morrigan / user-behavior-anomaly-detectorLinks
User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
☆33Updated 7 years ago
Alternatives and similar repositories for user-behavior-anomaly-detector
Users that are interested in user-behavior-anomaly-detector are comparing it to the libraries listed below
Sorting:
- A collection of resources for security data☆41Updated 7 years ago
- DGA Domains detection☆66Updated 7 years ago
- Sweet, sweet, secrepo.com html.☆132Updated 3 years ago
- CTI database generator and public dataset☆21Updated 5 years ago
- DGA Domain Detection using Bigram Frequency Analysis☆54Updated 7 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆81Updated 10 months ago
- Docker files for building Zeek.☆86Updated last year
- This use case aims to leverage stream reasoning techniques and the concept of semantic importance to detect one attacking type of the ins…☆22Updated 8 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Apache Metron☆59Updated 4 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases☆30Updated 7 years ago
- Generate STIX XML from OpenIOC XML☆92Updated 6 years ago
- Open-source framework to detect outliers in Elasticsearch events☆208Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago
- ☆32Updated 7 years ago
- A series of labs that will help users apply various data science techniques to security related data.☆132Updated 10 years ago
- Classifier to separate legitimate domains from those generated by a domain generating algorithm (DGA).☆41Updated 8 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Ipython notebook that illustrates effectiveness of machine learning algorithms in anomaly detection of netflow data (inbound/outbound DDo…☆78Updated 8 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- MulVAL: A logic-based, data-driven enterprise network security analyzer - Originally developed at Kansas State University, updated for Cy…☆34Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago