This project introduces an Intrusion Detection and Prevention System (IDPS) specifically designed for the unique cybersecurity requirements of aircraft networks. Leveraging YARA for signature-based detection alongside machine learning for anomaly detection, this system enhances security by identifying and mitigating cyber threats in real time. The IDPS integrates both signature and behavior-based patterns, providing robust protection for aircraft networks from cyber threats like malware, DDoS attacks, and unauthorized access attempts.
- Signature-Based Detection: Utilizes YARA rules for malware signature detection.
- Machine Learning Anomaly Detection: Employs random forest classifiers and feature hashing for behavior-based threat identification.
- Real-Time Alerts: Sends instant alerts to pilots and ground control upon detecting threats.
- Incident Response: Implements automated responses, including blocking IPs and restricting access to compromised zones.