Top 58 intrusion-detection open source projects

Machine Learning for Computer Security

Wazuh - Kibana plugin

Wazuh - Docker containers

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.

Wazuh - The Open Source Security Platform

osquery extensions by Trail of Bits

一款由 YSRC 开源的主机入侵检测系统

An UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases.

A curated list of awesome threat detection and hunting resources

A lightweight tool to score network traffic and flag anomalies

SIAC is an enterprise SIEM built on open-source technology.

Blackbook of malware domains

Streaming Anomaly Detection Framework in Python (Outlier Detection for Streaming Data)

VGG-19 deep learning model trained using ISCX 2012 IDS Dataset

Anti-Abuse for servers at authentication time

Real-time HTTP Intrusion Detection

Wazuh - Project documentation

[ICMLC 2018] A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases

tamper resistant audit log

Wazuh - Chef cookbooks

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

Daemon to ban hosts that cause multiple authentication errors

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

A utility to generate malicious network traffic and evaluate controls

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

Malicious traffic detection system

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

SQL powered operating system instrumentation, monitoring, and analytics.

Wazuh - Ruleset

Network Intrusion Detection KDDCup '99', NSL-KDD and UNSW-NB15

psad: Intrusion Detection and Log Analysis with iptables

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

An Intrusion Detection System library loosely based on PHP IDS

BSM based intrusion detection system

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.

Detect and warn about suspicious IPs logging into Nextcloud

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Simple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN

Anomaly Detection on Time-Evolving Streams in Real-time. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

Wazuh - Puppet module

Solutions to kdd99 dataset with Decision tree and Neural network by scikit-learn

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

Feature coded UNSW_NB15 intrusion detection data.

Wazuh - Ansible playbook

Network Intrusion Detection System using Deep Learning Techniques

Wazuh - Tools for packages creation

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

Deep Learning Tool for Off-line Network Intrusion Detection System

Monitor network traffic per executable using BPF

fast, extensible, versatile event router for Suricata's EVE-JSON format

Whenever founds internet connectivity confirms is it you, if not log you off and send you image of intruder.

LID-DS is an intrusion detection data simulation framework.

[archived] 一款实验性质的主机入侵检测系统