STINGAR Intelligence: AI-Powered Analysis of Network Threat Patterns

Description

Duke's network perimeter is under constant assault as thousands of connection attempts are blocked daily by firewalls across Palo Alto devices, AWS security groups, Azure network policies and edge routers. Each block represents a potential threat, but right now this data sits in siloed systems with no unified view of who's attacking, how persistently, or which attack patterns are coordinating across multiple entry points. 

Your team will build cloud microservices that aggregate real-time blocking data from diverse firewall platforms, using AI to identify & rank the most persistent attackers, detect coordinated campaigns targeting multiple networks & surface patterns that individual devices can't see. Working with Duke's STINGAR honeypot infrastructure and live security data, you'll create intelligence dashboards that help security teams prioritize responses and understand the threat landscape holistically. 

This project offers hands-on experience with cloud architecture, API integration across heterogeneous security platforms, AI-driven pattern recognition & real cybersecurity operations, giving you skills directly applicable to security operations centers, threat intelligence teams, and cloud security engineering roles while contributing tools that enhance Duke's defensive capabilities.