Hello, I am Dillon Griffey, and welcome back to my blog. Today, I want to share the progress and challenges I faced in enhancing HEDA's alert system.

Goal for the Month

The primary goal for this month was to implement an api system for HEDA to pull and update information. I also aimed at making the autom response system for malicous packets.

Feature Development

The new api system is designed to pull and update HEDA database information. When a packet is flagged as potentially malicious, a automatic response is generated, a log which includes the packet's source and destination IP addresses, ports, protocol, and payload is generated. Users can then review this information and confirm whether the packet is indeed malicious or a false positive. This then can be queried using the api.

To build this feature, I used several tools and technologies:

• Electron for the desktop application framework
• SQLite for the database to store packet logs and notifications
• Scapy for packet sniffing and analysis
• Python for automatic response and the API back end.
• TensorFlow for machine learning model integration

One significant challenge was creating a token system that the user could generate and use for the api. I had to design a system where the token would remain secure but also allow for the user to easily update/modify the key if needed. Additionally, I ran into issue when making the automatic response - at first the system would write multiple firewall updates about the same IP. I had to design logic to prevent spamming the same IP being blocked.

Visual Components

Retrospective

This month was a mix of successes and challenges. The api is a must have for users to integrate all data moving forward. Additionally having a way to auto block/ and white list specific IP is much needed for this type of application.

What went right:

• Successful inclusiong of a secure api system.
• Automatic Responses on malicously detected packets.

What went wrong:

• VPN would some time trigger the automatic responses.
• The token system was failing intially for new systems that had not a previous token.

Moving forward, I plan to enhance api options and allow for more settings over bearer tokens that are generated.

Additional Insights

Time management has been crucial in balancing feature development and user testing. Collaborating with my advisor provided valuable feedback and direction, helping to refine the feature. The knowledge gained from previous courses in machine learning and database management has been instrumental in this project's progress.

With the api system working and automatic responses working HEDA now just needs to focus on fine tuning and training the models on new or excisting threats. Additionally I plan to integrate a basic pentest of the host system to show exposed ports and outdated software.

Thank you for following along on this journey. Stay tuned for more updates and insights into the development of HEDA.

Hello, I am Dillon Griffey and I want to thank you for visitng my website. Today I want to discuss my journey on developing HEDA, a cybersecurity assistant to help defend, protect and empower users.

The inception of HEDA was driven by the vision to create a user-friendly system that doesn't compromise on security. From the get-go, HEDA was envisioned to be intuitive and accessible, thereby empowering users to take control of their digital security. The user interface is crafted to simplify the complexity of cybersecurity, allowing users from all backgrounds to navigate confidently.

HEDA's proactive approach to cybersecurity leverages real-time threat detection, automated response mechanisms, and behavioral analytics to anticipate and neutralize risks before they escalate. The integration of these advanced technologies within a user-friendly interface epitomizes the next generation of cyber defense systems.

As HEDA continues to evolve, our commitment to enhancing system capabilities and user experience remains steadfast. With an eye towards the future, HEDA aims to incorporate adaptive machine learning models and broaden its cross-platform support, ensuring a secure and consistent user experience across various devices and operating systems.

Stay tuned to this space as we share regular updates on HEDA's development journey, feature releases, and insights into the realm of cybersecurity.

Thank you for reading, and we look forward to having you join us in our quest for a safer digital world.