0627 \u0645\u062d\u0627\u0633\u0628\u0647 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646\u0647\u0627 \u0634\u0627\u0645\u0644 \u0627\u0646\u062f\u0627\u0632\u0647 \u0628\u0633\u062a\u0647\u060c \u0645\u062f\u062a \u0632\u0645\u0627\u0646 \u062c\u0631\u06cc\u0627\u0646\u060c \u0646\u0631\u062e \u0628\u0633\u062a\u0647\u060c \u0646\u0631\u062e \u0628\u0627\u06cc\u062a\u060c \u067e\u0631\u0686\u0645 \u0647\u0627\u06cc TCP \u0648 \u0627\u0646\u062f\u0627\u0632\u0647 \u067e\u0646\u062c\u0631\u0647 TCP \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0645\u0639\u06cc\u0627\u0631\u0647\u0627 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0627\u0644\u06af\u0648\u0647\u0627\u060c \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0647\u0627 \u06cc\u0627 \u062a\u0647\u062f\u06cc\u062f\u0647\u0627\u06cc \u0628\u0627\u0644\u0642\u0648\u0647 \u062f\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u06a9\u0627\u0645\u0644\u0627\u064b \u0645\u0641\u06cc\u062f \u0647\u0633\u062a\u0646\u062f.<\/p>\n<h3 id=\"heading-building-the-detection-engine\"><span class=\"ez-toc-section\" id=\"%d8%b3%d8%a7%d8%ae%d8%aa_%d9%85%d9%88%d8%aa%d9%88%d8%b1_%d8%aa%d8%b4%d8%ae%db%8c%d8%b5\"><\/span>\u0633\u0627\u062e\u062a \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635 \u062e\u0648\u062f \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0647\u0645 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645\u200c\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0648 \u0647\u0645 \u0627\u0645\u0636\u0627 \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc\u200c\u06a9\u0646\u062f:<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-keyword\">from<\/span> sklearn.ensemble <span class=\"hljs-keyword\">import<\/span> IsolationForest\n<span class=\"hljs-keyword\">import<\/span> numpy <span class=\"hljs-keyword\">as<\/span> np\n\n<span class=\"hljs-class\"><span class=\"hljs-keyword\">class<\/span> <span class=\"hljs-title\">DetectionEngine<\/span>:<\/span>\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">__init__<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        self.anomaly_detector = IsolationForest(\n            contamination=<span class=\"hljs-number\">0.1<\/span>,\n            random_state=<span class=\"hljs-number\">42<\/span>\n        )\n        self.signature_rules = self.load_signature_rules()\n        self.training_data = []\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">load_signature_rules<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        <span class=\"hljs-keyword\">return<\/span> {\n            <span class=\"hljs-string\">'syn_flood'<\/span>: {\n                <span class=\"hljs-string\">'condition'<\/span>: <span class=\"hljs-keyword\">lambda<\/span> features: (\n                    features[<span class=\"hljs-string\">'tcp_flags'<\/span>] == <span class=\"hljs-number\">2<\/span> <span class=\"hljs-keyword\">and<\/span>  <span class=\"hljs-comment\"># SYN flag<\/span>\n                    features[<span class=\"hljs-string\">'packet_rate'<\/span>] &gt; <span class=\"hljs-number\">100<\/span>\n                )\n            },\n            <span class=\"hljs-string\">'port_scan'<\/span>: {\n                <span class=\"hljs-string\">'condition'<\/span>: <span class=\"hljs-keyword\">lambda<\/span> features: (\n                    features[<span class=\"hljs-string\">'packet_size'<\/span>] &lt; <span class=\"hljs-number\">100<\/span> <span class=\"hljs-keyword\">and<\/span>\n                    features[<span class=\"hljs-string\">'packet_rate'<\/span>] &gt; <span class=\"hljs-number\">50<\/span>\n                )\n            }\n        }\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">train_anomaly_detector<\/span>(<span class=\"hljs-params\">self, normal_traffic_data<\/span>):<\/span>\n        self.anomaly_detector.fit(normal_traffic_data)\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">detect_threats<\/span>(<span class=\"hljs-params\">self, features<\/span>):<\/span>\n        threats = []\n\n        <span class=\"hljs-comment\"># Signature-based detection<\/span>\n        <span class=\"hljs-keyword\">for<\/span> rule_name, rule <span class=\"hljs-keyword\">in<\/span> self.signature_rules.items():\n            <span class=\"hljs-keyword\">if<\/span> rule[<span class=\"hljs-string\">'condition'<\/span>](features):\n                threats.append({\n                    <span class=\"hljs-string\">'type'<\/span>: <span class=\"hljs-string\">'signature'<\/span>,\n                    <span class=\"hljs-string\">'rule'<\/span>: rule_name,\n                    <span class=\"hljs-string\">'confidence'<\/span>: <span class=\"hljs-number\">1.0<\/span>\n                })\n\n        <span class=\"hljs-comment\"># Anomaly-based detection<\/span>\n        feature_vector = np.array([[\n            features[<span class=\"hljs-string\">'packet_size'<\/span>],\n            features[<span class=\"hljs-string\">'packet_rate'<\/span>],\n            features[<span class=\"hljs-string\">'byte_rate'<\/span>]\n        ]])\n\n        anomaly_score = self.anomaly_detector.score_samples(feature_vector)[<span class=\"hljs-number\">0<\/span>]\n        <span class=\"hljs-keyword\">if<\/span> anomaly_score &lt; <span class=\"hljs-number\">-0.5<\/span>:  <span class=\"hljs-comment\"># Threshold for anomaly detection<\/span>\n            threats.append({\n                <span class=\"hljs-string\">'type'<\/span>: <span class=\"hljs-string\">'anomaly'<\/span>,\n                <span class=\"hljs-string\">'score'<\/span>: anomaly_score,\n                <span class=\"hljs-string\">'confidence'<\/span>: min(<span class=\"hljs-number\">1.0<\/span>, abs(anomaly_score))\n            })\n\n        <span