Aurora

Aurora Logo
Real-time cyber-physical threat dashboard highlighting a high-confidence alert at substation alpha.
Unified event intelligence view aggregating thousands of cyber and infrastructure signals in one feed
Analyst console interface summarizing and querying a coordinated cyber-physical threat scenario.

Inspiration

In May 2021, the Colonial Pipeline attack started with something small—a compromised password. Within hours, it escalated into a nationwide fuel crisis, triggering shortages and a federal emergency declaration.

The signals were there. But they were scattered across systems that never spoke to each other.

Critical infrastructure today is protected by fragmented tools—cybersecurity platforms, physical surveillance, and intelligence feeds—each seeing only a slice of reality.

We built AURORA to answer one question:

What if we could see the full picture before it’s too late?

What it does

AURORA is a multi-agent AI system that continuously monitors and correlates:

Cyber signals (network anomalies, SCADA events, login failures) Physical signals (camera feeds, access control anomalies) OSINT intelligence (CISA advisories, global news, threat reports)

It then:

Detects anomalies in each domain Correlates them across time and location Matches them to real-world attack patterns Generates a high-confidence threat alert Produces a human-readable intelligence brief Delivers alerts via real-time voice (ElevenLabs)

All of this happens in under 60 seconds.

How we built it

OpenAI (Core Intelligence Layer) ada-002 embeddings power semantic search across 3,500+ real-world incidents Enables instant pattern matching (e.g., detecting similarities to Ukraine 2015-style attacks) Used in correlation engine for cross-domain reasoning

This is what turns raw data into understanding Meta (Perception + Reasoning) DINOv2 → learns “normal” camera behavior and flags anomalies without labeled data SAM (Segment Anything) → precisely identifies what caused the anomaly Llama 3.3 70B → acts as a senior intelligence analyst, generating reports with both text + visual reasoning

This is what allows AURORA to see and interpret the physical world

ElevenLabs (Human Response Layer) Converts alerts into real-time voice warnings Supports speech-to-text for operator interaction Ensures alerts are heard instantly, not missed in dashboards Because in critical moments, humans don’t read dashboards—they respond to urgency Backend & Intelligence Engine XGBoost + NetworkX → threat scoring + graph clustering FAISS vector search → ultra-fast similarity matching FastAPI + SQLite → unified event system React dashboard → live monitoring interface

Challenges we ran into

Correlating heterogeneous data sources into a unified schema Aligning time + location + semantic similarity across domains Achieving real-time performance with multi-model pipelines Integrating vision + language + graph reasoning seamlessly Reducing false positives while maintaining sensitivity

Accomplishments that we're proud of

Built a fully working prototype in 36 hours Integrated Meta, OpenAI, and ElevenLabs into one cohesive system Created a 3,500+ incident unified intelligence database Achieved 20/20 anomaly detection in testing Delivered sub-60-second threat detection pipeline

What we learned

Real-world attacks are never single-domain AI becomes exponentially more powerful when models collaborate Speed + clarity matter more than raw detection Human-centered design (like voice alerts) is critical in security systems

What's next for Aurora

Integrate with real enterprise systems (Splunk, QRadar, CCTV APIs) Scale infrastructure (PostgreSQL, Pinecone) Add multi-camera tracking + long-term memory Expand into healthcare, manufacturing, and transportation sectors Deploy pilot programs with critical infrastructure partners