ait-aecid / logdata-anomaly-miner
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
☆81Updated 2 weeks ago
Alternatives and similar repositories for logdata-anomaly-miner
Users that are interested in logdata-anomaly-miner are comparing it to the libraries listed below
Sorting:
- A method for grouping, clustering, and merging semi-structured alerts☆23Updated 6 months ago
- Scripts to generate and analyze the AIT alert data set (AIT-ADS)☆22Updated 7 months ago
- SecureBERT is a domain-specific language model to represent cybersecurity textual data.☆89Updated 9 months ago
- Scripts to deploy virtual testbed for log data analysis and anomaly detection.☆24Updated last year
- SMET : Semantic Mapping of CVE to ATT&CK and its Application to Cybersecurity☆46Updated 8 months ago
- Argus Sensor☆64Updated 2 weeks ago
- nPrint provides a generalizable data representation for network packets that works directly with machine learning techniques☆112Updated 3 years ago
- An extended version of SecureBERT, trained on top of both base and large version of RoBERTa using 10 GB cybersecurity-related data☆24Updated last year
- ☆22Updated 3 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆93Updated 10 months ago
- This is a five-step framework for the development of intrusion detection systems (IDS) using machine learning (ML) considering model real…☆51Updated 3 years ago
- PyTorch implementation of Deeplog: Anomaly detection and diagnosis from system logs through deep learning☆235Updated 8 months ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆55Updated 4 years ago
- ☆108Updated 4 years ago
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆63Updated last year
- AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.☆35Updated last week
- Feature Extraction and Machine Learning from Network Traffic Traces☆69Updated 9 months ago
- Original implementation and resources of DeepCASE as in the S&P '22 paper☆92Updated last year
- Analysis scripts for log data sets used in anomaly detection.☆68Updated 9 months ago
- A comprehensive survey of datasets for research in host-based and/or network-based intrusion detection, with a focus on enterprise networ…☆36Updated 2 months ago
- A logic-based enterprise network security analyzer☆125Updated 2 years ago
- Repository of creating different example suricata data sets☆34Updated 6 years ago
- A framework for the Analysis of Intrusion Detection Alerts☆17Updated 3 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆41Updated 9 months ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆78Updated 9 months ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆10Updated 4 years ago
- This work shows the viability of automatically generated attack graphs that are used for adversary behavior execution in industrial contr…☆12Updated 3 years ago
- Log anomaly detection model using a CNN with TF-IDF and sliding window feature extraction.☆44Updated 3 years ago
- Log-based Anomaly Detection Without Log Parsing (ASE 2021, Research Track)☆130Updated last year
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago