A five-node closed-loop distributed cybersecurity system that integrates honeypot-driven attack intelligence with machine learning-based risk authentication to protect against identity-based threats in real time.
Each node serves a specific role in the closed-loop intelligence pipeline, working together to detect, classify, and respond to identity-based threats.
Identity provider with custom RiskScoreAuthenticator SPI enforcing risk-based authentication decisions (allow/challenge/block).
Next.js demo banking application protected by Nginx reverse proxy with ModSecurity WAF and OWASP Core Rule Set.
FastAPI-based risk scoring service with ensemble ML model combining Isolation Forest and Random Forest classifiers.
Cowrie SSH/Telnet honeypot capturing live attack data on owned infrastructure with JSONL event logging.
Continuous retraining pipeline that refreshes the ML model within 18 minutes of new attack data capture.
Methaq addresses the fundamental gap between attack detection and identity enforcement with a closed-loop intelligence architecture.
Attack data captured by the honeypot flows to the ML engine for classification, and risk scores drive authentication decisions — creating a self-improving security architecture.
Ensemble model combining Isolation Forest (0.4 weight) and Random Forest (0.6 weight) with SMOTE oversampling for 98.87% classification accuracy.
Three-tier authentication decisions: Allow (score < 0.5), Challenge/MFA (0.5 ≤ score < 0.8), Block (score ≥ 0.8) based on real-time threat intelligence.
WAF with OWASP CRS, TLS 1.3 encryption, Zero-Trust architecture, fail2ban intrusion prevention, and LUKS disk encryption across all nodes.
The system continuously retrains its ML model within 18 minutes of new attack data capture, ensuring near-real-time adaptation to emerging threats.
Real-time audit logs, security events dashboard, session revocation, and device/location anomaly detection for complete visibility.
Evaluation demonstrates the effectiveness of the closed-loop architecture across multiple metrics.
Access all project resources, documentation, and downloads.
Official Methaq platform website with documentation, guides, and developer resources.
methaq.orgInteractive demo banking application showcasing Zero-Trust authentication, role-based access, and live risk scoring.
demo.methaq.orgComprehensive technical documentation covering architecture, API reference, deployment guides, and security controls.
methaq.org/docsStep-by-step guides for installation, configuration, integration, and troubleshooting.
methaq.org/guidesComplete senior project report covering problem statement, design, implementation, testing, and evaluation results.
Download PDFProject presentation slides with visual walkthrough of the architecture, demo, and results.
Download PresentationA dedicated team of computer science students from the University of Hafr Al-Batin.
Project Leader & System Architect
Designed the five-node architecture, developed the RiskScoreAuthenticator SPI, and led all architectural review sessions.
Application & OIDC Engineer
Developed the demo banking application with OIDC client integration and PKCE authorization code flow.
Security & Frontend Engineer
Responsible for security configuration, WAF rule customization, SSL/TLS hardening, and vulnerability assessment.
Frontend & WAF Lead
Led the deployment of Nginx reverse proxy and ModSecurity WAF with OWASP CRS on Node 2.
Infrastructure & IAM Lead
Provisioned Hetzner Cloud infrastructure, deployed Methaq IAM server, and configured Caddy reverse proxy with TLS 1.3.
Machine Learning Engineer
Designed and trained the ML ensemble with SMOTE oversampling, achieving 98.87% classification accuracy.
Application Tester & Data Engineer
Designed comprehensive test plans, executed all testing phases, and built the data collection pipeline.
Active Defense Engineer
Deployed and configured the Cowrie honeypot, managed collection of 4,710+ attack events, and designed the threat intelligence feed.
Experience the Methaq system firsthand with our live demo, or dive into the technical documentation.