Skip to content
/ NetGuard Public

πŸ›‘οΈ Advanced Network Intrusion Detection System (NIDS) with ML-powered threat detection, real-time packet analysis, and interactive dashboard. Features anomaly detection, signature-based rules, and automated alerting.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Ranchiro/NetGuard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

5 Commits
netguard
netguard
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
requirements.txt
requirements.txt
Β 
Β 

Repository files navigation

πŸ›‘οΈ NetGuard

Python License Status ML

Advanced Network Intrusion Detection System (NIDS) with ML-powered threat detection, real-time packet analysis, and interactive dashboard.

✨ Features

  • πŸ” Deep Packet Inspection - Protocol analysis for TCP, UDP, ICMP, HTTP, DNS, TLS
  • πŸ€– ML-Based Detection - Anomaly detection using statistical analysis and z-scores
  • 🚨 Signature Matching - Pre-built rules for SQL injection, XSS, shell commands
  • πŸ“Š Real-time Monitoring - Live traffic statistics and flow analysis
  • πŸ›‘ Auto-Blocking - Automatic IP blocking based on reputation scores
  • πŸ“ Comprehensive Logging - Detailed alert history and threat reports

πŸš€ Installation

# Clone the repository
git clone https://github.com/Ranchiro/NetGuard.git
cd NetGuard

# Install dependencies
pip install -r requirements.txt

πŸ“– Usage

Basic Packet Analysis

from netguard.packet_analyzer import PacketAnalyzer, DeepPacketInspector

# Initialize analyzer
analyzer = PacketAnalyzer()
dpi = DeepPacketInspector()

# Analyze traffic
packet = analyzer.analyze_packet(raw_data)
app_info = dpi.inspect(packet)

# Get statistics
stats = analyzer.get_statistics()
print(f"Packets: {stats['total_packets']}, Flows: {stats['active_flows']}")

Threat Detection

from netguard.threat_detector import ThreatDetector, ThreatLevel

# Initialize detector
detector = ThreatDetector(enable_anomaly=True)

# Add custom signature
from netguard.threat_detector import ThreatSignature
custom_sig = ThreatSignature(
    id='CUSTOM001',
    name='Custom Attack',
    description='Custom pattern detection',
    level=ThreatLevel.HIGH,
    pattern=r'malicious_pattern'
)
detector.add_signature(custom_sig)

# Analyze for threats
alerts = detector.analyze(packet)
for alert in alerts:
    print(f"[{alert.level.name}] {alert.description}")

πŸ“ Project Structure

NetGuard/
β”œβ”€β”€ netguard/
β”‚   β”œβ”€β”€ packet_analyzer.py    # Deep packet inspection
β”‚   └── threat_detector.py    # ML threat detection
β”œβ”€β”€ requirements.txt          # Dependencies
β”œβ”€β”€ LICENSE                   # MIT License
└── README.md                 # Documentation

πŸ”’ Security Features

Feature Description
Signature Detection Pre-built rules for common attacks
Anomaly Detection Statistical z-score based detection
IP Reputation Automatic threat scoring per IP
Auto-Blocking Block high-risk IPs automatically
Flow Analysis Track network conversations

🀝 Contributing

Contributions welcome! Feel free to:

  1. Fork the repository
  2. Create a feature branch
  3. Submit a pull request

πŸ“„ License

This project is licensed under the MIT License - see LICENSE for details.

πŸ‘¨β€πŸ’» Author

Ruchir Ganatra - @Ranchiro

⭐ Star this repo if you find it useful!

About

πŸ›‘οΈ Advanced Network Intrusion Detection System (NIDS) with ML-powered threat detection, real-time packet analysis, and interactive dashboard. Features anomaly detection, signature-based rules, and automated alerting.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages