Discover stratosphereips/yara-rules Open Source project

An awesome list of papers on privacy attacks against machine learning

628

awesome-ml-privacy-attacks

507

Manati

A web-based tool to assist the work of the intuitive threat analysts.

The AI VPN provides an security assessment of VPN clients' network traffic to identify cyber security threats.

108

AIVPN

CSS

zeek_anomaly_detector

A completely automated anomaly detector Zeek network flows files (conn.log).

The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere IPS.

StratosphereTestingFramework

The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.

StratosphereWindowsIps

This python scripts can calculate the WHOIS Similarity Distance between two given domains.

whois-similarity-distance

OpenEdge ABL

AIP

The Attacker IP Prioritizer(AIP) algorithm is a python program designed to dynamically generate a resource-friendly IPv4 address blacklist based on data collected from attacks on a network.

Apply Machine Learning and Game Theory to improve the security of the Turris network of CZ.NIC

Ludus

Core information on Stratosphere's participation on the Google Summer of Code Program

Google-Summer-of-Code

NetSecGame

An environment simulation for networks security tasks for development and testing AI based agents. Part of AI Dojo project

A tool to automatically decode and translate any TCP hexa payload data form any language to english.

Hexa_Payload_Decoder

This repository contains a curated list of papers, articles and other sources related to remote access trojans.

a-study-of-remote-access-trojans

ip_enrich

Enrich IP addresses with metadata and threat intelligence indicators.

Tapir: a tool to search through NIST CVE database, with cache and regex.

nist-cve-search-tool

This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.

StratosphereLibSlips

C++

netflowlabeler

A configurable rule-based labeling tool for network flow files.

A short course on how to use Machine Learning for analyzing and detecting real malware traffic in the network from flows

ML-for-Network-Security

Project for modeling structure of AD and its content to be used as a honeypot.

AD-Honeypot

model_extraction_malware

Repository for the paper

Methods to detect Android Remote Access Trojans (RATs) from the Android Mischief Dataset v2. The detection methods are written in Python.

android_rat_detection_methods

Tool to retrieve/visualize messages from IRC communication of IoT devices

IRC-Malware-Detection

A version of Stratosphere that works on HTTP logs.

StratosphereWebIPS

Read Zeeek/Bro log and log.gz files (even broken ones) into a Pandas Dataframe.

zeeklog2pandas

evpn

Emergency VPN manager

HermeneisGPT is a framework to translate messages using Large Language Models (LLM).

hermeneisGPT

Zeek Package that extracts features from IRC communication

zeek-package-IRC

This repository is a template with basic elements that every repository at Stratosphere should follow.

repository-template

DoH-Research

Research on DoH technology

Lua

StratosphereIPS-Argus-VirtualBoxVM

This is a virtual machine that automatically runs the Argus program already configured to send the flows to the Stratosphere Project servers.

RRDcap

A tool to monitor packet capture (pcap) files using RRD

Shell

Basic-Python-Learning

Basic python templates for learning

Master's thesis official repository owned by Ondrej Prenek

IRC-IoT-Malware-Detection

IRC-Behavioral-Analysis

Evaluation and experiments for the trust models introduced in p2p4slips module

p2p4slips-experiments

Extract and summarises the suricata alerts in time windows, by port and src IP

Suricata-Extractor

These are docker containers for running Argus preconfigured to send flows to the Stratosphere IPS project. There are images for Debian and for Raspberry Pi

ArgusDockerContainers

ml-detectors-ctu-50

Some Machine Learning detectors for CTU-50 dataset with TLS features

A set to tools to enrich and manage pcaps

vimtutorial

Very basic vim tutorial

pcapsummarizer

Shell

number-anomaly-detector

These are the argus configuration files for sending flows to the Stratosphere Project

argus-configuration-files

Shell

steganoroute

A data exfiltration tool using times and fake IPs for mtr or traceroute.

Adversarial Heuristic Search Value Iteration

AHSVI

Java

Civilsphere

YARA

StratoRules

Repo of detection rules created from internal research

essh

SSH tool to detect successful SSH logins on a network

IDPS-Comparison-Tool

This script adds the gateway IP information to the dhcp logs, it adds a notice.log entry if the gw address is identified

zeek-package-log-gateway-IP

Zeek Package that supports adding arp.log to zeek log files

zeek-package-ARP

A tool for manually testing the p2p4slips package

p2p4slips-tester

IDPS-Comparison-Tool-Scripts

Contains the scripts needed to extract the information used by our IDPS comparison tool

Code repository for FEEL project

feel_project

Detect DoH servers and add timeout to them so that the DoH connection won't take too long

zeek-package-detect-DoH

pcap-iograph-plotter

Flaber: A Zeek Fast Labeler tool to label Zeek conn.log files

flaber

Web page of the stratosphere IPS project

stratosphereips.org

Ludus-Volumeter

uCollect plugin for measuring pkts/bytes in each port

Experiments in p2p networking using libp2p in golang

p2p4slips

pcap-analysis-sessions

A client-server terminal game called Hacker Grid World, to train and play with Reinforcement Learning or humans!

HackerGridWorld

NetSecGameAgents