raymondino / InsiderThreat-StreamReasoningUseCase
This use case aims to leverage stream reasoning techniques and the concept of semantic importance to detect one attacking type of the insider threat -- data exfiltration
☆22Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for InsiderThreat-StreamReasoningUseCase
- Insider Threat Detection using Isolation Forest☆16Updated 6 years ago
- ☆20Updated 8 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆74Updated 3 months ago
- CTI database generator and public dataset☆21Updated 4 years ago
- User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.☆33Updated 7 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated last year
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Updated 4 years ago
- A series of labs that will help users apply various data science techniques to security related data.☆131Updated 9 years ago
- Classifier to separate legitimate domains from those generated by a domain generating algorithm (DGA).☆42Updated 8 years ago
- Sweet, sweet, secrepo.com html.☆132Updated 3 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆87Updated 4 months ago
- ☆15Updated 7 years ago
- A framework for the Analysis of Intrusion Detection Alerts☆16Updated 3 years ago
- A collection of resources for security data☆40Updated 6 years ago
- Anomaly detection in network traffic and event logs using deep learning (w/ Pytorch)☆58Updated 5 years ago
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- A collection of notebooks built for defensive and offensive operations.☆76Updated 4 years ago
- MulVAL: A logic-based, data-driven enterprise network security analyzer - Originally developed at Kansas State University, updated for Cy…☆31Updated 6 months ago
- Machine learning algorithms applied on log analysis to detect intrusions and suspicious activities.☆154Updated last year
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆15Updated 2 years ago
- ☆19Updated 3 years ago
- Prototype development for Insider Threat Detection and Assessment tools☆8Updated 9 years ago
- Machine Learning applied to Cyber Security Course☆40Updated 5 years ago
- Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases☆30Updated 7 years ago
- Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds☆172Updated 9 years ago
- CybOX Schemas and Schema Development☆42Updated 7 years ago
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆19Updated 6 years ago
- Extracting Attack Behavior from Threat Reports☆75Updated last year
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆65Updated 6 months ago