class=\"hljs-keyword\">return<\/span> threats\n<\/code><\/pre>\n<p>\u0627\u06cc\u0646 \u06a9\u062f \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0631\u06a9\u06cc\u0628\u06cc \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0631\u0648\u0634 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627 \u0648 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0631\u0627 \u062a\u0631\u06a9\u06cc\u0628 \u0645\u06cc \u06a9\u0646\u062f. \u0645\u0627 \u0627\u0632 \u0645\u062f\u0644 Isolation Forest \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0647\u0627 \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0632 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0627\u0632 \u067e\u06cc\u0634 \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0627\u0644\u06af\u0648\u0647\u0627\u06cc \u062d\u0645\u0644\u0647 \u062e\u0627\u0635 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u0627\u06af\u0631 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u062f \u062f\u0631 \u0645\u0648\u0631\u062f \u0631\u0648\u0634 \u0639\u0645\u0644\u06a9\u0631\u062f \u0645\u062f\u0644 \u062c\u0646\u06af\u0644 \u0627\u06cc\u0632\u0648\u0644\u0647 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062f\u0627\u0646\u06cc\u062f\u060c \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0642\u0637\u0639\u0647 \u06a9\u062f\u060c <code>train_anomaly_detector<\/code> \u0631\u0648\u0634\u060c \u0645\u062f\u0644 \u062c\u0646\u06af\u0644 \u0627\u06cc\u0632\u0648\u0644\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u062c\u0645\u0648\u0639\u0647 \u062f\u0627\u062f\u0647 \u0627\u06cc \u0627\u0632 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0639\u0627\u062f\u06cc \u0622\u0645\u0648\u0632\u0634 \u0645\u06cc \u062f\u0647\u062f. \u0627\u06cc\u0646 \u0645\u062f\u0644 \u0631\u0627 \u0642\u0627\u062f\u0631 \u0645\u06cc \u0633\u0627\u0632\u062f \u062a\u0627 \u0627\u0644\u06af\u0648\u0647\u0627\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u0639\u0645\u0648\u0644\u06cc \u0631\u0627 \u0627\u0632 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0647\u0627 \u0645\u062a\u0645\u0627\u06cc\u0632 \u06a9\u0646\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>detect_threats<\/code> \u0627\u06cc\u0646 \u0631\u0648\u0634 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0628\u0631\u0627\u06cc \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0648 \u0631\u0648\u06cc\u06a9\u0631\u062f \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u0645\u06cc \u06a9\u0646\u062f:<\/p>\n<ol>\n<li>\n<p><strong>\u062a\u0634\u062e\u06cc\u0635 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627<\/strong>: \u0628\u0647 \u0637\u0648\u0631 \u0645\u06a9\u0631\u0631 \u0627\u0632 \u0647\u0631 \u06cc\u06a9 \u0627\u0632 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0627\u0632 \u067e\u06cc\u0634 \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0639\u0628\u0648\u0631 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0634\u0631\u0627\u06cc\u0637 \u0642\u0627\u0646\u0648\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06af\u0631 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u06cc\u06a9 \u062a\u0647\u062f\u06cc\u062f \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627 \u0628\u0627 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0628\u0627\u0644\u0627 \u062b\u0628\u062a \u0645\u06cc \u0634\u0648\u062f.<\/p>\n<\/li>\n<li>\n<p><strong>\u062a\u0634\u062e\u06cc\u0635 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc<\/strong>: \u0628\u0631\u062f\u0627\u0631 \u0648\u06cc\u0698\u06af\u06cc (\u0627\u0646\u062f\u0627\u0632\u0647 \u0628\u0633\u062a\u0647\u060c \u0646\u0631\u062e \u0628\u0633\u062a\u0647 \u0648 \u0646\u0631\u062e \u0628\u0627\u06cc\u062a) \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0645\u062f\u0644 Isolation Forest \u067e\u0631\u062f\u0627\u0632\u0634 \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0631\u0627 \u0645\u062d\u0627\u0633\u0628\u0647 \u06a9\u0646\u062f. \u0627\u06af\u0631 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0646\u0634\u0627\u0646 \u062f\u0647\u0646\u062f\u0647 \u0631\u0641\u062a\u0627\u0631 \u063a\u06cc\u0631\u0639\u0627\u062f\u06cc \u0628\u0627\u0634\u062f\u060c \u0645\u0648\u062a\u0648\u0631 \u062a\u0634\u062e\u06cc\u0635 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0641\u0639\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u06cc\u06a9 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0645\u062a\u0646\u0627\u0633\u0628 \u0628\u0627 \u0634\u062f\u062a \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<\/li>\n<\/ol>\n<p>\u062f\u0631 \u0646\u0647\u0627\u06cc\u062a\u060c \u0641\u0647\u0631\u0633\u062a \u0627\u0646\u0628\u0648\u0647\u06cc \u0627\u0632 \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u200c\u0634\u062f\u0647 \u0631\u0627 \u0628\u0627 \u062d\u0627\u0634\u06cc\u0647\u200c\u0646\u0648\u06cc\u0633\u06cc \u0645\u0631\u0628\u0648\u0637\u0647 (\u0627\u0639\u0645 \u0627\u0632 \u0627\u0645\u0636\u0627 \u06cc\u0627 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc)\u060c \u0642\u0627\u0646\u0648\u0646 \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u06cc \u06a9\u0647 \u0628\u0627\u0639\u062b \u0627\u06cc\u062c\u0627\u062f \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0648 \u06cc\u06a9 \u0627\u0645\u062a\u06cc\u0627\u0632 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u06a9\u0647 \u0646\u0634\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u0686\u0642\u062f\u0631 \u0627\u062d\u062a\u0645\u0627\u0644 \u062f\u0627\u0631\u062f \u06a9\u0647 \u0627\u0644\u06af\u0648\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u200c\u0634\u062f\u0647 \u06cc\u06a9 \u062a\u0647\u062f\u06cc\u062f \u0628\u0627\u0634\u062f\u060c \u0628\u0631\u0645\u06cc\u200c\u06af\u0631\u062f\u0627\u0646\u06cc\u0645.