A graduation project developed to monitor, detect, and prevent cyber threats in real time using open-source technologies.
This project presents a complete implementation of a Network Intrusion Prevention System (NIPS) designed to enhance cybersecurity by identifying and mitigating network attacks in real-time.
The system integrates multiple tools and platforms including:
- Suricata for deep packet inspection and rule-based threat detection
- OPNsense as a firewall and network management solution
- Metasploit for generating and simulating common attack vectors (e.g., DoS/DDoS)
- Linux & VMware for hosting and simulating the network environment
- Python scripts for log parsing, alert generation, and report analysis
β
Real-time detection and prevention of network threats
β
Deep packet inspection using Suricata
β
Configurable rule sets for custom detection
β
Attack simulation using Metasploit and Hping3
β
Log analysis and visualization using Python
β
Virtualized secure lab setup using VMware
- Suricata (IDS/IPS)
- OPNsense Firewall
- Metasploit Framework
- Hping3 (DoS attack simulation)
- Python
- VMware Workstation
- Linux (Ubuntu Server)
- Build a secure environment capable of simulating real-world cyber threats
- Detect and prevent malicious traffic using rule-based and behavioral analysis
- Evaluate the effectiveness of Suricata as an open-source IPS
- Propose future enhancements including AI-driven detection
- Successfully detected simulated DoS and DDoS attacks
- Achieved low false-positive rates with tuned rule sets
- Generated real-time alerts and logs with Suricata and OPNsense
- Developed custom Python tools for log parsing and reporting
Special thanks to our supervisor Dr. Mohamed Taha for his continuous support and guidance, and to my teammates Salah Foad, Mai Qandil, Shahd Farag, Ahmed Megahed for their great teamwork and dedication throughout this project.
This project is for academic and learning purposes only. If you wish to reuse or extend the system, please cite or refer to the original work.