Zeek is an open-source network analysis framework, primarily used in security monitoring and traffic analysis.
Zeek is an open-source network analysis framework, primarily used in security monitoring and traffic analysis. Zeek will generate log files based on signatures or events found during network traffic analysis and also includes built-in functionality for a variety of analysis and detection tasks. For additional information, please see: zeek.org.
| Labs |
|---|
| Lab 01: Introduction to the Capabilities of Zeek |
| Lab 02: An Overview of Zeek Logs |
| Lab 03: Parsing, Reading, and Organizing Zeek Files |
| Lab 04: Generating, Capturing, and Analyzing Network Scanner Traffic |
| Lab 05: Generating, Capturing, and Analyzing DoS and DDoS-Centric Network Traffic |
| Lab 06: Introduction to Zeek Scripting |
| Lab 07: Introduction to Zeek Signatures |
| Lab 08: Advanced Zeek Scripting for Anomaly and Malicious Event Detection |
| Lab 09: Profiling and Performance Metrics of Zeek |
| Lab 10: Application of the Zeek IDS for Real-Time Network Protection |
| Lab 11: Preprocessing of Zeek Output Logs for Machine Learning |
| Lab 12: Developing Machine Learning Classifiers for Anomaly Inference and Classification |
NDG Online provides technical support specifically related to the functionality of the lab environment only. Any questions or concerns regarding the learning material or lab content must be directed to your instructor. Self-paced learners who find they require additional support are encouraged to seek out a course at a local academic institution.