<\/p>\n<h3 id=\"heading-building-the-alert-system\"><span class=\"ez-toc-section\" id=\"%d8%b3%d8%a7%d8%ae%d8%aa%d9%86_%d8%b3%db%8c%d8%b3%d8%aa%d9%85_%d9%87%d8%b4%d8%af%d8%a7%d8%b1\"><\/span>\u0633\u0627\u062e\u062a\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u062d\u0627\u0644\u0627 \u0628\u06cc\u0627\u06cc\u06cc\u062f \u0622\u062e\u0631\u06cc\u0646 \u062c\u0632\u0621 IDS \u062e\u0648\u062f \u0631\u0627 \u0628\u0633\u0627\u0632\u06cc\u0645 \u06a9\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631 \u0627\u0633\u062a. \u062e\u0648\u0627\u0647\u062f \u0634\u062f process \u0648 \u062a\u0647\u062f\u06cc\u062f\u0647\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0634\u06cc \u0633\u0627\u062e\u062a\u0627\u0631\u06cc\u0627\u0641\u062a\u0647 \u062b\u0628\u062a \u06a9\u0646\u06cc\u062f. \u0634\u0645\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u06af\u0633\u062a\u0631\u0634 \u062f\u0647\u06cc\u062f \u062a\u0627 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 \u0647\u0627\u06cc \u0627\u0639\u0644\u0627\u0646 \u0627\u0636\u0627\u0641\u06cc \u0645\u0627\u0646\u0646\u062f \u0628\u0644\u06cc\u0637 \u0647\u0627\u06cc Slack\u060c Jira \u0648 \u063a\u06cc\u0631\u0647 \u0631\u0627 \u0634\u0627\u0645\u0644 \u0634\u0648\u062f. \u0631\u0648\u06cc<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-keyword\">import<\/span> logging\n<span class=\"hljs-keyword\">import<\/span> json\n<span class=\"hljs-keyword\">from<\/span> datetime <span class=\"hljs-keyword\">import<\/span> datetime\n\n<span class=\"hljs-class\"><span class=\"hljs-keyword\">class<\/span> <span class=\"hljs-title\">AlertSystem<\/span>:<\/span>\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">__init__<\/span>(<span class=\"hljs-params\">self, log_file=<span class=\"hljs-string\">\"ids_alerts.log\"<\/span><\/span>):<\/span>\n        self.logger = logging.getLogger(<span class=\"hljs-string\">\"IDS_Alerts\"<\/span>)\n        self.logger.setLevel(logging.INFO)\n\n        handler = logging.FileHandler(log_file)\n        formatter = logging.Formatter(\n            <span class=\"hljs-string\">'%(asctime)s - %(levelname)s - %(message)s'<\/span>\n        )\n        handler.setFormatter(formatter)\n        self.logger.addHandler(handler)\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">generate_alert<\/span>(<span class=\"hljs-params\">self, threat, packet_info<\/span>):<\/span>\n        alert = {\n            <span class=\"hljs-string\">'timestamp'<\/span>: datetime.now().isoformat(),\n            <span class=\"hljs-string\">'threat_type'<\/span>: threat[<span class=\"hljs-string\">'type'<\/span>],\n            <span class=\"hljs-string\">'source_ip'<\/span>: packet_info.get(<span class=\"hljs-string\">'source_ip'<\/span>),\n            <span class=\"hljs-string\">'destination_ip'<\/span>: packet_info.get(<span class=\"hljs-string\">'destination_ip'<\/span>),\n            <span class=\"hljs-string\">'confidence'<\/span>: threat.get(<span class=\"hljs-string\">'confidence'<\/span>, <span class=\"hljs-number\">0.0<\/span>),\n            <span class=\"hljs-string\">'details'<\/span>: threat\n        }\n\n        self.logger.warning(json.dumps(alert))\n\n        <span class=\"hljs-keyword\">if<\/span> threat[<span class=\"hljs-string\">'confidence'<\/span>] &gt; <span class=\"hljs-number\">0.8<\/span>:\n            self.logger.critical(\n                <span class=\"hljs-string\">f\"High confidence threat detected: <span class=\"hljs-subst\">{json.dumps(alert)}<\/span>\"<\/span>\n            )\n            <span class=\"hljs-comment\"># Implement additional notification methods here<\/span>\n            <span class=\"hljs-comment\"># (e.g., email, Slack, SIEM integration)<\/span>\n<\/code><\/pre>\n<p>\u0627\u06cc\u0646 <code>init<\/code> \u0645\u062a\u062f \u06cc\u06a9 \u0644\u0627\u06af\u0631 \u0628\u0647 \u0646\u0627\u0645 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u062f <code>IDS_Alerts<\/code> \u0628\u0627 \u06cc\u06a9 <code>INFO<\/code> \u0633\u0637\u062d \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0628\u0631\u0627\u06cc \u06af\u0631\u0641\u062a\u0646 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0647\u0634\u062f\u0627\u0631. \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627 \u0631\u0627 \u062f\u0631 \u06cc\u06a9 \u0641\u0627\u06cc\u0644 \u0645\u0634\u062e\u0635 \u0645\u06cc\u200c\u0646\u0648\u06cc\u0633\u062f\u060c <code>ids_alerts.log<\/code> \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0627\u0644\u0641 <code>FileHandler<\/code> \u0633\u06cc\u0627\u0647\u0647\u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637 \u0631\u0627 \u0628\u0647 \u0641\u0627\u06cc\u0644 \u0647\u062f\u0627\u06cc\u062a \u0645\u06cc \u06a9\u0646\u062f\u060c \u062f\u0631 \u062d\u0627\u0644\u06cc \u06a9\u0647 <code>Formatter<\/code> \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u06af\u0632\u0627\u0631\u0634 \u0647\u0627 \u0627\u0632 \u06cc\u06a9 \u0642\u0627\u0644\u0628 \u062b\u0627\u0628\u062a \u067e\u06cc\u0631\u0648\u06cc \u0645\u06cc \u06a9\u0646\u0646\u062f.<\/p>\n<p>\u0627\u06cc\u0646 <code>generate_alert<\/code> \u0645\u062a\u062f \u0645\u0633\u0626\u0648\u0644 \u0627\u06cc\u062c\u0627\u062f \u0648\u0631\u0648\u062f\u06cc \u0647\u0627\u06cc \u0647\u0634\u062f\u0627\u0631 \u0633\u0627\u062e\u062a\u0627\u0631\u06cc\u0627\u0641\u062a\u0647 \u0627\u0633\u062a. \u0647\u0631 \u0647\u0634\u062f\u0627\u0631 \u0634\u0627\u0645\u0644 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u06a9\u0644\u06cc\u062f\u06cc \u0645\u0627\u0646\u0646\u062f \u0645\u0647\u0631 \u0632\u0645\u0627\u0646\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u0646\u0648\u0639 \u062a\u0647\u062f\u06cc\u062f\u060c IP \u0647\u0627\u06cc \u0645\u0628\u062f\u0627 \u0648 \u0645\u0642\u0635\u062f \u062f\u0631\u06af\u06cc\u0631\u060c \u0633\u0637\u062d \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u062c\u0632\u0626\u06cc\u0627\u062a \u0627\u0636\u0627\u0641\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u062a\u0647\u062f\u06cc\u062f \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u062b\u0628\u062a \u0645\u06cc \u0634\u0648\u0646\u062f <code>WARNING<\/code> \u067e\u06cc\u0627\u0645 \u0647\u0627\u06cc \u0633\u0637\u062d \u0628\u0627 \u0641\u0631\u0645\u062a JSON.