https://github.com/ANSSI-FR/SecuML

Machine Learning for Computer Security
https://github.com/ANSSI-FR/SecuML

active-learning gui interactive-machine-learning intrusion-detection machine-learning malware-detection rare-category-detection

Last synced: about 6 hours ago
JSON representation

Machine Learning for Computer Security

• Host: GitHub
• URL: https://github.com/ANSSI-FR/SecuML
• Owner: ANSSI-FR
• License: gpl-2.0
• Created: 2016-09-05T08:15:59.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2022-01-06T22:24:53.000Z (almost 3 years ago)
• Last Synced: 2023-11-07T18:14:46.916Z (about 1 year ago)
• Topics: active-learning, gui, interactive-machine-learning, intrusion-detection, machine-learning, malware-detection, rare-category-detection
• Language: Python
• Homepage: https://anssi-fr.github.io/SecuML
• Size: 12.5 MB
• Stars: 267
• Watchers: 30
• Forks: 63
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-technostructure - ANSSI-FR/SecuML - FR/SecuML: Machine Learning for Computer S ([🔓 security](https://github.com/stars/ketsapiwiq/lists/unlock-security))
• awesome-technostructure - ANSSI-FR/SecuML - FR/SecuML: Machine Learning for Computer S ([🔓 security](https://github.com/stars/ketsapiwiq/lists/unlock-security))

README

        
# SecuML [https://anssi-fr.github.io/SecuML/](https://anssi-fr.github.io/SecuML/)

SecuML is a Python tool that aims to foster the use of Machine Learning in Computer Security. It is distributed under the GPL2+ license.

It allows security experts to train detection models easily and comes with a web user interface to visualize the results and interact with the models.

SecuML can be applied to any detection problem. It requires as input numerical features representing each instance.

It supports binary labels (malicious vs. benign) and categorical labels which represent families of malicious or benign behaviours.

#### Benefits of SecuML

SecuML relies on [scikit-learn](https://www.scikit-learn.org/stable/index.html) to train the Machine Learning models

and offers the additionnal features:

* **_Web user interface_**   

  diagnosis and interaction with Machine Learning models (active learning, rare category detection)

* **_Hide some of the Machine Learning machinery_**   

  automation of data loading, feature standardization, and search of the best hyperparameters

#### What you can do with SecuML

* Training and diagnosing a detection model before deployment with DIADEM

* Annotating a dataset with a reduced workload with ILAB

* Exploring a dataset interactively with rare category detection

* Clustering

* Projection

* Computing descriptive statistics of each feature

See the [sphinx documentation](https://anssi-fr.github.io/SecuML/) for more detail.

#### Papers

* Beaugnon, Anaël, and Pierre Chifflier. ["Machine Learning for Computer Security Detection Systems: Practical Feedback and Solutions"](https://www.ssi.gouv.fr/uploads/2018/11/machine-learning-for-computer-security-abeaugnon-pchifflier-anssi-.pdf) 

Computer & Electronics Security Applications Rendez-vous (C&ESAR 2018)

* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. ["End-to-End Active Learning for Computer Security Experts."](https://hal.archives-ouvertes.fr/hal-01888983/file/idea18-paper1-beaugnon.pdf)   

KDD Workshop on Interactive Data Exploration and Analytics (IDEA 2018). *Extended version of AICS 2018.*

* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. ["End-to-End Active Learning for Computer Security Experts."](https://www.ssi.gouv.fr/uploads/2018/02/end-to-end-active-learning-for-computer-security-experts_abeaugnon_pchifflier_fbach_anssi_inria.pdf)   

AAAI Workshop on Artificial Intelligence for Computer Security (AICS 2018).

* Beaugnon, Anaël, Pierre Chifflier, and Francis Bach. ["ILAB: An Interactive Labelling Strategy for Intrusion Detection."](https://www.ssi.gouv.fr/uploads/2017/09/ilab_beaugnonchifflierbach_raid2017.pdf)   

International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017).

* [FRENCH] Bonneton, Anaël, and Antoine Husson. ["Le Machine Learning confronté aux contraintes opérationnelles des systèmes de détection."](https://www.sstic.org/media/SSTIC2017/SSTIC-actes/le_machine_learning_confront_aux_contraintes_oprat/SSTIC2017-Article-le_machine_learning_confront_aux_contraintes_oprationnelles_des_systmes_de_dtection-bonneton_husson.pdf)   

Symposium sur la sécurité des technologies de l'information et des communications (SSTIC 2017).

#### PhD Dissertation

* Beaugnon, Anaël. ["Expert-in-the-Loop Supervised Learning for Computer Security Detection Systems."](https://www.ssi.gouv.fr/uploads/2018/06/beaugnon-a_these_manuscrit.pdf)   

Ph.D. thesis, École Normale Superieure (2018)

#### Presentations

* [FRENCH] Beaugnon, Anaël. ["Appliquer le Machine Learning de manière pertinente à la détection d’intrusion."](https://www.cert-ist.com/pub/files/Forum2017-03-Anael_Beaugnon-Machine-Learning.pdf)   

Forum annuel du CERT-IST (CERT-IST 2017).

* Bonneton, Anaël. ["Machine Learning for Computer Security Experts using Python & scikit-learn."](http://pyparis.org/talks.html#39d62c68337f89d3c879fff02b88e23b)   

PyParis 2017.

#### Authors

* Anaël Beaugnon ([email protected])

* Pierre Collet ([email protected])

* Antoine Husson ([email protected])