-
-
This is our database with all the data of captured attackers.
-
This is our user-friendly front end
-
Front end in dark mode
-
Graph on left shows anomaly score distribution, graph on the right shows number of cumulative attacks vs time
-
Terminal window showing connection to database
Inspiration
In this day, cyberattacks are extremely sophisticated, and traditional firewalls often fail to detect nuanced intrusion attempts. We wanted to create a proactive defense system that doesn't just block attacks but analyzes attacker behavior in real-time using a honeypot and machine learning.
What it does
It runs a heralding to detect an attack and log all the information we need and upload it to the MongoDB database. From the database, we have trained an ML to learn the type of attack and work on creating a response report.
How we built it
We used Heralding and Docker to get the log of information, we used River for ML algorithm, MongoDB to store our data. We used HTML and Flask for the front end and implemented GenAI in for the response as well.
Challenges we ran into
We ran into a lot of challenges in this project. The concept of a Honeypot system was foreign to us and we had to learn about its system from scratch. We had to learn how to generate a honeypot, debug the errors we got from Docker, and integrate it into our code. Then we had to learn how to build an ML from scratch and train it with multiple logs and make it detect threats; this was especially hard because there were multiple errors which were related to database connectivity, and we had to fix all of them before we could train and test our ML. Finally, the frontend also posed a challenge as we couldn't run it plainly using html, we had to run it using docker, this was a hard thing because running in docker was confusing as it never presented conventional errors.
Accomplishments that we're proud of
We are proud to have developed a fully functional demo that integrates a honeypot, a MongoDB database, and machine learning to process data and generate a visual representation of attacker information. This end-to-end solution showcases full-stack development, leveraging complex backend tools and methodologies to create a viable tech product with strong business potential.
What we learned
We learned how to use various tools such as honeypot implementation, database management and machine learning integration. We also had to optimise our performance and the first solution wasn't necessarily the best one. We learned to manage our time since we had many ideas but time to implement only so many.
What's next for SUCK MY TECH
This project has potential to be a viable business product as this concept can be used to stregthen the security of various businesses and government agencies' online presence. This is a new, fresher approach in an existing market!
Log in or sign up for Devpost to join the conversation.