Inspiration

Modern defense relies heavily on drone swarms, which are highly vulnerable to radio jamming and cyberattacks. Skein is built to counter this threat: a self-healing swarm that detects interference using real machine learning and autonomously reroutes around damaged nodes.


What It Does

  • Resilient Mesh: 13 drones maintain a dense network where each node connects to at least 4 neighbors.
  • Live Intrusion Detection: A classic ML model analyzes traffic patterns to detect jamming or hacks.
  • Autonomous Rerouting: The swarm uses shortest-path routing to instantly heal when a node drops.
  • Interactive Demo: Attackers can launch strikes from a secondary physical laptop over a hotspot, watching the swarm dynamically adapt when the laptop lid is closed.

How I Built It

  • Frontend: Next.js, React, TypeScript, and Framer Motion for live animations.
  • Backend & Routing: Python, FastAPI, WebSockets for state streaming, and NetworkX for graph routing.
  • ML Detector: An XGBoost model trained on the CIC-IDS-2017 dataset, analyzing 10 flow features to classify traffic (Benign, DoS, Port Scan, Brute Force).

Challenges & Solutions

  • Real-State Simulation: Avoided faking data; jamming simulates real link degradation carrying actual attack traffic.
  • Multi-Device Sync: Overcame hotspot latency and heartbeat timing issues to seamlessly integrate the second physical laptop.
  • Mesh Tuning: Iterated on graph density to ensure the network remains stable even after losing multiple nodes simultaneously.

Accomplishments

  • Achieved 99% accuracy on unseen evaluation data, backed by live confusion matrices and feature importance metrics.
  • Created a fully functional, two-laptop hardware demo where physical disconnection triggers immediate, authentic network healing.

Lessons Learned

  • Tree Models > Deep Learning: XGBoost outperformed neural networks on tabular network data while providing crucial feature explainability.
  • Authenticity Wins: Keeping the data generation and simulation honest provided massive credibility during live demonstrations.

What's Next

  • Anomaly Detection: Transition to unsupervised learning to flag novel, zero-day attacks.
  • Live Packet Processing: Drive the detector using real-time packet capture rather than replayed dataset rows.
  • Scale: Expand past 13 nodes and harden the routing algorithm against multi-vector concurrent attacks.

Built With

Share this project:

Updates