<\/p>\n<p>\u0627\u06af\u0631 \u0633\u0637\u062d \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u06cc\u06a9 \u062a\u0647\u062f\u06cc\u062f \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0628\u0627\u0644\u0627 \u0628\u0627\u0634\u062f (\u0628\u06cc\u0634\u062a\u0631 \u0627\u0632 0.8)\u060c \u0647\u0634\u062f\u0627\u0631 \u0627\u0641\u0632\u0627\u06cc\u0634 \u06cc\u0627\u0641\u062a\u0647 \u0648 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062b\u0628\u062a \u0645\u06cc \u0634\u0648\u062f. <code>CRITICAL<\/code> \u067e\u06cc\u0627\u0645 \u0633\u0637\u062d \u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0631\u0648\u0634 \u0628\u0647 \u06af\u0648\u0646\u0647\u200c\u0627\u06cc \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0642\u0627\u0628\u0644 \u062a\u0648\u0633\u0639\u0647 \u0628\u0627\u0634\u062f \u0648 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645\u200c\u0647\u0627\u06cc \u0627\u0639\u0644\u0627\u0646 \u0627\u0636\u0627\u0641\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u0631\u0633\u0627\u0644 \u0647\u0634\u062f\u0627\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0627\u06cc\u0645\u06cc\u0644 \u06cc\u0627 \u0627\u062f\u063a\u0627\u0645 \u0628\u0627 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0645\u0627\u0646\u0646\u062f \u0631\u0627\u0647\u200c\u062d\u0644\u200c\u0647\u0627\u06cc Slack \u06cc\u0627 SIEM \u0631\u0627 \u0627\u0645\u06a9\u0627\u0646\u200c\u067e\u0630\u06cc\u0631 \u0645\u06cc\u200c\u06a9\u0646\u062f.<\/p>\n<h3 id=\"heading-putting-it-all-together\"><span class=\"ez-toc-section\" id=\"%d9%82%d8%b1%d8%a7%d8%b1_%d8%af%d8%a7%d8%af%d9%86_%d8%a2%d9%86_%d9%87%d9%85%d9%87_%d8%a8%d8%a7_%d9%87%d9%85\"><\/span>\u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0646 \u0622\u0646 \u0647\u0645\u0647 \u0628\u0627 \u0647\u0645<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u0628\u06cc\u0627\u06cc\u06cc\u062f \u0647\u0645\u0647 \u0627\u062c\u0632\u0627 \u0631\u0627 \u0628\u0627 \u0647\u0645 \u062f\u0631 \u0631\u0627\u0647 \u062d\u0644 IDS \u06a9\u0627\u0645\u0644\u0627\u064b \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062e\u0648\u062f \u0627\u062f\u063a\u0627\u0645 \u06a9\u0646\u06cc\u0645:<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-class\"><span class=\"hljs-keyword\">class<\/span> <span class=\"hljs-title\">IntrusionDetectionSystem<\/span>:<\/span>\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">__init__<\/span>(<span class=\"hljs-params\">self, interface=<span class=\"hljs-string\">\"eth0\"<\/span><\/span>):<\/span>\n        self.packet_capture = PacketCapture()\n        self.traffic_analyzer = TrafficAnalyzer()\n        self.detection_engine = DetectionEngine()\n        self.alert_system = AlertSystem()\n\n        self.interface = interface\n\n    <span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">start<\/span>(<span class=\"hljs-params\">self<\/span>):<\/span>\n        print(<span class=\"hljs-string\">f\"Starting IDS \u0631\u0648\u06cc interface <span class=\"hljs-subst\">{self.interface}<\/span>\"<\/span>)\n        self.packet_capture.start_capture(self.interface)\n\n        <span class=\"hljs-keyword\">while<\/span> <span class=\"hljs-literal\">True<\/span>:\n            <span class=\"hljs-keyword\">try<\/span>:\n                packet = self.packet_capture.packet_queue.get(timeout=<span class=\"hljs-number\">1<\/span>)\n                features = self.traffic_analyzer.analyze_packet(packet)\n\n                <span class=\"hljs-keyword\">if<\/span> features:\n                    threats = self.detection_engine.detect_threats(features)\n\n                    <span class=\"hljs-keyword\">for<\/span> threat <span class=\"hljs-keyword\">in<\/span> threats:\n                        packet_info = {\n                            <span class=\"hljs-string\">'source_ip'<\/span>: packet[IP].src,\n                            <span class=\"hljs-string\">'destination_ip'<\/span>: packet[IP].dst,\n                            <span class=\"hljs-string\">'source_port'<\/span>: packet[TCP].sport,\n                            <span class=\"hljs-string\">'destination_port'<\/span>: packet[TCP].dport\n                        }\n                        self.alert_system.generate_alert(threat, packet_info)\n\n            <span class=\"hljs-keyword\">except<\/span> queue.Empty:\n                <span class=\"hljs-keyword\">continue<\/span>\n            <span class=\"hljs-keyword\">except<\/span> KeyboardInterrupt:\n                print(<span class=\"hljs-string\">\"Stopping IDS...