REASENS
02-05-2022REASENS Framework is a hierarchical REAsoning system that enables the collection of events from distributed and heterogeneous SENSors. REASENS provides among others alert correlation and system state inference (under attack, normal operation, erroneous operation). REASENS was developed by AIT.
REASENS will become available as open source. Contact for more information: Paul.Smith@ait.ac.at
AMiner
02-05-2022AMiner (logdata Anomaly Miner) is part of the ÆCID system, a log-based anomaly detection system operating on logs collected from the network layer (e.g., firewalls, switches, routers) and application layer (e.g., Web servers, DNS, application servers etc.). AMiner was developed by AIT. For more information see ÆCID.
AMiner is available on https://github.com/ait-aecid/logdata-anomaly-miner
ABC Tool
02-05-2022ABC Tool is a netflow-based anomaly detection system, developed by TNO, for internal host communication profiling to detect among others lateral movement and data exfiltration.
ABC Tool is part of an Anomaly Detection product of Sightlabs. Contact SightLabs for information.
L-ADS
02-05-2022L-ADS is a netflow-based anomaly detection tool developed by Atos.
Contact Atos for information on how to obtain L-ADS: rodrigo.diaz@atos.net