Repository files navigation

A curated list of amazingly awesome tools and resources related to the use of machine learning for cyber security.

• Datasets
• Papers
• Books
• Talks
• Tutorials
• Courses
• Miscellaneous

Please readCONTRIBUTING if you wish to add tools or resources.

• HIKARI-2021 Datasets
• Samples of Security Related Data
• DARPA Intrusion Detection Data Sets [1998 /1999 ]
• Stratosphere IPS Data Sets
• Open Data Sets
• Data Capture from National Security Agency
• The ADFA Intrusion Detection Data Sets
• NSL-KDD Data Sets
• Malicious URLs Data Sets
• Multi-Source Cyber-Security Events
• KDD Cup 1999 Data
• Web Attack Payloads
• WAF Malicious Queries Data Sets
• Malware Training Data Sets
• Aktaion Data Sets
• CRIME Database from DeepEnd Research
• Publicly available PCAP files
• 2007 TREC Public Spam Corpus
• Drebin Android Malware Dataset
• PhishingCorpus Datset
• EMBER
• Vizsec Research
• SHERLOCK
• Probing / Port Scan - Dataset
• Aegean Wireless Intrusion Dataset (AWID)
• BODMAS PE Malware Dataset

• Generating Network Intrusion Detection Dataset Based on Real and Encrypted Synthetic Attack Traffic
• Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks
• Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
• Anomalous Payload-Based Network Intrusion Detection
• Malicious PDF detection using metadata and structural features
• Adversarial support vector machine learning
• Exploiting machine learning to subvert your spam filter
• CAMP – Content Agnostic Malware Protection
• Notos – Building a Dynamic Reputation System for DNS
• Kopis – Detecting malware domains at the upper dns hierarchy
• Pleiades – From Throw-away Traffic To Bots – Detecting The Rise Of DGA-based Malware
• EXPOSURE – Finding Malicious Domains Using Passive DNS Analysis
• Polonium – Tera-Scale Graph Mining for Malware Detection
• Nazca – Detecting Malware Distribution in Large-Scale Networks
• PAYL – Anomalous Payload-based Network Intrusion Detection
• Anagram – A Content Anomaly Detector Resistant to Mimicry Attacks
• Applications of Machine Learning in Cyber Security
• Data Mining для построения систем обнаружения сетевых атак (RUS)
• Выбор технологий Data Mining для систем обнаружения вторжений в корпоративную сеть (RUS)
• Нейросетевой подход к иерархическому представлению компьютерной сети в задачах информационной безопасности (RUS)
• Методы интеллектуального анализа данных и обнаружение вторжений (RUS)
• Dimension Reduction in Network Attacks Detection Systems
• Rise of the machines: Machine Learning & its cyber security applications
• Machine Learning in Cyber Security: Age of the Centaurs
• Automatically Evading Classifiers A Case Study on PDF Malware Classifiers
• Weaponizing Data Science for Social Engineering — Automated E2E Spear Phishing on Twitter
• Machine Learning: A Threat-Hunting Reality Check
• Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection
• Practical Secure Aggregation for Privacy-Preserving Machine Learning
• DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning
• eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys
• Big Data Technologies for Security Event Correlation Based on Event Type Accounting (RUS)
• Investigation of The Use of Neural Networks for Detecting Low-Intensive Ddоs-Atak of Applied Level (RUS)
• Detecting Malicious PowerShell Commands using Deep Neural Networks
• Machine Learning DDoS Detection for Consumer Internet of Things Devices
• Anomaly Detection in Computer Systemby Intellectual Analysis of System Journals (RUS)
• EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models
• A state-of-the-art survey of malware detection approaches using data mining techniques.
• Investigation of malicious portable executable file detection on network using supervised learning techniques.
• Machine Learning in Cybersecurity: A Guide
• Outside the Closed World: On Using Machine Learning For Network Intrusion Detection
• Machine Learning Based Network Vulnerability Analysis of Industrial Internet of Things
• Hopper: Modeling and Detecting Lateral Movement
• Finding Effective Security Strategies through Reinforcement Learning and Self-Play
• Intrusion Prevention through Optimal Stopping
• Cyber Risk Management: AI-Generated Warnings of Threats (Thesis)

• Data Mining and Machine Learning in Cybersecurity
• Machine Learning and Data Mining for Computer Security
• Network Anomaly Detection: A Machine Learning Perspective
• Machine Learning and Security: Protecting Systems with Data and Algorithms
• Introduction To Artificial Intelligence For Security Professionals
• Mastering Machine Learning for Penetration Testing
• Malware Data Science: Attack Detection and Attribution