\"<\/span>)\n                self.packet_capture.stop()\n                <span class=\"hljs-keyword\">break<\/span>\n\n<span class=\"hljs-keyword\">if<\/span> __name__ == <span class=\"hljs-string\">\"__main__\"<\/span>:\n    ids = IntrusionDetectionSystem()\n    ids.start()\n<\/code><\/pre>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u06a9\u062f\u060c <code>IntrusionDetectionSystem<\/code> \u06a9\u0644\u0627\u0633 \u0627\u062c\u0632\u0627\u06cc \u0627\u0635\u0644\u06cc \u062e\u0648\u062f \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u062f: <code>PacketCapture<\/code> \u0628\u0631\u0627\u06cc \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647 \u0647\u0627 \u0627\u0632 \u06cc\u06a9 \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647\u060c <code>TrafficAnalyzer<\/code> \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0648 \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u0628\u0633\u062a\u0647\u060c <code>DetectionEngine<\/code> \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u062a\u0647\u062f\u06cc\u062f\u0647\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0647\u0631 \u062f\u0648 \u0631\u0648\u0634 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0645\u0636\u0627 \u0648 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc\u060c \u0648 <code>AlertSystem<\/code> \u0628\u0631\u0627\u06cc \u062b\u0628\u062a \u0648 \u062a\u0634\u062f\u06cc\u062f \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647. \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u0627\u06cc\u0646\u062a\u0631\u0641\u06cc\u0633\u060c \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0645\u0634\u062e\u0635 \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u0628\u0647\u200c\u0637\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 <code>eth0<\/code> (\u0648\u0627\u0633\u0637 \u0627\u062a\u0631\u0646\u062a \u06a9\u0647 \u0645\u0639\u0645\u0648\u0644\u0627\u064b \u0646\u0627\u0645\u06af\u0630\u0627\u0631\u06cc \u0645\u06cc \u0634\u0648\u062f \u0631\u0648\u06cc \u0627\u06a9\u062b\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627).<\/p>\n<p>\u0627\u06cc\u0646 <code>start<\/code> \u062a\u0627\u0628\u0639 IDS \u0631\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u0628\u0627 \u0634\u0631\u0648\u0639 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0634\u0631\u0648\u0639 \u0645\u06cc \u0634\u0648\u062f \u0631\u0648\u06cc \u0631\u0627\u0628\u0637 \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u0648 \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0648\u0633\u062a\u0647 \u0648\u0627\u0631\u062f \u06cc\u06a9 \u062d\u0644\u0642\u0647 \u0645\u06cc \u0634\u0648\u062f process \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a\u06cc \u0628\u0631\u0627\u06cc \u0647\u0631 \u0628\u0633\u062a\u0647 \u0636\u0628\u0637 \u0634\u062f\u0647\u060c \u0633\u06cc\u0633\u062a\u0645 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0646 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0645\u06cc \u06a9\u0646\u062f <code>TrafficAnalyzer<\/code> \u0648 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <code>DetectionEngine<\/code>. \u0627\u06af\u0631 \u062a\u0647\u062f\u06cc\u062f\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u0648\u062f\u060c \u0633\u06cc\u0633\u062a\u0645 \u0647\u0634\u062f\u0627\u0631\u0647\u0627\u06cc \u062f\u0642\u06cc\u0642\u06cc \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0622\u0646 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f <code>AlertSystem<\/code>.<\/p>\n<p>\u0633\u06cc\u0633\u062a\u0645 \u062f\u0631 \u06cc\u06a9 \u062d\u0644\u0642\u0647 \u0627\u062c\u0631\u0627 \u0645\u06cc \u0634\u0648\u062f \u062a\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u062a\u0648\u0633\u0637 \u06cc\u06a9\u06cc \u0627\u0632 \u062f\u0648 \u0627\u0633\u062a\u062b\u0646\u0627\u06cc \u06a9\u0644\u06cc\u062f\u06cc \u0642\u0637\u0639 \u0634\u0648\u062f: <code>queue.Empty<\/code>\u060c \u06a9\u0647 \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u0631\u062e \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0647\u06cc\u0686 \u0628\u0633\u062a\u0647 \u0627\u06cc \u0628\u0631\u0627\u06cc \u067e\u0631\u062f\u0627\u0632\u0634 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0646\u0628\u0627\u0634\u062f\u060c \u0648 <code>KeyboardInterrupt<\/code>\u060c \u06a9\u0647 \u0628\u0627 \u062a\u0648\u0642\u0641 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0648 \u062e\u0631\u0648\u062c \u0627\u0632 \u062d\u0644\u0642\u0647\u060c IDS \u0631\u0627 \u0628\u0647 \u062e\u0648\u0628\u06cc \u0645\u062a\u0648\u0642\u0641 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<h2 id=\"heading-ideas-to-extend-the-ids\"><span class=\"ez-toc-section\" id=\"%d8%a7%db%8c%d8%af%d9%87_%d9%87%d8%a7%db%8c%db%8c_%d8%a8%d8%b1%d8%a7%db%8c_%da%af%d8%b3%d8%aa%d8%b1%d8%b4_ids\"><\/span>\u0627\u06cc\u062f\u0647 \u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u06af\u0633\u062a\u0631\u0634 IDS<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0631\u0627\u06cc \u062a\u0642\u0648\u06cc\u062a \u06cc\u0627 \u06af\u0633\u062a\u0631\u0634 IDS\u060c \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0648\u06cc\u0698\u06af\u06cc\u200c\u0647\u0627\/\u0628\u0647\u0628\u0648\u062f\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u0637\u0631\u0627\u062d\u06cc \u06cc\u0627 \u067e\u06cc\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f:<\/p>\n<ol>\n<li>\n<p><strong>\u067e\u06cc\u0634\u0631\u0641\u062a \u0647\u0627\u06cc \u06cc\u0627\u062f\u06af\u06cc\u0631\u06cc \u0645\u0627\u0634\u06cc\u0646:<\/strong> \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc IDS \u0631\u0627 \u0628\u0627 \u062a\u0631\u06a9\u06cc\u0628 \u0645\u062f\u0644\u200c\u0647\u0627\u06cc \u06cc\u0627\u062f\u06af\u06cc\u0631\u06cc \u0639\u0645\u06cc\u0642 \u0645\u0627\u0646\u0646\u062f \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u0647\u0627\u06cc \u062e\u0648\u062f\u06a9\u0627\u0631 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0648 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 RNN \u0628\u0631\u0627\u06cc \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0627\u0644\u06af\u0648\u06cc \u0645\u062a\u0648\u0627\u0644\u06cc \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u06cc\u062f. \u0627\u06cc\u0646 \u062a\u0648\u0627\u0646\u0627\u06cc\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u062a\u0647\u062f\u06cc\u062f\u0647\u0627\u06cc \u067e\u06cc\u0686\u06cc\u062f\u0647 \u0648 \u062f\u0631 \u062d\u0627\u0644 \u062a\u062d\u0648\u0644 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u0647\u0646\u062f\u0633\u06cc \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u0628\u0647\u0628\u0648\u062f \u0645\u06cc \u0628\u062e\u0634\u062f.