ait-aecid / logdata-anomaly-minerLinks
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
☆86Updated 3 weeks ago
Alternatives and similar repositories for logdata-anomaly-miner
Users that are interested in logdata-anomaly-miner are comparing it to the libraries listed below
Sorting:
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆97Updated last year
- SecureBERT is a domain-specific language model to represent cybersecurity textual data.☆99Updated last year
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆59Updated 4 years ago
- A method for grouping, clustering, and merging semi-structured alerts☆24Updated 11 months ago
- ☆25Updated 4 years ago
- SMET : Semantic Mapping of CVE to ATT&CK and its Application to Cybersecurity☆50Updated last year
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆45Updated last year
- A completely automated anomaly detector Zeek network flows files (conn.log).☆81Updated 2 months ago
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆26Updated 2 years ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆37Updated 6 months ago
- Insider threat detection with heterogeneous graph in CERT dataset.☆27Updated 3 years ago
- Code for shelLM tool☆55Updated 8 months ago
- This repository hosts community contributed Kestrel analytics☆18Updated last year
- ☆124Updated 5 years ago
- This is a five-step framework for the development of intrusion detection systems (IDS) using machine learning (ML) considering model real…☆55Updated 3 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆86Updated last month
- pretrained BERT model for cyber security text, learned CyberSecurity Knowledge☆196Updated 2 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆188Updated 2 weeks ago
- A library and command line tool for extracting indicators of compromise (IOCs) from security reports in PDF, HTML, Word, or text format☆43Updated last month
- An extended version of SecureBERT, trained on top of both base and large version of RoBERTa using 10 GB cybersecurity-related data☆29Updated last year
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆64Updated 2 years ago
- ☆56Updated 6 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated 10 months ago
- ATLAS tactics, techniques, and case studies data☆80Updated 3 weeks ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆126Updated last year
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆167Updated 2 years ago
- ☆28Updated 4 years ago
- GPT-3 use cases for Cybersecurity☆52Updated 2 years ago
- This is the Network Flow Generator for ICSSIM☆15Updated last month
- Pure python parser for Snort/Suricata rules.☆33Updated last year