Table of Contents
This project integrates Suricata, a high-performance Network IDS (Intrusion Detection System), with Wazuh, a security monitoring platform. The goal is to detect cyber threats in real-time and provide a graphical user interface (GUI) for easier monitoring and alerts.
Additionally, a chatbot is built to assist users with cybersecurity-related queries. The chatbot uses NLP to understand and respond to questions about cybersecurity best practices, threat detection, and incident handling.
Wazuh-1.mp4
Wazuh-2.mp4
Wazuh Monitoring: This video demonstrates how Wazuh is used for real-time security monitoring and log analysis:
- It shows how Wazuh collects and analyzes security event logs, including alerts from Suricata IDS.
- Watch as security incidents are detected and categorized, making it easier to respond to potential threats.
- The video also highlights how Wazuh provides a user-friendly interface to manage security alerts and track system vulnerabilities.
Below is a demonstration of how the chatbot assists users with cybersecurity-related questions in real-time:
- The chatbot is designed to provide immediate assistance to users by explaining cybersecurity concepts and guiding them through incident response steps based on alerts from Suricata and Wazuh.
- It helps users interpret Suricata network alerts, like malware or brute-force attacks, and provides real-time responses to questions like "What should I do if my account is compromised?"
- The chatbot also integrates with Wazuh for providing insights into security events, allowing users to easily understand security logs and take action based on them.
You can watch the demo video above for a more detailed walkthrough of how the chatbot functions.
- Wazuh (Security Monitoring)
- Suricata (IDS Integration)
- Machine Learning (ML)
- Installation of Suricata IDS for detecting network threats.
- Wazuh integration with Suricata IDS to provide a graphical user interface for monitoring Suricata alerts.
- A chatbot that answers cybersecurity-related questions and assists users in real-time.
- Future features could include:
- Advanced machine learning-based threat detection models.
- Integration with more security tools for enhanced monitoring.
- Expand the chatbot functionality to support more complex queries related to threat mitigation and security incident handling.
- IP/URL reputation check
- Incorporate additional security tools for a more comprehensive monitoring solution.
- Improve threat detection accuracy using AI/ML models for anomaly detection.
- Network Security: Helps in real-time detection of intrusions on a network.
- User Assistance: The chatbot provides quick answers to common cybersecurity questions, helping non-expert users.
- Security Monitoring: Wazuh integration allows security analysts to easily monitor the security posture of the system.
The setup instructions for this project are currently being finalized. Please check back soon for a step-by-step guide to get started. Thank you for your patience!
Add names of your team members with their emails and links to their GitHub accounts
Add names of your mentors with their emails and links to their GitHub accounts
