Hands On: Building A Full Stack Java App (Classical ML), Implement Supervised Machine Learning to Detect HTTP Intrusion Attempts on your Server.
Course Description
This course is part 3 in our series, teaching you how to build a full-stack Java application, from nothing to fully functioning! In this course, we will continue the work from part 2, changing the way the configuration works from just raw .json files in the file system, to a full config page on the frontend. This entails using html forms, sending and handling complex data structures to the backend, and saving these data into a database. We are also introducing more TypeScript, so we will be creating TypeScript types to ensure the data in the form is formed correctly.
We will then also tackle Machine Learning. We will go over what it is, how we use it in this project, and how to implement it yourself. The flow of the MLÂ in the course is as follows:
1. GridLog reads raw HTTPÂ logs from the host
2. GridLog saves raw logs
3. GridLog reads raw logs from DBÂ and parses into searchable columns
4. While saving the parsed logs, if GridLog detects these are HTTP logs, it will run Machine Learning inference on the logs to try and predict if the logs are malicious or benign
5. If malicious, save the DBÂ entry as possible intrusion attempt
6. Mark attempt in Log Viewer
To get the above working, we will need to use free Machine Learning libraries to do supervised training on a dataset provided to you. Once trained, we can run inference on any new incoming HTTPÂ logs.
So for this course, you will learning how to implement all of this into an already working by simply adding in a new Docker container to your working docker orchestration file (Docker compose in our case)
Source Code for this code can be found on our GitHub page which is found in the resources section of our Introduction lecture.