ait-aecid / kyoushi-environment
Scripts to deploy virtual testbed for log data analysis and anomaly detection.
☆23Updated last year
Alternatives and similar repositories for kyoushi-environment:
Users that are interested in kyoushi-environment are comparing it to the libraries listed below
- A method for grouping, clustering, and merging semi-structured alerts☆23Updated 5 months ago
- Scripts to generate and analyze the AIT alert data set (AIT-ADS)☆21Updated 6 months ago
- [TDSC 2021] IntruSion alert-driven Attack Graph Extractor. https://ieeexplore.ieee.org/document/9557854☆35Updated 9 months ago
- Original implementation and resources of DeepCASE as in the S&P '22 paper☆92Updated last year
- Machine learning on knowledge graphs for context-aware security monitoring (data and model)☆17Updated 3 years ago
- Extracting Attack Behavior from Threat Reports☆76Updated last year
- A framework for the Analysis of Intrusion Detection Alerts☆17Updated 3 years ago
- ☆52Updated last year
- ☆76Updated 2 years ago
- Datasets used in the StreamSpot experiments☆61Updated 9 years ago
- A naive implementation of HERCULE, an attack story reconstruction system using community discovery on correlated log graph☆15Updated 7 years ago
- This program allow you to extract some features from pcap files.☆38Updated 2 years ago
- APT-KGL: An Intelligent APT Detection System Based on Threat Knowledge and Heterogeneous Provenance Graph Learning☆66Updated 2 years ago
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆148Updated 2 years ago
- Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within Enterprise☆25Updated 3 years ago
- Traffic analysis for Tor-based malware detection and classification☆39Updated last year
- Network traffic classifier based on machine learning algorithms☆43Updated 2 years ago
- Simple implementation of scientific paper 'GAC: Graph-Based Alert Correlation for the Detection of Distributed Multi-Step Attacks'☆18Updated 5 years ago
- A comprehensive survey of datasets for research in host-based and/or network-based intrusion detection, with a focus on enterprise networ…☆35Updated 2 months ago
- ☆46Updated 3 years ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆55Updated 4 years ago
- ATLAS: A Sequence-based Learning Approach for Attack Investigation☆154Updated 2 years ago
- ☆22Updated 3 years ago
- The repository consists of : Construction of the corpus, Named Entity Recognition , Relationship Extraction , Construction of knowledge g…☆29Updated 2 years ago
- Anomaly detection in network traffic and event logs using deep learning (w/ Pytorch)☆66Updated 6 years ago
- Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications (CCS'21)☆71Updated 3 years ago
- The repository implement the LMTracker model based on paper: LMTracker: Lateral movement path detection based on heterogeneous graph embe…☆16Updated last year
- SSH traffic analysis☆23Updated 6 years ago
- Contact: Alexander Hartl, Maximilian Bachl, Fares Meghdouri. Explainability methods and Adversarial Robustness metrics for RNNs for Intru…☆18Updated 4 years ago
- This is a Python version of CICFlowmeter-V4.0 (formerly known as ISCXFlowMeter) - an Ethernet traffic Bi-flow generator and analyzer for …☆71Updated 3 years ago