I am an intern student at Lancaster University in the UK. I am undertaking a project to determine the feasibility of developing an intrusion detection system with a machine learning engine rather than a signature based system. Similar to the Darktrace product that sells for many thousands of pounds but a scaled down version. I thought about implementing it on Bro and developing it as an add-in? Do you think this would be possible, I have some experience of programming but not lots although my coding is tidy and well commented. What is Bro written in? Would I have to use that language? Do you think it is possible?
Thank you, Sam