<\/p>\n<\/li>\n<li>\n<p><strong>\u0628\u0647\u06cc\u0646\u0647 \u0633\u0627\u0632\u06cc \u0639\u0645\u0644\u06a9\u0631\u062f<\/strong>: \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f IDS \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 PyPy \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u0633\u0631\u06cc\u0639\u200c\u062a\u0631\u060c \u0646\u0645\u0648\u0646\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0628\u0633\u062a\u0647\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0634\u0628\u06a9\u0647\u200c\u0647\u0627\u06cc \u067e\u0631\u062a\u0631\u0627\u0641\u06cc\u06a9 \u0648 \u067e\u0631\u062f\u0627\u0632\u0634 \u0645\u0648\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0645\u0642\u06cc\u0627\u0633\u200c\u0628\u0646\u062f\u06cc \u06a9\u0627\u0631\u0622\u0645\u062f \u0633\u06cc\u0633\u062a\u0645 \u0628\u0647\u06cc\u0646\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n<\/li>\n<li>\n<p><strong>\u0642\u0627\u0628\u0644\u06cc\u062a \u0647\u0627\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0633\u0627\u0632\u06cc<\/strong>: \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f IDS \u0631\u0627 \u0628\u0627 \u062f\u0631 \u0646\u0638\u0631 \u06af\u0631\u0641\u062a\u0646 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0627\u0632 \u06cc\u06a9 REST API \u0628\u0631\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u06af\u0633\u062a\u0631\u0634 \u062f\u0647\u06cc\u062f\u060c \u06a9\u0647 \u062a\u0639\u0627\u0645\u0644 \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0628\u0627 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc \u0631\u0627 \u0645\u0645\u06a9\u0646 \u0645\u06cc\u200c\u0633\u0627\u0632\u062f.<\/p>\n<\/li>\n<\/ol>\n<h2 id=\"heading-security-considerations\"><span class=\"ez-toc-section\" id=\"%d9%85%d9%84%d8%a7%d8%ad%d8%b8%d8%a7%d8%aa_%d8%a7%d9%85%d9%86%db%8c%d8%aa%db%8c\"><\/span>\u0645\u0644\u0627\u062d\u0638\u0627\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0647\u0646\u06af\u0627\u0645 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 IDS\u060c \u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u06cc\u06a9 \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645 \u0627\u0633\u062a \u0648 \u0628\u0631\u0627\u06cc \u0645\u0648\u0627\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062a\u0648\u0644\u06cc\u062f\u06cc \u062f\u0631 \u0646\u0638\u0631 \u06af\u0631\u0641\u062a\u0647 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a. \u0647\u0645\u0686\u0646\u06cc\u0646 \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0631\u0627 \u062f\u0631 \u0646\u0638\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f:<\/p>\n<ul>\n<li>\n<p>\u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0627 \u0645\u062c\u0648\u0632\u0647\u0627\u06cc \u0645\u0646\u0627\u0633\u0628 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f (root\/admin \u0628\u0631\u0627\u06cc \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0627\u0633\u062a)<\/p>\n<\/li>\n<li>\n<p>\u0633\u06cc\u0627\u0647\u0647\u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0647\u0634\u062f\u0627\u0631 \u0631\u0627 \u0627\u06cc\u0645\u0646 \u06a9\u0646\u06cc\u062f \u0648 \u0686\u0631\u062e\u0634 \u06af\u0632\u0627\u0631\u0634 \u0645\u0646\u0627\u0633\u0628 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f<\/p>\n<\/li>\n<li>\n<p>\u0628\u0647 \u0637\u0648\u0631 \u0645\u0646\u0638\u0645 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0627\u0645\u0636\u0627 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f \u0648 \u0645\u062f\u0644 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0631\u0627 \u062f\u0648\u0628\u0627\u0631\u0647 \u0622\u0645\u0648\u0632\u0634 \u062f\u0647\u06cc\u062f<\/p>\n<\/li>\n<li>\n<p>\u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0633\u06cc\u0633\u062a\u0645\u060c \u0628\u0647 \u0648\u06cc\u0698\u0647 \u062f\u0631 \u0645\u062d\u06cc\u0637 \u0647\u0627\u06cc \u067e\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9<\/p>\n<\/li>\n<li>\n<p>\u06a9\u0646\u062a\u0631\u0644 \u0647\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0646\u0627\u0633\u0628 \u0631\u0627 \u0628\u0631\u0627\u06cc \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc IDS \u0648 \u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f<\/p>\n<\/li>\n<\/ul>\n<h2 id=\"heading-testing-the-ids-on-mock-data\"><span class=\"ez-toc-section\" id=\"%d8%aa%d8%b3%d8%aa_ids_%d8%b1%d9%88%db%8c_%d8%af%d8%a7%d8%af%d9%87_%d9%87%d8%a7%db%8c_%d8%b3%d8%a7%d8%ae%d8%aa%da%af%db%8c\"><\/span>\u062a\u0633\u062a IDS \u0631\u0648\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u06af\u06cc<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0631\u0627\u06cc \u062a\u0623\u06cc\u06cc\u062f \u0639\u0645\u0644\u06a9\u0631\u062f IDS \u062e\u0648\u062f\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u06af\u06cc \u06a9\u0647 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc \u0631\u0627 \u0634\u0628\u06cc\u0647 \u0633\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u062f\u060c \u0622\u0632\u0645\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0686\u06af\u0648\u0646\u0647 \u0628\u0633\u062a\u0647 \u0647\u0627 \u0631\u0627 \u067e\u0631\u062f\u0627\u0632\u0634 \u0645\u06cc \u06a9\u0646\u062f\u060c \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0631\u0627 \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0631\u0627 \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0645\u062d\u06cc\u0637 \u0634\u0628\u06a9\u0647 \u0632\u0646\u062f\u0647 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u062a\u0633\u062a IDS \u0627\u0632 \u062a\u0627\u0628\u0639 \u0632\u06cc\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre><code class=\"lang-python\"><span class=\"hljs-keyword\">from<\/span> scapy.all <span class=\"hljs-keyword\">import<\/span> IP, TCP\n\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">def<\/span> <span class=\"hljs-title\">test_ids<\/span>():<\/span>\n    <span class=\"hljs-comment\"># Create test packets to simulate various scenarios<\/span>\n    test_packets = [\n        <span class=\"hljs-comment\"># Normal traffic<\/span>\n        IP(src=<span class=\"hljs-string\">\"192.168.1.1\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">1234<\/span>, dport=<span class=\"hljs-number\">80<\/span>, flags=<span class=\"hljs-string\">\"A\"<\/span>),\n        IP(src=<span class=\"hljs-string\">\"192.168.1.3\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.4\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">1235<\/span>, dport=<span class=\"hljs-number\">443<\/span>, flags=<span class=\"hljs-string\">\"P\"<\/span>),\n\n        <span class=\"hljs-comment\"># SYN flood simulation<\/span>\n        IP(src=<span class=\"hljs-string\">\"10.0.0.1\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">5678<\/span>, dport=<span class=\"hljs-number\">80<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n        IP(src=<span class=\"hljs-string\">\"10.0.0.2\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">5679<\/span>, dport=<span class=\"hljs-number\">80<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n        IP(src=<span class=\"hljs-string\">\"10.0.0.3\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">5680<\/span>, dport=<span class=\"hljs-number\">80<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n\n        <span class=\"hljs-comment\"># Port scan simulation<\/span>\n        IP(src=<span class=\"hljs-string\">\"192.168.1.100\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">4321<\/span>, dport=<span class=\"hljs-number\">22<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n        IP(src=<span class=\"hljs-string\">\"192.168.1.100\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">4321<\/span>, dport=<span class=\"hljs-number\">23<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n        IP(src=<span class=\"hljs-string\">\"192.168.1.100\"<\/span>, dst=<span class=\"hljs-string\">\"192.168.1.2\"<\/span>) \/ TCP(sport=<span class=\"hljs-number\">4321<\/span>, dport=<span class=\"hljs-number\">25<\/span>, flags=<span class=\"hljs-string\">\"S\"<\/span>),\n    ]\n\n    ids = IntrusionDetectionSystem()\n\n    <span class=\"hljs-comment\"># Simulate packet processing and threat detection<\/span>\n    print(<span class=\"hljs-string\">\"Starting IDS Test...\"<\/span>)\n    <span class=\"hljs-keyword\">for<\/span> i, packet <span class=\"hljs-keyword\">in<\/span> enumerate(test_packets, <span class=\"hljs-number\">1<\/span>):\n        print(<span class=\"hljs-string\">f\"\\nProcessing packet <span class=\"hljs-subst\">{i}<\/span>: <span class=\"hljs-subst\">{packet.summary()}<\/span>\"<\/span>)\n\n        <span class=\"hljs-comment\"># Analyze the packet<\/span>\n        features = ids.traffic_analyzer.analyze_packet(packet)\n\n        <span class=\"hljs-keyword\">if<\/span> features:\n            <span class=\"hljs-comment\"># Detect threats based \u0631\u0648\u06cc features<\/span>\n            threats = ids.detection_engine.detect_threats(features)\n\n            <span class=\"hljs-keyword\">if<\/span> threats:\n                print(<span class=\"hljs-string\">f\"Detected threats: <span class=\"hljs-subst\">{threats}<\/span>\"<\/span>)\n            <span class=\"hljs-keyword\">else<\/span>:\n                print(<span class=\"hljs-string\">\"No threats detected.\"<\/span>)\n        <span class=\"hljs-keyword\">else<\/span>:\n            print(<span class=\"hljs-string\">\"Packet does not contain IP\/TCP layers or is ignored.\"<\/span>)\n\n    print(<span class=\"hljs-string\">\"\\nIDS Test Completed.\"<\/span>)\n\n<span class=\"hljs-keyword\">if<\/span> __name__ == <span class=\"hljs-string\">\"__main__\"<\/span>:\n    test_ids()\n<\/code><\/pre>\n<p>\u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0627\u0646\u0648\u0627\u0639 \u062d\u0645\u0644\u0627\u062a \u0645\u0627\u0646\u0646\u062f \u0633\u06cc\u0644 SYN \u0648 \u0627\u0633\u06a9\u0646 \u067e\u0648\u0631\u062a \u0622\u0632\u0645\u0627\u06cc\u0634 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<h2 id=\"heading-wrapping-up\"><span class=\"ez-toc-section\" id=\"%d8%a8%d8%b3%d8%aa%d9%87_%d8%a8%d9%86%d8%af%db%8c\"><\/span>\u0628\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0627\u06a9\u0646\u0648\u0646 \u0645\u06cc \u062f\u0627\u0646\u06cc\u062f \u06a9\u0647 \u0686\u06af\u0648\u0646\u0647 \u0628\u0627 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0648 \u0686\u0646\u062f \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0627\u0648\u0644\u06cc\u0647 \u0628\u0633\u0627\u0632\u06cc\u062f! \u0627\u06cc\u0646 IDS \u0628\u0631\u062e\u06cc \u0627\u0632 \u0645\u0641\u0627\u0647\u06cc\u0645 \u0627\u0635\u0644\u06cc \u0627\u0645\u0646\u06cc\u062a \u0634\u0628\u06a9\u0647 \u0648 \u062a\u0634\u062e\u06cc\u0635 \u062a\u0647\u062f\u06cc\u062f \u062f\u0631 \u0632\u0645\u0627\u0646 \u0648\u0627\u0642\u0639\u06cc \u0631\u0627 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f.