This project involves the development of an AI-powered adaptive security gateway designed to enhance the protection of API infrastructures. By leveraging machine learning for real-time anomaly detection, the system moves beyond traditional static rule-based security mechanisms. It aims to identify and mitigate novel and evolving cyber threats, providing a resilient security layer for modern web applications and microservices architectures.

The primary goal is to design, prototype, and evaluate an automated security gateway that uses machine learning to detect anomalous API traffic in real-time. Path Traversal Attempts: Requests containing unusual path depth or patterns such as ../../etc/passwd. Abnormal Payload Size: POST/PUT requests with body sizes statistically outside the normal range for a specific endpoint. High-Entropy User-Agent Strings: Detection of automated bots and scripts generating random or obfuscated...Подробнее

Progress will be monitored through weekly reviews against the project plan. Code will be version-controlled via Git. Regular checkpoints will include design approvals, model validation results, and prototype demonstrations. A final evaluation will assess functional compliance and performance benchmarks.

The results will be presented in the form of a working prototype demonstration, a written thesis document, and a presentation summarizing the project’s design, implementation, testing, and findings.

The project will require computational resources for development and testing, including a server environment for deploying the gateway, a Redis instance for real-time caching, and cloud/VM resources for scalable testing. Development tools such as Python, FastAPI, Scikit-learn, Docker, and Git will be used. Access to benchmark datasets (e.g., CSIC 2010) for model training and validation is also required.

The team will rely on the following open-source projects and research, ensuring feasibility within the scope of student work: 1. Open Source API Gateways: Kong Gateway (Apache 2.0) – Study of plugin architecture for embedding custom security logic. Traefik Proxy (MIT) – Analysis of middleware architecture for real-time request processing. 2. Machine Learning Libraries: Scikit-learn: Isolation Forest Implementation – Ready, tested algorithm implementation for integration. PyOD (Python...Подробнее