Cyber Sentinel

Raspberry Pi tool that detects suspicious websites using system profiling and static code analysis with additional features such as file download safety check and continuous system monitoring during.

Comment

Inspiration

We wanted to build a simple and affordable way to help people stay safe online, especially those who might not be very tech-savvy, like parents, grandparents, or small office teams. A lot of security tools today are either too complicated, cost a monthly fee, or rely on cloud services that collect your data without you really knowing how they work.

With Cyber Sentinel, our goal was to create something that’s easy to set up, doesn’t require ongoing payments, and gives users complete control over their own data. Whether you’re helping a family member avoid risky websites or setting up protection on shared computers, this tool runs quietly in the background and only steps in when something seems suspicious.

What it does

Cyber Sentinel is a Raspberry Pi-powered web threat detection system that works alongside a custom browser extension to:

Collect system statistics during website loads (CPU, RAM, network usage) Compute z-scores using a baseline dataset to identify anomalous behavior Perform static code analysis on JavaScript using Semgrep Block network requests to suspicious sites until the user explicitly allows them Display a live risk dashboard in the browser popup All of this happens locally, ensuring both privacy and transparency.

How we built it

We used Tailwind CSS with React components to provide a clean interface. In order to accomplish our malware detection, we used industry-standard YARA rules, which are commonly used amongst cybersecurity companies to detect patterns of malware within website code and downloadable files. In addition, we used the Raspberry Pi to continuously monitor tabular statistics and run a Python script behind the scenes to determine CPU, RAM, and network stability.

Challenges we ran into

The Raspberry Pi had some security constraints that we needed to circumvent in order to run bash scripts over the SSH-ethernet connection. To circumvent this, we used MongoDB to act as the middleman in processing tasks in a queue-like format.

Accomplishments that we're proud of

Developing a finished product that we have an everyday use for in our lives.

What we learned

It's better to start off with a bigger scope and then narrow down to a Minimum Viable Product. That way, we can ensure that the core functionality of the product stays central. That being said, throughout this journey, we all learned more about cybersecurity and the difficulty that comes with safeguarding networks, websites, and local devices.

What's next for Cyber Sentinel

In the future, we plan to streamline the system by reducing our reliance on a cloud-hosted middleman to connect the Raspberry Pi and the browser extension. While some cloud interaction will still be necessary for generating the final risk assessment using Gemini, the core data collection and analysis will remain local. We're also working on adding the ability to track which websites have already been analyzed, so we can avoid repeating checks and improve performance. Additionally, we want to give users more control, including options to disable blocking temporarily or trigger a deeper, more detailed analysis on certain sites. These next steps will make Cyber Sentinel even more flexible, efficient, and user-friendly, while keeping transparency and privacy at its core.

Share this project:

Updates