Skip to content

GauravGhandat-23/AI-Powered-Threat-Hunting-and-Vulnerability-Assessment-Dashboard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🚀 AI-Powered Threat Hunting and Vulnerability Assessment Dashboard 🚀

image

AI Powered Threat Hunting

Overview

Welcome to the AI-Powered Threat Hunting and Vulnerability Assessment Dashboard. This application provides real-time threat detection, vulnerability scanning, and log analysis, aimed at enhancing the security and resilience of IT infrastructures.

Features ✨

🚨 Threat Detection

  • Upload Network Traffic Data: Analyze network traffic data for anomalies using Isolation Forest.
  • Anomaly Detection: Automatically detect anomalies based on packet size and other metrics.
  • Visualizations: Interactive visualizations to display detected anomalies in the network data.
  • Statistics: Display anomaly counts and provide a detailed dataset for further analysis.

🔍 Vulnerability Scanning

  • Load Vulnerabilities: Upload a JSON file containing vulnerability details.
  • Display Vulnerabilities: View critical information like ID, summary, publish date, and severity of each vulnerability.

📋 Log Analysis

  • Log File Upload: Upload log files (TXT/CSV) for analysis.
  • Basic Log Analysis: Check for failed login attempts and provide a quick summary.
  • Word Cloud Visualization: Visualize the most frequent terms in the logs with a word cloud.
  • Generate Log Data: Create an advanced log data CSV file for testing and further analysis.

Installation 🛠️

To run this project locally, follow these steps:

Prerequisites

  • Python 3.7 or higher
  • pip (Python package installer)

Steps

  1. Clone the Repository:

    git clone https://github.com/yourusername/AI-Powered-Threat-Hunting-and-Vulnerability-Assessment-Dashboard.git
    cd AI-Powered-Threat-Hunting-and-Vulnerability-Assessment-Dashboard
    
  2. Install Dependencies:

    • Install the required libraries using pip:
    pip install -r requirements.txt
    
  3. Run the Streamlit App:

    • To start the dashboard, run the following command:
    streamlit run app.py
    
  4. Open the App:

    • Once the app is running, open a web browser and navigate to the provided local URL (typically http://localhost:8501).

Usage 🚀

🚨 Threat Detection:

  1. Upload Network Traffic Data: Click on the file uploader to upload a CSV file containing network traffic data.
  2. View Anomalies: The app will automatically detect anomalies in the data using machine learning techniques and display results.
  3. Visualize Anomalies: Interactive charts will show anomalies based on packet size and other metrics.

Threat Detection-1

🔍 Vulnerability Scanning:

  1. Upload Vulnerability Data: Upload a JSON file containing vulnerability details.
  2. View Vulnerabilities: The app will display a list of vulnerabilities with relevant details such as severity and publication date.

Vulnerability Scanning-1

📋 Log Analysis:

  1. Upload Log Files: Upload a TXT or CSV log file for analysis.
  2. Analyze Logs: The app will check for failed login attempts and display a word cloud for the most frequent terms.
  3. Generate Log Data: Use the "Generate Log Data CSV" button to create an advanced log dataset for testing purposes.

Log Analysis-1

Example JSON Structure for Vulnerabilities

  • Here’s an example of the expected structure for the vulnerabilities.json file:

    [
      {
        "id": "CVE-2021-1234",
        "summary": "Critical vulnerability in the authentication system",
        "published_date": "2021-12-01",
        "severity": "High"
      },
      {
        "id": "CVE-2022-5678",
        "summary": "Buffer overflow vulnerability in network service",
        "published_date": "2022-01-15",
        "severity": "Medium"
      }
    ]
    

⚙️ Technologies Used

  • 🌊 Streamlit: A powerful and easy-to-use framework for building interactive web apps in Python.
  • 🧠 Scikit-learn: Machine learning library used for anomaly detection with Isolation Forest.
  • 🐼 Pandas & Numpy: Used for data manipulation and preprocessing.
  • 📈 Seaborn & Matplotlib: Libraries for data visualization.
  • 📝 WordCloud: For generating word clouds from log files.

🤝 Contributing

  • We welcome contributions! If you would like to improve or add new features to this project, please fork the repository and submit a pull request.

🌐 Connect with Me

About

AI-Powered Threat Hunting and Vulnerability Assessment Dashboard: This app provides real-time threat detection, vulnerability scanning, and log analysis. It uses machine learning for anomaly detection in network traffic, displays vulnerabilities from JSON files, and offers log file analysis with visualizations and advanced log generation.

Resources

Stars

1 star

Watchers

1 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages