{"id":49093721,"url":"https://github.com/picassoendless/aws-ids-deeplearning","last_synced_at":"2026-04-20T19:35:05.682Z","repository":{"id":296128006,"uuid":"992370525","full_name":"picassoendless/aws-ids-deeplearning","owner":"picassoendless","description":"An AI-powered intrusion detection system leveraging AWS SageMaker, FastAPI, Lambda, and Terraform to classify network threats in real time.","archived":false,"fork":false,"pushed_at":"2025-06-29T04:57:06.000Z","size":1349,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-29T05:20:45.483Z","etag":null,"topics":["aws","aws-ec2","aws-lambda","aws-s3","aws-sagemaker","fastapi","python3","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/picassoendless.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-29T03:42:21.000Z","updated_at":"2025-06-29T04:57:09.000Z","dependencies_parsed_at":"2025-05-29T04:34:11.192Z","dependency_job_id":"cbce1ba5-be80-46b2-8c04-e79e9ec8e3d5","html_url":"https://github.com/picassoendless/aws-ids-deeplearning","commit_stats":null,"previous_names":["picassoendless/aws-ids-deeplearning"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/picassoendless/aws-ids-deeplearning","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/picassoendless%2Faws-ids-deeplearning","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/picassoendless%2Faws-ids-deeplearning/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/picassoendless%2Faws-ids-deeplearning/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/picassoendless%2Faws-ids-deeplearning/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/picassoendless","download_url":"https://codeload.github.com/picassoendless/aws-ids-deeplearning/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/picassoendless%2Faws-ids-deeplearning/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32062756,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-20T11:35:06.609Z","status":"ssl_error","status_checked_at":"2026-04-20T11:34:48.899Z","response_time":94,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-ec2","aws-lambda","aws-s3","aws-sagemaker","fastapi","python3","terraform"],"created_at":"2026-04-20T19:35:03.502Z","updated_at":"2026-04-20T19:35:05.675Z","avatar_url":"https://github.com/picassoendless.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SentinelAI: Cloud-Native Intrusion Detection Platform on AWS SageMaker and FastAPI\r\n\r\nAn AI-powered intrusion detection system leveraging AWS SageMaker, FastAPI, Lambda, and Terraform to classify network threats in real time.\r\n\r\n---\r\n## 📈 Architecture Overview\r\n\r\n\u003cp align=\"center\"\u003e\r\n  \u003cimg src=\"./aws.png\" alt=\"SentinelAI Architecture\" width=\"800\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## 📌 Overview\r\n\r\n**SentinelAI** is an end-to-end cloud-native pipeline for detecting intrusions and anomalies in network logs. The system is fully automated, serverless where possible, and leverages modern ML tooling to classify threats with high accuracy.\r\n\r\n---\r\n\r\n\r\n## 🛠️ Key Features\r\n\r\n- **Data Ingestion \u0026 Collection**\r\n  - EC2 instances running collection agents and scripts\r\n  - S3 storage of raw logs\r\n  - CloudTrail tracking of API calls\r\n  - Terraform infrastructure provisioning (EC2, VPC, S3)\r\n  - SSH for secure configuration\r\n  - GitHub Actions for CI/CD deployment validation\r\n\r\n- **Preprocessing \u0026 Model Training**\r\n  - Python scripts for data cleaning, scaling, and serialization\r\n  - Random Forest classifier as baseline\r\n  - Deep MLP models in TensorFlow\r\n  - SageMaker for training, evaluation, and artifact storage\r\n  - Step Functions to orchestrate preprocessing workflows\r\n  - Lambda triggers based on S3 events\r\n\r\n- **Inference, Monitoring \u0026 Notifications**\r\n  - SageMaker Endpoint hosting trained models\r\n  - FastAPI REST interface for real-time predictions\r\n  - CloudWatch metrics and logs\r\n  - Lambda functions for inference orchestration\r\n  - SNS notifications on critical events\r\n  - IAM policies for secure access control\r\n\r\n---\r\n\r\n## 📈 Architecture Overview\r\n\r\n![Architecture Diagram](./aws.png)\r\n\r\n---\r\n\r\n## 💡 Technologies Used\r\n\r\n- **AWS EC2**\r\n- **AWS VPC**\r\n- **AWS S3**\r\n- **AWS SageMaker**\r\n- **AWS Lambda**\r\n- **AWS CloudTrail**\r\n- **AWS CloudWatch**\r\n- **AWS SNS**\r\n- **AWS Step Functions**\r\n- **AWS IAM**\r\n- **Terraform**\r\n- **GitHub Actions**\r\n- **Python**\r\n- **TensorFlow / Keras**\r\n- **FastAPI**\r\n- **NSL-KDD Dataset**\r\n- **SSH**\r\n\r\n---\r\n\r\n## ⚙️ How It Works\r\n\r\n1. **Ingestion**\r\n   - Raw logs are collected via EC2 collection agents.\r\n   - Logs are stored in S3 and tracked with CloudTrail.\r\n   - Terraform provisions all core infrastructure.\r\n\r\n2. **Preprocessing \u0026 Training**\r\n   - Lambda triggers preprocessing when new data arrives.\r\n   - Python scripts clean, encode, and scale the data.\r\n   - SageMaker trains Random Forest and deep learning models.\r\n   - Model artifacts are saved in S3.\r\n\r\n3. **Inference \u0026 Monitoring**\r\n   - SageMaker Endpoint hosts the production model.\r\n   - FastAPI serves a REST API for real-time scoring.\r\n   - CloudWatch tracks usage, latency, and errors.\r\n   - SNS alerts notify stakeholders of critical events.\r\n\r\n---\r\n\r\n## 🚀 Getting Started\r\n\r\n### Prerequisites\r\n\r\n- AWS account with sufficient permissions\r\n- Terraform installed\r\n- Python 3.8+\r\n- AWS CLI configured\r\n- Docker (for SageMaker custom containers)\r\n\r\n---\r\n\r\n### Deployment Steps\r\n\r\n1. **Provision Infrastructure**\r\n   ```bash\r\n   terraform init\r\n   terraform apply\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicassoendless%2Faws-ids-deeplearning","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpicassoendless%2Faws-ids-deeplearning","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicassoendless%2Faws-ids-deeplearning/lists"}