Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

The Attacker IP Prioritizer(AIP) dynamically generates resource-friendly IPv4 blocklists from Zeek network flows.

A Python-based network traffic analyzer for PCAP files, providing insights into protocol distribution, IP communications, and potential port scanning activities.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Comparative network traffic analysis using public datasets (MAWI and CAIDA) — Undergraduate thesis project (UFSM 2025/1)

The project is about fingerprinting operating systems using different multi-class classification algorithms.

A real-time, AI-augmented network monitoring tool built with Python, Dash, and Scapy. It captures live packets or analyzes .pcap files, applies ML/AI-based filtering, detects port scans, triggers email alerts, and logs incidents. The interactive web dashboard visualizes protocol usage and traffic stats, supporting advanced visual filters.

This project is a live network monitoring dashboard that leverages tree-based machine learning algorithms to detect intrusions in real-time. The system uses Flask and Socket.IO for real-time data updates, and Chart.js for data visualization. The dashboard provides various charts to visualize network data and sends notifications for suspicious activ

Dryad: Deploying Adaptive Trees on Programmable Switches for Networking Classification (ICNP2023)

A simple, yet powerful Python-based network anomaly detection tool that uses machine learning to analyze network traffic and detect suspicious activity. The tool integrates with the VirusTotal API to check the reputation of anomalous IP addresses.

Kali Linux sanal makinesi kullanarak DDoS saldırılarının simülasyonunu gerçekleştirip, oluşturulan veri seti üzerinde makine öğrenme algoritmaları ile saldırı tespiti ve normal trafikten ayırma.

A real-time traffic monitoring tool that detects and displays network traffic volume per IP address to identify potential DDoS attacks.

ThreatGuard is an advanced threat detection system that utilizes the CICIDS 2017 dataset for network traffic analysis and anomaly detection.

Major project for Advanced Topics in Computer Science. Using mitmproxy to automatically detect if private data has been leaked in network traffic data by certain android applications.

Network Traffic Analysis

Modeling Network Traffic using Recurrent Neural Networks (Long Short-Term Memory, LSTM)

https://gitlab.com/mini-ids/network_traffic_analysis

Intrusion Detection System

A machine learning project to detect cyberattacks in IoT healthcare networks. Utilizes PCA for dimensionality reduction, data visualization for insights, and ANN for classification. Features a FastAPI backend and Streamlit UI for inference with labeled and unlabeled datasets.