Tools, Services, Datasets

Our research and development team maintains a set of open-source tools for configuration, network traffic monitoring, security analysis, and cyber threat intelligence. This page is a brief collection of links to relevant information or projects.

Tools

• ipfixprobe – IP Flow exporter (monitoring probe) to create IPFIX from real network traffic or from PCAP file
  • git: https://github.com/CESNET/ipfixprobe
  • blog post on high-speed network monitoring:
    https://www.liberouter.org/high-speed-multithreaded-ip-flow-exporter-for-machine-learning/
• IPFIXcol2 – IP Flow collector to collect IPFIX flow data from one or more IP flow exporters
  • git: https://github.com/CESNET/IPFIXcol2
  • web configurator: https://cesnet.github.io/ipfixcol2/
    (source: https://github.com/CESNET/ipfixcol2/tree/webpage)
• NEMEA – a system to filter, aggregate and process flow data from IPFIXcol2; NEMEA contains modules to detect security threats in the monitored network traffic
  • web: https://nemea.liberouter.org/
  • git: https://github.com/CESNET/NEMEA
• Configuration tools and libraries – see the dedicated page with the list of NETCONF and Yang technologies.

Services

• NERD – Network Entity Reputation Database to collect information about sources of troubles
  • web: https://nerd.cesnet.cz/
  • git: https://github.com/CESNET/NERD/
  • wiki: https://github.com/CESNET/NERD/wiki/

Datasets

See the dedicated page with the list of datasets.