Cybersecurity2024Featured
Ransomware Detection System
The Detecting Ransomware School Project involved creating a robust network environment capable of identifying and alerting on ransomware behavior. The system integrates multiple security tools to provide real-time monitoring and detection capabilities through custom-written rules and behavioral analysis.
Technologies Used
WazuhMicrosoft ADSysmonNetwork SecuritySIEMpfSenseAzure
Key Highlights
- 1Designed and deployed complete network infrastructure
- 2Created custom detection rules for ransomware behavior
- 3Integrated Wazuh SIEM with Active Directory
- 4Implemented real-time alerting system
Architecture Overview
Interactive diagram showing the system architecture. Drag to pan, scroll to zoom, and hover over nodes for details.
Internet
IDS/IPS Firewall
pfSense
Web Server
Ubuntu Server
IDS/IPS Firewall
pfSense
Wazuh HIDS
Ubuntu Server
Windows AD/DC
Domain Controller
Client
Ubuntu Workstation
Client
Windows Workstation
IDS/IPS Firewall
pfSense
Backups Share
Ubuntu Server
Tailscale VPN
Azure VM
Cloud Database
Internet
DMZ(172.16.1.0/24)
LAN2(192.168.1.0/24)
LAN3(10.0.0.0/24)
Scroll to zoom