Developed a Real-time Intrusion Detection System for Windows that leverages Machine Learning techniques to identify and prevent network intrusions. The system uses a Supervised learning model, Random Forest, to detect known attacks from CICIDS 2018 & SCVIC-APT databases, and an Unsupervised learning model, Autoencoder, for anomaly detection.

With the rapid growth of the Internet of Things (IoT) as well as the vast and vital dependence on IoT, serious security risks are also growing. Many factors contribute to these risks. For example, limited resources in terms of computational capabilities, power, and storage make IoT networks highly vulnerable. Securing IoT networks is vital due to the importance and sensitivity of the data collected from the devices and systems. Furthermore, the nature of IoT networks, such as including a large number of devices, limited resources, and traffic heterogeneity between the various IoT networks raises different security challenges. Moreover, some classic security methods become less effective against IoT cyber-attacks, such as cryptography. An urgent need for real-time and lightweight detection of cyber-attacks is needed to secure IoT networks. This demand achieved by a reliable and efficient intrusion detection system (IDS) that can meet the high scalability and dynamicity of IoT environments. This research analyzed the traffic and features of commonly used and recently published datasets for IoT networks. Furthermore, it proposed two feature selection methods. Moreover, it reduced BotNet-IoT dataset dimensionality from 115 features to 23 features, which will speed-up the detection. Furthermore, it analyzed the effects of traffic heterogeneity levels and time-window size on several classification methods to justify the detection model selection. Additionally, it considered different performance metrics to enable comparing results with other works. Regarding BotNet-IoT dataset, we found that few features play a critical role in IDS performance, where larger time-window was slightly better than the shorter time-windows. Furthermore, we found that PCA classifier performance was significantly affected by the traffic heterogeneity, therefore, it is not suitable for IDS in practice. Moreover, the Boosted Tree showed the best and the most stable performance among all the considered classification methods.

IntrusiGuard is a powerful Python-based tool designed for real-time network intrusion detection and prevention on Windows operating systems. Leveraging the capabilities of the Scapy library, this tool monitors network traffic, identifies potential intrusions, and takes preventive actions to enhance the security of your network.

This project demonstrates the setup of a Snort-based Intrusion Detection System (IDS) on Windows. It monitors HTTP traffic and identifies SQL Injection, XSS attacks, and Directory Traversal attempts. With custom rules and real-time monitoring, this IDS serves as a powerful tool for web security assessments.

A C++-based real-time network packet analyzer and basic intrusion detection system using Npcap on Windows.

Lightweight real-time Network Intrusion Detection System with a Python GUI that monitors active connections and detects port scans, brute force attempts, and suspicious activity on Windows and Linux.

Real-time network intrusion detection system using raw sockets — detects SYN floods, ICMP floods, and port scans with multi-threaded packet processing. Zero dependencies, runs on Windows/Linux/Mac.

Overview This project sets up a Network-Based Intrusion Detection System (NIDS) using Snort on Windows. Snort is an open-source tool that performs real-time packet analysis and network intrusion detection. This setup includes configuration, rule setup, and basic visualization of detected attacks.

What It Is A hybrid cloud-based Intrusion Detection System (IDS) combining: Edge agent (Windows): Real-time signature matching on captured packets Cloud backend (Flask): ML-based anomaly detection + threat intelligence enrichment It's an academic research project (Katowice Institute of IT) implementing a self-evolving detection platform