ait-aecid / logdata-anomaly-miner
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
☆79Updated 4 months ago
Alternatives and similar repositories for logdata-anomaly-miner:
Users that are interested in logdata-anomaly-miner are comparing it to the libraries listed below
- A method for grouping, clustering, and merging semi-structured alerts☆24Updated 4 months ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆93Updated 8 months ago
- Scripts to generate and analyze the AIT alert data set (AIT-ADS)☆20Updated 5 months ago
- An extended version of SecureBERT, trained on top of both base and large version of RoBERTa using 10 GB cybersecurity-related data☆21Updated last year
- Scripts to deploy virtual testbed for log data analysis and anomaly detection.☆23Updated last year
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆149Updated 2 years ago
- SecureBERT is a domain-specific language model to represent cybersecurity textual data.☆86Updated 8 months ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆75Updated 7 months ago
- Repository of creating different example suricata data sets☆33Updated 6 years ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆55Updated 4 years ago
- ☆101Updated 4 years ago
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆23Updated last year
- ☆21Updated 3 years ago
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆62Updated last year
- AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.☆32Updated 3 weeks ago
- A logic-based enterprise network security analyzer☆119Updated 2 years ago
- ☆76Updated last year
- This repository hosts community contributed Kestrel analytics☆17Updated 9 months ago
- A framework for the Analysis of Intrusion Detection Alerts☆17Updated 3 years ago
- Extracting Attack Behavior from Threat Reports☆76Updated last year
- An Adaptive Misuse Detection System☆37Updated 4 months ago
- SMET : Semantic Mapping of CVE to ATT&CK and its Application to Cybersecurity☆45Updated 6 months ago
- Original implementation and resources of DeepCASE as in the S&P '22 paper☆92Updated last year
- A library and command line tool for extracting indicators of compromise (IOCs) from security reports in PDF, HTML, Word, or text format☆31Updated last week
- A framework for synthesizing lateral movement login data.☆24Updated 3 years ago
- MEGR-APT: A Memory-Efficient APT Hunting System Based on Attack Representation Learning☆39Updated last month
- Cyber Security concepts extracted from unstructured threat intelligence reports using Named Entity Recognition☆100Updated last year
- A comprehensive survey of datasets for research in host-based and/or network-based intrusion detection, with a focus on enterprise networ…☆35Updated last month
- ☆25Updated last year
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆10Updated 3 years ago