Deep packet inspection (DPI) technology is widely used in network-side defense or detection equipment such as IPS/IDS/UTM. The signature/virus patterns (i.e., DPI Rules) used to detect threats can be treated as the DPI system's soul. In the past, the generation of DPI rules usually required threat researchers to study/collect the threat or weakness first and then generate the corresponding attack traffic, then rule makers used these traffic to write the rules fitting specific DPI engines. Such rule generation process relied on rich experience and consumed a lot of time. In recent years, with AI's help, we can have some automation in the rule generation process. Through this automation, we can lower the technical threshold of rule making and shorten rule generation time. This talk will share related technologies and provide a PoC demo.