Patriot IDS

Inspiration

With the rise of AI and the growing frequency of cyberattacks, cybersecurity experts need tools that help them cover baseline cybersecurity work, allowing them to focus on developing more advanced security techniques and learning about tomorrow's threats.

What it does

Patriot IDS is an Intrusion Detection System (IDS) that monitors incoming network traffic. The IDS stores traffic data in MongoDB. Also, Patriot IDS does anomaly detection and threat classification. Critical and high-threat alerts are reported via SMS and Email.

How we built it

We used:

Docker (containerization)
Docker Compose (multi-container compatibility)
Patriot AI: Used to help build the backend
OpenAI ChatGPT 5 mini: used to help build the database with MongoDB Atlas.
Claude Sonnet 4.5: Used to make the front end.
MongoDB Atlas: Used to store the input collected by the network data collection.
Scikit-learn and numpy: Used to implement the ML models for anomaly detection and classification.
AWS: used 2 VM's as an attacker defender pair to make an IDS security testing/demoing platform.

Challenges we ran into

We had trouble finding a network traffic scanner.
MongoDB proved to be a bit of a learning curve.

Accomplishments that we're proud of

We built the project knowing nearly nothing about cybersecurity, Cloud computing, Github Merge Conflicts, MongoDB, Docker, and scikit. We were able to make the IDS with minimal prior knowledge and build it on a tight deadline. We learned a lot about the core technologies the industry uses and the concepts that are foundational to large-scale industrial technology.