Analysis updated 2026-05-18
Upload a network capture file to get an automatic clean, suspicious, or malicious verdict.
Map detected threats to the MITRE ATT&CK framework for a security report.
Compare a fast lightweight detector against a deep graph-neural-network model on the same traffic.
| forlives/cloudsight-ai | apex-dao/limitless-trading-bot | controllervr/yuzu-emu | |
|---|---|---|---|
| Stars | 84 | 84 | 84 |
| Language | — | TypeScript | C++ |
| Setup difficulty | hard | easy | easy |
| Complexity | 4/5 | 2/5 | 1/5 |
| Audience | ops devops | developer | general |
Figures from each repo's GitHub metadata at analysis time.
Only a browser demo and docs are public, source code and model weights are withheld until related papers publish.
CloudSight AI is a security platform designed to detect threats in network traffic from IoT devices, which are the small connected gadgets like smart cameras, routers, and sensors that make up the "Internet of Things." A distinctive challenge with IoT traffic is that much of it is encrypted, so the platform must identify suspicious patterns without reading the content of the packets. When you upload a network capture file (a recording of raw network traffic), the platform parses it into numerical features and builds a graph showing how devices communicated. It then routes this data to one of two detection engines. The fast engine gives a verdict in under a second using a lightweight model suited to small, simple traffic samples. The deep engine takes more time and uses a combination of a graph neural network and a transformer model to analyze complex or large samples, producing a detailed report with an explanation of its findings. Users can let the platform choose automatically or override and pick an engine themselves. The output includes a verdict (clean, suspicious, or malicious), a threat radar chart, a mapping to the MITRE ATT&CK framework (a standard catalog of attack techniques), and a network forensics summary. The platform can recognize eleven categories of threat including DDoS attacks, botnet activity (Mirai, Okiru, Torii), and command-and-control traffic. It also supports an optional connection to an external AI language model API to generate a plain-language explanation of the threat. At the time of writing, this repository contains a live interactive demo and documentation only. The full source code, model weights, and training code are reserved for release after the related academic papers are published. The demo runs on built-in example data directly in the browser.
A security platform that analyzes encrypted IoT network traffic to detect threats like DDoS attacks and botnets, using fast and deep AI detection engines.
Setup difficulty is rated hard, with roughly 1day+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.