<\/p>\n<p>\u0628\u0647 \u062e\u0627\u0637\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0641\u0642\u0637 \u0628\u0631\u0627\u06cc \u0627\u0647\u062f\u0627\u0641 \u0622\u0645\u0648\u0632\u0634\u06cc \u0627\u0633\u062a. \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062d\u0631\u0641\u0647\u200c\u0627\u06cc \u062f\u0631 \u0633\u0637\u062d \u0633\u0627\u0632\u0645\u0627\u0646\u06cc \u0645\u0627\u0646\u0646\u062f Snort \u0648 Suricata \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u067e\u06cc\u0634\u0631\u0641\u062a\u0647 \u0648 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 \u0628\u0632\u0631\u06af \u0631\u0627 \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0646\u0646\u062f.<\/p>\n<p>\u0627\u0645\u06cc\u062f\u0648\u0627\u0631\u0645 \u062f\u0631 \u0645\u0648\u0631\u062f \u0627\u0635\u0648\u0644 \u0627\u0645\u0646\u06cc\u062a \u0634\u0628\u06a9\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u06a9\u0633\u0628 \u06a9\u0631\u062f\u0647 \u0628\u0627\u0634\u06cc\u062f \u0648 \u06cc\u0627\u062f \u06af\u0631\u0641\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0686\u06af\u0648\u0646\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0627\u0632 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0628\u0631\u0627\u06cc \u0633\u0627\u062e\u062a \u0631\u0627\u0647 \u062d\u0644 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0639\u0645\u0644\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f.<\/p>\n<\/section>\n<p><br \/>\n<br \/>\u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u062f\u0631 1404-01-21 20:39:09<br \/>\n<\/p>\n\n\n<div class=\"kk-star-ratings kksr-auto kksr-align-center kksr-valign-bottom\"\n    data-payload='{&quot;align&quot;:&quot;center&quot;,&quot;id&quot;:&quot;18756&quot;,&quot;slug&quot;:&quot;default&quot;,&quot;valign&quot;:&quot;bottom&quot;,&quot;ignore&quot;:&quot;&quot;,&quot;reference&quot;:&quot;auto&quot;,&quot;class&quot;:&quot;&quot;,&quot;count&quot;:&quot;0&quot;,&quot;legendonly&quot;:&quot;&quot;,&quot;readonly&quot;:&quot;&quot;,&quot;score&quot;:&quot;0&quot;,&quot;starsonly&quot;:&quot;&quot;,&quot;best&quot;:&quot;5&quot;,&quot;gap&quot;:&quot;5&quot;,&quot;greet&quot;:&quot;\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628&quot;,&quot;legend&quot;:&quot;0\\\/5 (0 \u0631\u0627\u06cc)&quot;,&quot;size&quot;:&quot;30&quot;,&quot;title&quot;:&quot;\u0631\u0648\u0634 \u0633\u0627\u062e\u062a \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0628\u0644\u0627\u062f\u0631\u0646\u06af \u0628\u0627 \u067e\u0627\u06cc\u062a\u0648\u0646 \u0648 Open-Source \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u0647\u0627&quot;,&quot;width&quot;:&quot;0&quot;,&quot;_legend&quot;:&quot;{score}\\\/{best} ({count} \u0631\u0627\u06cc)&quot;,&quot;font_factor&quot;:&quot;1.25&quot;}'>\n            \n<div class=\"kksr-stars\">\n    \n<div class=\"kksr-stars-inactive\">\n            <div class=\"kksr-star\" data-star=\"1\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"2\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"3\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"4\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"5\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n    \n<div class=\"kksr-stars-active\" style=\"width: 0px;\">\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n<\/div>\n                \n\n<div class=\"kksr-legend\" style=\"font-size: 24px;\">\n            <span class=\"kksr-muted\">\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628<\/span>\n    <\/div>\n    <\/div>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 9<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span>\u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 (IDS) \u0645\u0627\u0646\u0646\u062f \u06cc\u06a9 \u062f\u0648\u0631\u0628\u06cc\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0627\u0633\u062a. \u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u062f\u0648\u0631\u0628\u06cc\u0646\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0641\u06cc\u0632\u06cc\u06a9\u06cc \u06a9\u0645\u06a9 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u06cc\u06a9 IDS \u0646\u06cc\u0632 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0631\u0627 \u06a9\u0646\u062a\u0631\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f \u062a\u0627 \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0647\u0631\u06af\u0648\u0646\u0647 \u062d\u0645\u0644\u0647 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0627\u0644\u0642\u0648\u0647 \u0648 \u0646\u0642\u0636 \u0627\u0645\u0646\u06cc\u062a \u06a9\u0645\u06a9 \u06a9\u0646\u062f. \u062f\u0631 \u067e\u0627\u06cc\u0627\u0646 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u0631\u0648\u0634 \u0639\u0645\u0644\u06a9\u0631\u062f \u06cc\u06a9 IDS \u0631\u0627 \u0645\u06cc\u200c\u062f\u0627\u0646\u06cc\u062f [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":18757,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1743],"tags":[5828,1928,1938,1920,1916,1779,5789,1744,4153,1959,2123,2134,284,2002,2358,5827,1765,1813],"class_list":["post-18756","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-python","tag-opensource","tag-python-","tag-1938","tag-1920","tag-1916","tag-1779","tag-5789","tag-1744","tag-4153","tag-1959","tag-2123","tag-2134","tag-284","tag-python","tag-2358","tag-5827","tag-1765","tag-1813"],"acf":[],"_links":{"self":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/18756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/comments?post=18756"}],"version-history":[{"count":0,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/18756\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media\/18757"}],"wp:attachment":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media?parent=18756"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/categories?post=18756"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/tags?post=18756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}