0snap / graph_alert_correlation
Simple implementation of scientific paper 'GAC: Graph-Based Alert Correlation for the Detection of Distributed Multi-Step Attacks'
☆17Updated 5 years ago
Related projects: ⓘ
- Scripts to generate and analyze the AIT alert data set (AIT-ADS)☆15Updated 5 months ago
- A method for grouping, clustering, and merging semi-structured alerts☆15Updated 6 months ago
- [TDSC 2021] IntruSion alert-driven Attack Graph Extractor. https://ieeexplore.ieee.org/document/9557854☆33Updated 2 months ago
- A naive implementation of HERCULE, an attack story reconstruction system using community discovery on correlated log graph☆14Updated 7 years ago
- Scripts to deploy virtual testbed for log data analysis and anomaly detection.☆18Updated 9 months ago
- ☆20Updated 3 years ago
- GraphChi's C++ version. Big Data - small machine.☆16Updated 3 years ago
- This program allow you to extract some features from pcap files.☆38Updated last year
- Detection of malicious domain names using machine learning and deep learning models☆16Updated 5 years ago
- Datasets used in the StreamSpot experiments☆48Updated 8 years ago
- A framework for the Analysis of Intrusion Detection Alerts☆16Updated 2 years ago
- Original implementation and resources of DeepCASE as in the S&P '22 paper☆90Updated last year
- ☆14Updated 3 years ago
- Core streaming heterogeneous graph clustering and anomaly detection code (KDD 2016)☆37Updated 4 years ago
- ☆10Updated 3 years ago
- ☆22Updated last year
- Extracting Attack Behavior from Threat Reports☆75Updated last year
- Anomaly Detection on Time-Evolving Streams in Real-time. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.☆108Updated 8 months ago
- Insider Threat Detection using Isolation Forest☆16Updated 6 years ago
- ☆70Updated last year
- This is a paper list about Machine Learning for IDSes☆84Updated 3 weeks ago
- Coburg Intrusion Detection Data Sets☆46Updated 6 years ago
- Python implementation of MIDAS: Microcluster-Based Detector of Anomalies in Edge Streams☆38Updated 2 years ago
- ISCXFlowMeter is an Ethernet traffic flow generator and analyzer for anomaly detection which has been used in different network security …☆69Updated 7 months ago
- Machine learning on knowledge graphs for context-aware security monitoring (data and model)☆15Updated 2 years ago
- CTI database generator and public dataset☆21Updated 4 years ago
- ☆10Updated 2 years ago
- ☆89Updated 4 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆84Updated 2 months ago
- ☆15Updated 6 years ago