Coming to this hackathon, we agreed that our goal was to make cybersecurity software that would make an impact upon large organizations.
What it does
MalEvasion allows organizations to track and predict the next targets of malware in their local network based on a user-generated model of the topology and recorded data of communication. A use case for this software would be as follows:
A company is dependent upon a large internal IT infrastructure. If this infrastructure went down, it would mean massive losses in terms of profit and customer support. One of the many things businesses are now vulnerable to in the 21st century is the spread of malware. Oftentimes, malware hitting a node of a network will cause a business to shut down large pieces of its network in an effort to contain the spread of the malware. This spells out significant amounts of lost profits. We offer an alternative; MalEvasion allows a business to model its network topology, and should an infection happen, statistically calculate the probability of each individual device in a network to also be infected. This allows IT professionals to combat an infection with greater precision, rather than sweeping out networks blindly.
How we built it
We used a combination of C# and SQL to develop a UI for employees to view potential infection within a network, as well as a backend to do the computations required for each node. We utilized WPF, Excel Interoperability, and Google Cloud Platform to assist us in this.
Challenges we ran into
The hardest thing about developing this software was to integrate the separately-written modules into one cohesive program; this is a problem that has still not been 100% dealt with.
Accomplishments that we're proud of
We were able to create a SQL database with GCP and tie that to the SMTP program to simulate the malicious program moving from machine to machine.
What we learned
We learned how to interface Unity executables with WPF-based GUIs to allow for interactive visualization.
What's next for MalEvasion
• Allowing the user to click and drop objects to build topologies • Making our code cleaner • Adding an AI or ML unit to display better metrics • Documenting our program • Allowing different types of users to use our program • Making our program more accessible to all • Teach other about the risk of malicious programs • Gain some insight on how to better improve our program