← Back to Projects

NetSentinel

2023

Role

Solo Developer — designed ML models, built data pipeline, and created the detection engine

Tech Stack

PythonTensorFlowScapyElasticsearch

Overview

Traditional intrusion detection systems rely on known attack signatures, making them blind to zero-day exploits and novel attack techniques. NetSentinel takes a behavioral approach — it learns the normal traffic patterns of a network and alerts on significant deviations, regardless of whether the specific attack pattern has been seen before.\n\nThe system was designed for mid-to-large enterprise networks where the volume of traffic makes manual analysis impossible, but where the cost of a breach far exceeds the investment in detection.

Key Features

  • Real-time traffic analysis with sub-second latency
  • Unsupervised anomaly detection — no labeled attack data needed
  • Adaptive baselines that learn from network changes
  • Integration with SIEM platforms (Splunk, ELK Stack)
  • Automated incident response playbooks
  • Network segment profiling and comparison
  • Exportable threat intelligence feeds

Description

Real-time network intrusion detection system using machine learning anomaly detection.

View Source