Ransomware Detection System

The Detecting Ransomware School Project involved creating a robust network environment capable of identifying and alerting on ransomware behavior. The system integrates multiple security tools to provide real-time monitoring and detection capabilities through custom-written rules and behavioral analysis.

Key Highlights

// achievements

1Designed and deployed complete network infrastructure
2Created custom detection rules for ransomware behavior
3Integrated Wazuh SIEM with Active Directory
4Implemented real-time alerting system

Architecture Overview

// network_topology

Interactive diagram showing the system architecture. Drag to pan, scroll to zoom, and hover over nodes for details.

Internet

IDS/IPS Firewall

pfSense

Web Server

Ubuntu Server

IDS/IPS Firewall

pfSense

Wazuh HIDS

Ubuntu Server

Windows AD/DC

Domain Controller

Client

Ubuntu Workstation

Client

Windows Workstation

IDS/IPS Firewall

pfSense

Backups Share

Ubuntu Server

Tailscale VPN

Azure VM

Cloud Database

Internet

DMZ(172.16.1.0/24)

LAN2(192.168.1.0/24)

LAN3(10.0.0.0/24)

55%

Next ProjectSIEM Research & Implementation - Graduation Project2025-2026