{"id":20722032,"url":"https://github.com/ANSSI-FR/SecuML","last_synced_at":"2025-05-10T23:32:17.415Z","repository":{"id":45123932,"uuid":"67401481","full_name":"ANSSI-FR/SecuML","owner":"ANSSI-FR","description":"Machine Learning for Computer Security","archived":false,"fork":false,"pushed_at":"2022-01-06T22:24:53.000Z","size":13056,"stargazers_count":272,"open_issues_count":1,"forks_count":60,"subscribers_count":29,"default_branch":"master","last_synced_at":"2024-11-17T03:34:18.464Z","etag":null,"topics":["active-learning","gui","interactive-machine-learning","intrusion-detection","machine-learning","malware-detection","rare-category-detection"],"latest_commit_sha":null,"homepage":"https://anssi-fr.github.io/SecuML","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ANSSI-FR.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-09-05T08:15:59.000Z","updated_at":"2024-10-01T16:45:46.000Z","dependencies_parsed_at":"2022-08-26T10:40:47.941Z","dependency_job_id":null,"html_url":"https://github.com/ANSSI-FR/SecuML","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ANSSI-FR%2FSecuML","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ANSSI-FR%2FSecuML/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ANSSI-FR%2FSecuML/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ANSSI-FR%2FSecuML/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ANSSI-FR","download_url":"https://codeload.github.com/ANSSI-FR/SecuML/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253497300,"owners_count":21917683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-learning","gui","interactive-machine-learning","intrusion-detection","machine-learning","malware-detection","rare-category-detection"],"created_at":"2024-11-17T03:33:59.063Z","updated_at":"2025-05-10T23:32:12.404Z","avatar_url":"https://github.com/ANSSI-FR.png","language":"Python","funding_links":[],"categories":["[🔓 security](https://github.com/stars/ketsapiwiq/lists/unlock-security)"],"sub_categories":[],"readme":"# SecuML [https://anssi-fr.github.io/SecuML/](https://anssi-fr.github.io/SecuML/)\nSecuML is a Python tool that aims to foster the use of Machine Learning in Computer Security. It is distributed under the GPL2+ license.\n\nIt allows security experts to train detection models easily and comes with a web user interface to visualize the results and interact with the models.\nSecuML can be applied to any detection problem. It requires as input numerical features representing each instance.\nIt supports binary labels (malicious vs. benign) and categorical labels which represent families of malicious or benign behaviours.\n\n#### Benefits of SecuML\nSecuML relies on [scikit-learn](https://www.scikit-learn.org/stable/index.html) to train the Machine Learning models\nand offers the additionnal features:\n* **_Web user interface_**   \n  diagnosis and interaction with Machine Learning models (active learning, rare category detection)\n* **_Hide some of the Machine Learning machinery_**   \n  automation of data loading, feature standardization, and search of the best hyperparameters\n\n#### What you can do with SecuML\n* Training and diagnosing a detection model before deployment with DIADEM\n* Annotating a dataset with a reduced workload with ILAB\n* Exploring a dataset interactively with rare category detection\n* Clustering\n* Projection\n* Computing descriptive statistics of each feature\n\nSee the [sphinx documentation](https://anssi-fr.github.io/SecuML/) for more detail.\n\n#### Papers\n* Beaugnon, Anaël, and Pierre Chifflier. [\"Machine Learning for Computer Security Detection Systems: Practical Feedback and Solutions\"](https://www.ssi.gouv.fr/uploads/2018/11/machine-learning-for-computer-security-abeaugnon-pchifflier-anssi-.pdf) \nComputer \u0026 Electronics Security Applications Rendez-vous (C\u0026ESAR 2018)\n* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. [\"End-to-End Active Learning for Computer Security Experts.\"](https://hal.archives-ouvertes.fr/hal-01888983/file/idea18-paper1-beaugnon.pdf)   \nKDD Workshop on Interactive Data Exploration and Analytics (IDEA 2018). *Extended version of AICS 2018.*\n* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. [\"End-to-End Active Learning for Computer Security Experts.\"](https://www.ssi.gouv.fr/uploads/2018/02/end-to-end-active-learning-for-computer-security-experts_abeaugnon_pchifflier_fbach_anssi_inria.pdf)   \nAAAI Workshop on Artificial Intelligence for Computer Security (AICS 2018).\n* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. [\"ILAB: An Interactive Labelling Strategy for Intrusion Detection.\"](https://www.ssi.gouv.fr/uploads/2017/09/ilab_beaugnonchifflierbach_raid2017.pdf)   \nInternational Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017).\n* [FRENCH] Bonneton, Anaël, and Antoine Husson. [\"Le Machine Learning confronté aux contraintes opérationnelles des systèmes de détection.\"](https://www.sstic.org/media/SSTIC2017/SSTIC-actes/le_machine_learning_confront_aux_contraintes_oprat/SSTIC2017-Article-le_machine_learning_confront_aux_contraintes_oprationnelles_des_systmes_de_dtection-bonneton_husson.pdf)   \nSymposium sur la sécurité des technologies de l'information et des communications (SSTIC 2017).\n\n#### PhD Dissertation\n* Beaugnon, Anaël. [\"Expert-in-the-Loop Supervised Learning for Computer Security Detection Systems.\"](https://www.ssi.gouv.fr/uploads/2018/06/beaugnon-a_these_manuscrit.pdf)   \nPh.D. thesis, École Normale Superieure (2018)\n\n#### Presentations\n* [FRENCH] Beaugnon, Anaël. [\"Appliquer le Machine Learning de manière pertinente à la détection d’intrusion.\"](https://www.cert-ist.com/pub/files/Forum2017-03-Anael_Beaugnon-Machine-Learning.pdf)   \nForum annuel du CERT-IST (CERT-IST 2017).\n* Bonneton, Anaël. [\"Machine Learning for Computer Security Experts using Python \u0026 scikit-learn.\"](http://pyparis.org/talks.html#39d62c68337f89d3c879fff02b88e23b)   \nPyParis 2017.\n\n#### Authors\n* Anaël Beaugnon (anael.beaugnon@ssi.gouv.fr)\n* Pierre Collet (pierre.collet@ssi.gouv.fr)\n* Antoine Husson (antoine.husson@ssi.gouv.fr)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FANSSI-FR%2FSecuML","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FANSSI-FR%2FSecuML","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FANSSI-FR%2FSecuML/lists"}