ait-aecid / logdata-anomaly-miner
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
☆79Updated this week
Related projects ⓘ
Alternatives and complementary repositories for logdata-anomaly-miner
- A method for grouping, clustering, and merging semi-structured alerts☆19Updated last week
- Scripts to deploy virtual testbed for log data analysis and anomaly detection.☆19Updated last year
- Scripts to generate and analyze the AIT alert data set (AIT-ADS)☆17Updated last month
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆87Updated 4 months ago
- ☆96Updated 4 years ago
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆137Updated last year
- SecureBERT is a domain-specific language model to represent cybersecurity textual data.☆71Updated 4 months ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆74Updated 3 months ago
- ☆19Updated 3 years ago
- Original implementation and resources of DeepCASE as in the S&P '22 paper☆91Updated last year
- Extracting Attack Behavior from Threat Reports☆75Updated last year
- A logic-based enterprise network security analyzer☆110Updated last year
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆53Updated 4 years ago
- ☆73Updated last year
- ATLAS tactics, techniques, and case studies data☆49Updated last month
- Open source endpoint agent providing host information to Zeek. [v2]☆68Updated last month
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆38Updated 3 months ago
- ☆77Updated last year
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆19Updated last year
- PyTorch implementation of Deeplog: Anomaly detection and diagnosis from system logs through deep learning☆202Updated 3 months ago
- nPrint provides a generalizable data representation for network packets that works directly with machine learning techniques☆103Updated 2 years ago
- The final project of deep learning and practice (summer 2020) in NCTU.☆23Updated 2 years ago
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago
- Machine learning on knowledge graphs for context-aware security monitoring (data and model)☆16Updated 2 years ago
- A framework for the Analysis of Intrusion Detection Alerts☆16Updated 3 years ago
- A comprehensive survey of datasets for research in host-based and/or network-based intrusion detection, with a focus on enterprise networ…☆30Updated last month
- ICS Cybersecurity PCAP respository☆49Updated 5 years ago
- Anomaly Detection in the Open World: Normality Shift Detection, Explanation, and Adaptation (NDSS'23).☆62Updated last year
- Repository of creating different example suricata data sets☆32Updated 5 years ago
- Code for shelLM tool☆46Updated 3 weeks ago