VigilX

Inspiration The increasing frequency and sophistication of cyberattacks like brute force attempts, ransomware infections, and malware intrusions inspired us to create VigilX—a comprehensive threat detection and response system. Our vision was to develop an automated solution that detects and responds to potential threats in real-time, ensuring the safety of digital assets and reducing human dependency for routine threat management.

What it does VigilX is an integrated system that: • Detects brute force attacks by monitoring login attempts and blocking suspicious IPs after repeated failed attempts. • Identifies ransomware and malware through behavioral analysis and machine learning models. • Quarantines high-risk files and directories to prevent further damage. • Alerts administrators in real-time with pop-up notifications through a dynamic dashboard. • Logs all detected threats for audit and further analysis.

How we built it Core Architecture: • Python Scripts for brute force detection, malware, and ransomware analysis. • Machine Learning Models (Random Forest) trained on datasets from Kaggle and GitHub for malware and ransomware classification.

Real-Time Monitoring: • Used Windows event logs for tracking failed login attempts. • Built detection algorithms for identifying suspicious files and processes.

Dashboard: • Developed a frontend using React and Vite. • Integrated pop-up notifications and real-time log updates using Flask and Socket.IO. • Styled the interface with Tailwind CSS in a dark theme.

Data Logging and Alerts: • Centralized logs for brute force attempts, quarantined files, and detected threats. • Added live alerts for administrators to act swiftly.

Challenges we ran into • Log Management: Ensuring accurate and timely log entries for all detected threats across components. • Integration: Combining the outputs of different detection systems into a unified platform. • Machine Learning: Training robust models that minimize false positives and false negatives. • Real-Time Response: Achieving fast threat detection and immediate action while maintaining system performance. • Cross-Platform Compatibility: Ensuring the system works seamlessly on Windows.

Accomplishments that we're proud of • Successfully integrating multiple detection systems into a single cohesive application. • Developing an intuitive and visually appealing dashboard with live updates. • Achieving real-time response capabilities for threat detection and mitigation. • Creating machine learning models that effectively classify ransomware and malware. • Enhancing security by automating the blocking of IPs and quarantining of suspicious files.

What we learned • Advanced cybersecurity concepts, including brute force detection and behavioral analysis. • Machine learning for security applications, from data preprocessing to model training and testing. • Real-time communication frameworks like Flask-Socket.IO for seamless data flow. • Best practices for designing and managing user-friendly dashboards. • The importance of teamwork, debugging, and persistence in tackling complex challenges.

What's next for VigilX • Enhanced Detection: Incorporate additional threat vectors like phishing attempts and DDoS attacks. • Cloud Integration: Deploy the system in cloud environments for scalability. • Mobile Alerts: Develop a mobile app for real-time notifications on the go. • Improved Models: Train more sophisticated ML models using larger and more diverse datasets. • User Configurability: Add options for administrators to customize thresholds, notifications, and responses.