A collaborative learning project to build a cloud-based security system with AI, Snowflake, and AWS.
Our goal is to design and implement a cloud-based security platform that integrates:
- AI models for spam detection and threat detection
- Honeypots for intrusion research
- Firewalls, IDS, and IPS for network security
- Cloud monitoring tools (AWS CloudTrail, GuardDuty, Snowflake analytics)
- Threat modeling frameworks like STRIDE, DREAD, and MITRE ATT&CK
The project combines theory (cybersecurity frameworks) and practice (cloud engineering + AI).
- Build cloud-native security practices (AWS, Snowflake).
- Develope AI-based threat detection (ML models for spam, anomaly detection).
- Deploy and monitor honeypots to study attacks.
- Implement and configure firewalls, IDS, IPS.
- Apply threat modeling frameworks: STRIDE, DREAD, MITRE.
- Develop collaboratively using GitHub workflows, issues, and pull requests.
/docs → Design docs, threat models (STRIDE/DREAD), MITRE mappings
/models → AI/ML models for spam & anomaly detection
/honeypot → Honeypot configs and scripts
/ids_ips → IDS/IPS setup and configurations
/firewall → AWS Security Groups, firewall rules
/monitoring → CloudTrail, GuardDuty, and logging configs
/snowflake → SQL scripts, pipelines, dashboards
git lfs installIf not installed, please review the document for Installing Git Large File Storage before cloning the repository.
git clone https://github.com/<your-org>/CloudSec-AI-Lab.git
cd CloudSec-AI-Lab- Install Python 3.10+
- Create a virtual environment:
python -m venv .venv source .venv/bin/activate # Mac/Linux .venv\Scripts\activate # Windows
- Install dependencies (to be listed in
requirements.txt).
- AWS Free Tier account (for CloudTrail, GuardDuty, EC2 honeypots).
- Snowflake free trial account (for analytics + queries).
- Deploy CloudTrail and GuardDuty on AWS.
- Implement a simple honeypot (e.g., Cowrie SSH honeypot).
- Train a spam detection model (Naive Bayes, Logistic Regression).
- Connect Snowflake to store & query logs.
- Document threats using STRIDE/DREAD.
- Map scenarios to MITRE ATT&CK tactics.
- Fork the repository.
- Create a new branch:
git checkout -b feature/my-feature
- Commit changes with clear messages.
- Submit a Pull Request for review.
- Add/update documentation in
/docs.
- AI Team → Develop ML models for spam & anomaly detection.
- Cloud Team → Manage AWS, Snowflake, and infrastructure security.
- Threat Modeling Team → Apply STRIDE, DREAD, and MITRE ATT&CK.
- Monitoring Team → Deploy honeypots, IDS/IPS, and logging systems.
This repository is under continuous development, so please do not deploy insecure configurations in production environments.