raymondino / InsiderThreat-StreamReasoningUseCase
This use case aims to leverage stream reasoning techniques and the concept of semantic importance to detect one attacking type of the insider threat -- data exfiltration
☆22Updated 8 years ago
Alternatives and similar repositories for InsiderThreat-StreamReasoningUseCase:
Users that are interested in InsiderThreat-StreamReasoningUseCase are comparing it to the libraries listed below
- Insider Threat Detection using Isolation Forest☆16Updated 6 years ago
- CTI database generator and public dataset☆21Updated 5 years ago
- ☆20Updated 8 years ago
- A series of labs that will help users apply various data science techniques to security related data.☆132Updated 9 years ago
- A collection of resources for security data☆40Updated 7 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆75Updated 6 months ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- ☆21Updated 3 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆92Updated 7 months ago
- Sweet, sweet, secrepo.com html.☆131Updated 3 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆34Updated 2 months ago
- Insider threat detection with heterogeneous graph in CERT dataset.☆18Updated 3 years ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- Extracting Attack Behavior from Threat Reports☆76Updated last year
- This repository hosts community contributed Kestrel analytics☆17Updated 8 months ago
- A web application for generating, parsing and validating, manipulating, and visualizing CACAO v2.0 playbooks.☆25Updated 2 months ago
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆19Updated 6 years ago
- Prototype development for Insider Threat Detection and Assessment tools☆8Updated 9 years ago
- Mapping NSM rules to MITRE ATT&CK☆69Updated 4 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- My notes on various topics☆64Updated last year
- Detection of malicious domain names using machine learning and deep learning models☆16Updated 6 years ago
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Updated 4 years ago
- AttacKG: Constructing Knowledge-enhanced Attack Graphs from Cyber Threat Intelligence Reports☆148Updated last year
- ☆100Updated 4 years ago
- Experimental ONLY: This consolidated data of scenario-2 of the US-CERT dataset for insider threats to be used with TF 2.0 and Keras☆20Updated 2 years ago
- A project to label the VirusShare malware corpus using VirusTotal's public API.☆30Updated last year
- MulVAL: A logic-based, data-driven enterprise network security analyzer - Originally developed at Kansas State University, updated for Cy…☆32Updated 9 months ago
- ☆25Updated last year