IT 09 - CyberSentinel: AI-Powered Cyber Attack Detection and Visualization System

CyberSentinel is an AI-powered network anomaly detection system designed to help organizations identify cyberattacks in real time. This innovative solution integrates machine learning, cloud computing, and real-time data visualization to enhance network security monitoring in enterprise or campus environments. 

The increasing frequency and sophistication of cyberattacks has exposed the limitations of traditional security systems. Many existing intrusion detection systems (IDS) rely on static rule-based methods or known attack signatures, which often fail to detect novel threats or zero-day attacks. CyberSentinel addresses this critical gap by leveraging machine learning models to analyze network traffic behavior, detect anomalies, and provide human-readable explanations for security alerts. 

Our project captures live network traffic using advanced packet capture techniques and extracts meaningful features for analysis. These features are processed using machine learning models such as XGBoost and Random Forest, trained on real-world famous datasets like CIC-IDS 2017. The system classifies network traffic as normal or potentially malicious based on behavioral patterns rather than static signatures. 

The solution operates in a cloud-based environment hosted on Microsoft Azure, simulating a real-world enterprise network. We created multiple virtual machines, representing victim and attacker systems, to generate realistic network traffic and perform attack simulations. Our attack library includes common cyberattacks such as port scanning, SQL injection, ARP spoofing, and Denial-of-Service (DoS) attacks. 

One of CyberSentinel’s key innovations is its explainability feature. Beyond detecting threats, the system generates human-readable explanations to help security analysts understand why an anomaly was detected. This improves trust and transparency in AI-powered security solutions — a crucial requirement for modern cybersecurity operations. 

To support user interaction and monitoring, we developed a web-based real-time security dashboard using ReactJS. This dashboard visualizes the network traffic, anomaly scores, and threat details dynamically, providing IT teams with clear insights for rapid decision-making. 

CyberSentinel was created to address real challenges in cybersecurity operations: 

• How can organizations detect unknown or evolving cyber threats in real time? 
• How can AI-driven systems provide transparent and explainable security alerts? 
• How can network traffic data be processed efficiently for large-scale environments? 

This project allowed our team to apply cybersecurity knowledge, machine learning techniques, and cloud infrastructure skills in a practical context. It also prepared us for real-world challenges in enterprise security environments, where automation, scalability, and clarity of threat information are essential. 

As cyber threats continue to evolve, solutions like CyberSentinel represent the future of proactive security monitoring — combining the power of artificial intelligence with human-centric design for better security outcomes.