Back to home
Documentation

Everything you need to
deploy and operate LYNX

Production-grade documentation for every layer, every platform, and every operational scenario. All docs are version-controlled alongside the source code.

View on GitHub

Quick start

# Linux
$git clone https://github.com/Breaktroughf1/lynx-ids.git && cd lynx-ids
$./build/scripts/build-linux.sh
$sudo ./build/release/ids -i eth0 -c config/ids.conf
# PCAP test
$git clone https://github.com/Breaktroughf1/lynx-ids.git && cd lynx-ids
$./build/scripts/build-linux.sh
$./build/release/ids -r tests/pcap/multi_stage_apt.pcap -c config/ids.conf
# MIPS deploy
$sudo apt-get install gcc-mips64-linux-gnuabi64
$./build/scripts/build-mips.sh
$scp build/mips/ids config/ids-mips.conf root@192.168.1.1:/etc/ids/

All documentation

ARCHITECTURE.md

Architecture

Full 12-layer pipeline walkthrough — hardware ingestion to SOC alert delivery. Includes thread model, memory budgets, and data flow diagrams.

Core reading12 layersData flow
LAYER_GUIDE.md

Layer Implementation Guide

Per-layer implementation notes, key data structures, C API contracts, and the universal hot-path rules every contributor must follow.

C17Data structuresAPI contracts
CONFIGURATION.md

Configuration Reference

Complete reference for every configuration option — all 17 sections, all defaults, type annotations, and per-platform profile examples including the full MIPS profile.

All optionsMIPS profileRuntime reload
DEPLOYMENT_LINUX.md

Deployment — Linux

Production Linux deployment — kernel isolation parameters, DPDK hugepage setup, NIC IRQ pinning, systemd unit files, Prometheus metrics, and log rotation.

Ubuntu 22.04DPDKsystemd
DEPLOYMENT_WINDOWS.md

Deployment — Windows

Windows 10 / 11 / Server 2022 deployment — Npcap installation, MSVC build with vcpkg, Windows Service setup via NSSM, Event Log integration.

WindowsNpcapNSSM
DEPLOYMENT_MACOS.md

Deployment — macOS

macOS deployment for Apple Silicon and Intel — BPF permissions via ChmodBPF, Metal GPU acceleration for TinyLlama, launchd service setup.

Apple SiliconBPFMetal
DEPLOYMENT_MIPS.md

Deployment — MIPS (Cyberoam)

Step-by-step cross-compilation for Cavium OCTEON MIPS64 — toolchain setup, static libpcap build, SCP deploy to Cyberoam CR1500ia, memory tuning, SysV init script.

MIPS64CyberoamCross-compile
API.md

Dashboard API Reference

WebSocket protocol specification — all message types, delta format, alert object schema, REST endpoints, authentication, TypeScript type definitions.

WebSocketRESTTypeScript types
FEDERATED.md

Federated Learning

FL server setup, trust model architecture, differential privacy parameters, clustered FedAvg, gradient anomaly detection, node enrollment, rollback procedures.

PrivacyDP ε=1.0Flower
ML_MODELS.md

ML Models

Dataset preparation, XGBoost pre-filter training, ONNX export, TinyLlama QLoRA fine-tuning, Q4_K_M quantization, MIPS C decision tree export, adversarial retraining.

TinyLlamaONNXQLoRA
TESTING.md

Testing Guide

Unit test framework (CMocka), PCAP regression suite with 11 attack scenarios, benchmark thresholds, CI pipeline setup for all four platforms, coverage requirements.

CMockaPCAP vectorsCI
SECURITY.md

Security

Full threat model, adversarial assumptions, evasion-resistance design rationale, resource exhaustion mitigations, responsible disclosure policy.

Threat modelEvasion-resistanceDisclosure

CONTRIBUTING.md

Contributing

Dev setup, code style (C17, Go, TypeScript, Python), PR process, architecture decision records, and the zero-conflict branch ownership map.

SECURITY.md

Security Policy

Full threat model, adversarial assumptions, evasion-resistance rationale per layer, and the responsible disclosure process with contact details.