• Using Machine Learning to Support Information Security
• Defending Networks with Incomplete Information
• Applying Machine Learning to Network Security Monitoring
• Measuring the IQ of your Threat Intelligence Feeds
• Data-Driven Threat Intelligence: Metrics On Indicator Dissemination And Sharing
• Applied Machine Learning for Data Exfil and Other Fun Topics
• Secure Because Math: A Deep-Dive on ML-Based Monitoring
• Machine Duping 101: Pwning Deep Learning Systems
• Delta Zero, KingPhish3r – Weaponizing Data Science for Social Engineering
• Defeating Machine Learning What Your Security Vendor Is Not Telling You
• CrowdSource: Crowd Trained Machine Learning Model for Malware Capability Det
• Defeating Machine Learning: Systemic Deficiencies for Detecting Malware
• Packet Capture Village – Theodora Titonis – How Machine Learning Finds Malware
• Build an Antivirus in 5 Min – Fresh Machine Learning #7. A fun video to watch
• Hunting for Malware with Machine Learning
• Machine Learning for Threat Detection
• Machine Learning and the Cloud: Disrupting Threat Detection and Prevention
• Fraud detection using machine learning & deep learning
• The Applications Of Deep Learning On Traffic Identification
• Defending Networks With Incomplete Information: A Machine Learning Approach
• Machine Learning & Data Science
• Advances in Cloud-Scale Machine Learning for Cyber-Defense
• Applied Machine Learning: Defeating Modern Malicious Documents
• Automated Prevention of Ransomware with Machine Learning and GPOs
• Learning to Detect Malware by Mining the Security Literature
• Clarence Chio and Anto Joseph - Practical Machine Learning in Infosecurity
• Advances in Cloud-Scale Machine Learning for Cyberdefense
• Machine Learning-Based Techniques For Network Intrusion Detection
• Practical Machine Learning in Infosec
• AI and Security
• AI in InfoSec
• Beyond the Blacklists: Detecting Malicious URL Through Machine Learning
• Machine Learning Fueled Cyber Threat Hunting
• Weaponizing Machine Learning: Humanity Was Overrated
• Machine Learning, Offense, and the future of Automation
• Bringing Red vs. Blue to Machine Learning
• Explaining Machine Learning with Azure and the Titanic Dataset
• Using Machines to exploit Machines
• Analyze active directory event logs using visualize and ML
• Hardening Machine Learning Defenses Against Adversarial Attacks
• Deep Neural Networks for Hackers: Methods, Applications, and Open Source Tools
• ML in the daily work of a threat hunter
• The Real Deal About AI: ML for CyberSecurity - Josh Fu
• Automated Detection of Software Vulnerabilities Using Deep-Learning
• Building and Breaking a Machine Learning System - Johann Rehberger
• Vulnerabilities of Machine Learning Infrastructure - Sergey Gordeychik

• Machine Learning based Password Strength Classification
• Using Machine Learning to Classify Packet Captures
• Using Machine Learning to Detect Malicious URLs
• Using deep learning to break a Captcha system
• Data mining for network security and intrusion detection
• Applying Machine Learning to Improve Your Intrusion Detection System
• Analyzing BotNets with Suricata & Machine Learning
• fWaf – Machine learning driven Web Application Firewall
• Deep Session Learning for Cyber Security
• DMachine Learning for Malware Detection
• ShadowBrokers Leak: A Machine Learning Approach
• Practical Machine Learning in Infosec - Virtualbox Image and Stuff
• A Machine-Learning Toolkit for Large-scale eCrime Forensics
• WebShells Detection by Machine Learning
• Building Machine Learning Models for the SOC
• Detecting Web Attacks With Recurrent Neural Networks
• Machine Learning for Red Teams, Part 1
• Detecting Reverse Shell with Machine Learning
• Obfuscated Command Line Detection Using Machine Learning
• Обнаружение веб-атак с помощью рекуррентных нейронных сетей (RUS)
• Clear and Creepy Danger of Machine Learning: Hacking Passwords
• Discovering anomalous patterns based on parent-child process relationships
• Machine Learning for Detecting Phishing Websites
• Password Hunting with ML in Active Directory
• Как самому разработать систему обнаружения компьютерных атак на основе машинного обучения (RUS)

• Data Mining for Cyber Security by Stanford
• Data Science and Machine Learning for Infosec
• Cybersecurity Data Science on Udemy
• Machine Learning for Red Team Hackers on Udemy
• Machine Learning for Security

• System predicts 85 percent of cyber-attacks using input from human experts
• Machine learning tool for classification of packets by looking at packet headers
• A list of open source projects in cyber security using machine learning
• Source code about machine learning and security
• Source code for Mastering Machine Learning for Penetration Testing
• Convolutional neural network for analyzing pentest screenshots
• Big Data and Data Science for Security and Fraud Detection
• StringSifter - a machine learning tool that ranks strings based on their relevance for malware analysis

This work is licensed under aCreative Commons Attribution-ShareAlike 4.0 International license.