{"id":28448205,"url":"https://github.com/amruthadevops/suspicious_web_threat_interactions","last_synced_at":"2026-06-29T18:04:36.820Z","repository":{"id":291134646,"uuid":"976338587","full_name":"amruthadevops/Suspicious_Web_Threat_Interactions","owner":"amruthadevops","description":"To detect and analyze patterns in web interactions for identifying  suspicious or potentially harmful activities","archived":false,"fork":false,"pushed_at":"2025-05-02T15:39:18.000Z","size":470,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-06T12:50:03.843Z","etag":null,"topics":["cyber-security","data-analysis","data-science","data-visualization","jupyter-notebook","machine-learning","powerbi","python"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/amruthadevops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-01T23:48:02.000Z","updated_at":"2025-05-21T07:38:19.000Z","dependencies_parsed_at":"2025-05-02T16:41:34.578Z","dependency_job_id":"b88995f5-5fd8-4987-bc88-8219ef13d2e2","html_url":"https://github.com/amruthadevops/Suspicious_Web_Threat_Interactions","commit_stats":null,"previous_names":["amruthadevops/suspicious_web_threat_interactions"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/amruthadevops/Suspicious_Web_Threat_Interactions","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amruthadevops%2FSuspicious_Web_Threat_Interactions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amruthadevops%2FSuspicious_Web_Threat_Interactions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amruthadevops%2FSuspicious_Web_Threat_Interactions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amruthadevops%2FSuspicious_Web_Threat_Interactions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/amruthadevops","download_url":"https://codeload.github.com/amruthadevops/Suspicious_Web_Threat_Interactions/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amruthadevops%2FSuspicious_Web_Threat_Interactions/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34937414,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-29T02:00:05.398Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber-security","data-analysis","data-science","data-visualization","jupyter-notebook","machine-learning","powerbi","python"],"created_at":"2025-06-06T12:43:07.632Z","updated_at":"2026-06-29T18:04:36.812Z","avatar_url":"https://github.com/amruthadevops.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Suspicious Web Threat Interactions\nThis project aims to detect and analyze patterns in web interactions to identify suspicious or potentially harmful activities. By leveraging AWS CloudWatch logs and data visualization tools, we can uncover hidden threats and enhance cybersecurity measures\n\n\n## Overview\n\nWith the increasing complexity of web-based threats, it's crucial to monitor and analyze web traffic to detect anomalies. This project utilizes AWS CloudWatch logs to identify patterns indicative of malicious activities, such as:\n\nUnusual HTTP status codes\n\nFrequent access attempts from specific IP addresses\n\nSuspicious URL patterns\n\nAnomalous user-agent strings\n\n## Project Structure\n```bash\nSuspicious_Web_Threat_Interactions/\n├── CloudWatch_Traffic_Web_Attack.csv\n├── Suspicious_Web_Threat_Interactions_Analysis_Report.pbix\n├── main.ipynb\n├── requirements.txt\n└── README.md\n```\nCloudWatch_Traffic_Web_Attack.csv: Dataset containing web traffic logs.\n\nSuspicious_Web_Threat_Interactions_Analysis_Report.pbix: Power BI report for data visualization.\n\nmain.ipynb: Jupyter Notebook containing data analysis and threat detection logic.\n\nrequirements.txt: List of Python dependencies\n## Installation\n\n1. Clone the repository:\n```bash\n  git clone https://github.com/amruthadevopsSuspicious_Web_Threat_Interactions.git\n  cd Suspicious_Web_Threat_Interactions\n```\n\n2. Set up a virtual environment (optional but recommended):\n```bash\n  python3 -m venv venv\n  source venv/bin/activate  # On Windows:venv\\Scripts\\activate\n\n```\n3. Install the required dependencies:\n\n```bash\n  pip install -r requirements.txt\n```\n## Usage/Examples\n1. Open the Jupyter Notebook:\n\n```bash\n\njupyter notebook main.ipynb\n```\n2. Run the cells sequentially:\n\n    Load and preprocess the dataset.\n\n    Perform exploratory data analysis (EDA).\n\n    Identify and flag suspicious activities based on predefined rules and patterns.\n\n3. Review the findings:\n\n    Analyze the output to understand the nature and frequency of detected threats.\n\n## 📓 Analysis \u0026 Results\n\nThe analysis focuses on identifying anomalies in web traffic, such as:\n\n    1.Repeated failed login attempts:\n\n    2.Detecting IP addresses with multiple failed login attempts within a short time frame.\n\n    3.Access to sensitive endpoints:\n\n    4.Monitoring requests to endpoints like /admin, /login, /wp-admin, etc.\n\n    5.Unusual user-agent strings:\n\n    6.Identifying requests made using tools like curl, wget, or outdated browsers.\n\n    7.High frequency of requests:\n\n    8.Flagging IP addresses that make an unusually high number of requests in a given period.\n\nExample visualization:\n1. Heatmap for the correlation matrix\n\n    ![Image](https://github.com/user-attachments/assets/9956c222-011a-4492-bf2c-1ec666cb9e68)\n3. Stacked Bar Chart for Detection Types by Country\n   \n   ![Image](https://github.com/user-attachments/assets/58c04298-ec79-46b2-b20f-936c89f97239)\n5. Plotting the training history\n\n   ![Image](https://github.com/user-attachments/assets/69e21313-4e18-4d35-8dff-90114ea6d6e9)\n   ![Image](https://github.com/user-attachments/assets/afd47bf2-a233-44a0-9875-90380b21ce72)\n   ![Image](https://github.com/user-attachments/assets/1bda15bb-cab3-42b7-9c5c-f519586eadfc)\n   ![Image](https://github.com/user-attachments/assets/e6da267c-3729-40f5-8243-0ab7cd426673)\n\n## 📊 Power BI Dashboard\nThe Suspicious_Web_Threat_Interactions_Analysis_Report.pbix file presents the same data in an interactive format using Power BI.\n\n  ![Image](https://github.com/user-attachments/assets/3b185e55-c61f-41b3-b621-c80b8a296c92)\n\n\n\nContributing\nContributions are welcome! Please follow these steps:\n\n1. Fork the repository.\n\n2. Create a new branch:\n\n```bash\n\ngit checkout -b feature/your-feature-name\n```\n3. Commit your changes:\n```\ngit commit -m \"Add your message here\"\n```\n4. Push to the branch:\n```\ngit push origin feature/your-feature-name\n```\n6. Open a pull request.\n\n\n\n## Authors\n\n- [AMRUTHA C](https://www.linkedin.com/in/amrutha-c-4a2362280/)\n  \n.NET Developer | Python Data Analyst | Power BI Enthusiast\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famruthadevops%2Fsuspicious_web_threat_interactions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Famruthadevops%2Fsuspicious_web_threat_interactions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famruthadevops%2Fsuspicious_web_threat_interactions/lists"}