My Projects

Final Year Project

Please note: Due to the project confidentiality and misuse in cyber- attack especially the Keylogger with steganography only some information will be shared on here

In my culminating academic endeavour at Teesside University, I embarked on an ambitious project to explore the intricacies of cybersecurity breaches. Titled "Honeypot - Investigating cybersecurity breaches to collect information on how cybercriminals operate using Honeypot," this project was a deep dive into constructing a honeypot system — a decoy set to lure and analyse the strategies and tactics of cyber attackers.

This project involved setting up a honeypot to mimic vulnerable SSH and Telnet services using Cowrie, with the intention of making the system seem like an enticing target for cybercriminals. The primary objectives were to observe attack patterns, understand common exploits, and gather data on potential security threats. This was supported by Snort IDS to detect intrusions, and the ELK stack for log management and analytics, creating a robust framework for monitoring and visualising cyber attacks.

Project Poster

Some changes had been made to the attack prototype below:

Splunk was chosen over ELK due to its better scalability, ease of use, and comprehensive support. Splunk offers a more user-friendly interface, making it easier to analyse and visualise data. Additionally, Splunk's robust community support and rich ecosystem of apps provide more options for customisation and integration with other tools. Splunk Inc. (2021).

Suricata was chosen over Snort because it offers multi-threading support, which allows for better performance and resource utilisation on modern hardware. Suricata also supports the same rule sets as Snort, making it an easy transition. Furthermore, Suricata's advanced features, such as file extraction and protocol analysis, provide additional capabilities for detecting and analysing network threats. OISF (2021

Abstract and Contents:

The project's ultimate goal was to provide organisations with a robust, real-time detection and response system against cyber threats. This was achieved by meticulously configuring a honeypot to mimic a legitimate system, attracting potential attackers while capturing valuable data on their behaviours and techniques.

The project scope expanded to encompass a detailed analysis through several chapters, ranging from a literature review of honeypot deployment and effectiveness to practical testing and evaluation of attack simulations. Each chapter contributed to a comprehensive knowledge base, including:

Installation and setup of the machines
Configuration of Cowrie honeypot
Integration of Splunk for data analysis and visualisation
Deployment of Suricata IDS for network security breach detection
Incorporation of a steganographic keylogger to capture intruder data.

Outcome and Impact:

The project succeeded in its aims, notably enhancing the security measures capable of misleading attackers from an organisation's actual network. The integration of keylogger technology not only captured log information but also provided audio and visual recordings of intruders, adding an extra layer of security.

some real attacks

Splunk is configured

Keylogger with steganography

The key logger script will be examined in a controlled and secure environment apart from the honeypot project to guarantee the safety and security of our testing environment. This choice was chosen to protect against any potential harmful behaviour or unauthorised access to the script by knowledgeable intrusions who would use the key logger's capability for immoral ends. This code creates the Steganography class, which implements a steganography application. The program can embed a Python script in an image file, capture video and audio, and log keyboard activities.

The image below show a successful attack on a secured environment.

Only One code snippet will be shared due to its risk.

Note: Please if anyone needs any help for such a similar project or wants to understand more do not hesitate to contact me.

Thanks