Settings page
Attack History Table
No interference( Base Case)
IDS running
Popup window explaining immediate steps to stop the attack

VENOM – Versatile Event & Network Observation Module

Inspiration

Cyberattacks are growing in scale and complexity, overwhelming SOCs with false positives and slow response times. VENOM was built to act as a tireless SOC analyst—detecting intrusions in real time, classifying attack types, and instantly guiding mitigation.

What it does

VENOM is a next-gen Network Intrusion Detection System with four pillars:

ML-Driven Detection: Real-time packet capture, multi-attack classification (DoS, DDoS, Recon, Exploits, Fuzzers, Brute Force), and adaptive thresholds to cut false alerts.
AI SOC Assistant: Uses Google Gemini to generate step-by-step response plans, Windows PowerShell commands, and forensic guidance.
Cyberpunk Dashboard: Spider-Verse inspired UI with live traffic visuals, interactive charts, and intuitive controls.
Enterprise Architecture: Python FastAPI backend, React/TypeScript/Tailwind frontend, REST APIs, and multi-adapter support.

How we built it

Backend (Python/FastAPI): Real-time packet capture with Scapy, ML pipeline for feature extraction/classification, alert scoring, and database integration.
Frontend (React + TypeScript): Tailwind CSS, ShadCN UI, TanStack Query for real-time updates, and custom cyberpunk theme.
AI Integration: Gemini API with prompt engineering, JSON-structured outputs, and fallback response systems.
Real-Time Features: Sub-second alerts, WebSocket-like polling, and graceful degradation.

Challenges

Real-time ML accuracy → optimized pipelines and thresholds.
Consistent AI responses → structured prompts and fallback systems.
Adapter compatibility → flexible detection/configuration.
Reducing false positives → adaptive scoring and cooldowns.
SOC-friendly UI → functional cyberpunk aesthetic.
Cross-platform deployment → containerized builds and testing.

Accomplishments

Tech: Sub-2s detection-to-response, 99% uptime, multi-attack detection, zero-config setup.
UX: First cyberpunk NIDS, real-time visualizations, instant command generation.
Impact: Cut response times from minutes to seconds, actionable alerts with evidence guidance, scalable design.
Research: Custom ML feature extraction, optimized real-time algorithms, domain-specific AI prompts.

What we learned

Technical: ML optimization for live data, combining LLMs with traditional models, packet analysis, React performance tuning.
Security: Attack patterns, SOC workflows, incident response speed, compliance needs.
UX: Designing clear, accessible security dashboards.
Architecture: Microservices, robust APIs, fault-tolerant error handling, performance tradeoffs.

What’s next

Short-term: Cloud deployment with Kubernetes, transformer models, Linux/macOS support, expanded APIs.
6 Months: Custom LLM, predictive analytics, optional auto-mitigation, natural language queries.
12 Months: Multi-tenant MSSP support, compliance reporting, threat intel feeds, 3D attack visualizations.
Long-term: Quantum-resistant methods, IoT detection, behavioral analytics, federated learning.
Market: Open source community, education partnerships, industry certifications, global rollout.

VENOM merges ML, AI, and immersive design to make cybersecurity faster, smarter, and more human-friendly.