Here are the idea submissions we received for the Ideas Phase of ZPC-3
* Package to detect known C2 frameworks such as Empire, Koadic, FactionC2,
Covenant, Merlin, etc. based on their unique traffic patterns.
* Package to generate a new ARP log, and to detect known attacks such as
ARP spoofing, flooding, scanning, etc
* Package to generate NFS log, and detect anomalous NFS activity.
* Spicy parser for IGMP
If you're a developer and you'd like to help with one of the ideas that
were submitted then take a look at the following blog post