Sentinel-Eye: AI-Powered Autonomous Intrusion Defense System

Report of the Attacks
Info of the IP
Blocking IP
Live Threat Graphs Sections
Live Threat Locating
Main Dashboard

Inspiration In an era where cyber threats like Ransomware and DDoS attacks are evolving faster than defenses, traditional antivirus software is no longer enough. Small businesses and students cannot afford enterprise-grade hardware firewalls (like Cisco or Palo Alto), leaving them vulnerable.

We asked ourselves: "Can we turn a standard PC into a military-grade security appliance using AI?" The answer was Sentinel-Eye. We wanted to democratize cybersecurity by building a tool that doesn't just alert you after a hack, but actively defends your network in real-time.

What it does Sentinel-Eye is a Network Intrusion Defense System (NIDS) that acts as a digital bodyguard.

Deep Packet Inspection (DPI): It captures raw network traffic and analyzes the "DNA" of every packet.

AI Forensics: Unlike basic firewalls that just block ports, our system sends suspicious payloads to the Gemini API, which explains why the packet is dangerous (e.g., "This looks like a SQL Injection attempting to dump your user table").

Live "War Room": A Cyberpunk-style dashboard that visualizes attacks on a 3D globe, showing exactly where the hacker is sitting.

How I built it The system is built on a high-performance Hybrid Architecture:

The Hunter (Backend): We used Python with Scapy to tap into the network card (NIC) and sniff packets at the kernel level. We optimized the script using Multi-threading to leverage the power of the Ryzen 5 5600 CPU, ensuring 0% packet loss even under heavy load.

The Brain (AI): We integrated Google's Gemini API to act as our "Cybersecurity Analyst," providing human-readable explanations for complex hex dumps.

The Command Center (Frontend): We built a reactive dashboard using Laravel 10 and Tailwind CSS. To achieve real-time updates without page refreshes, we utilized WebSockets, allowing red alerts to flash instantly when an attack occurs.

Challenges I ran into Speed vs. Accuracy: Python can be slow with raw sockets. We had to implement efficient queue management to process packets without lagging the PC.

Real-time Visualization: Mapping IP addresses to physical locations on the globe (using Leaflet.js) in milliseconds was tricky, but we solved it by caching Geo-IP data locally.

Accomplishments that we're proud of Successfully detecting ARP Spoofing and SQL Injection attacks in real-time.

Creating a UI that looks like a movie-grade Security Operation Center (SOC).

Bridging the gap between low-level Python networking and high-level Web UI.

What we learned We learned the intricacies of TCP/IP handshakes, how hackers manipulate packet headers, and how to harness Generative AI not just for text, but for real-time security analysis.

Built With

chart.js-(visualization)
composer
gemini
git
google
javascript
laravel
leaflet.js
network-sniffing)
php
python
scapy
tailwind
vs-code
xampp

Submitted to

Gemini 3 Hackathon

Created by

My Contributions:
System Architecture & Design: Conceptualized the hybrid architecture connecting a low-level Python sniffing engine with a high-level Laravel dashboard.

Security Engine Development: Developed the core "Hunter" engine using Python and Scapy to perform real-time Deep Packet Inspection (DPI) and threat detection.

Full-Stack Web Development: Built the responsive, cyberpunk-themed "War Room" dashboard using Laravel, Tailwind CSS, and WebSockets for real-time data visualization.

AI Integration: Integrated the Gemini API to analyze complex hex dumps and generate human-readable forensic reports.

Network Optimization: Leveraged my Ryzen 5 5600 hardware to implement multi-threading, ensuring the system can handle high-velocity traffic without packet loss.

Anas Nasir

Updates

Anas Nasir started this project — Feb 08, 2026 04:32 PM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.