HoneyCloud — Reviving My Final Year Cybersecurity Project

Ganesh K. — Thu, 28 May 2026 03:05:08 +0000

This is a submission for the GitHub Finish-Up-A-Thon Challenge

What I Built

HoneyCloud is a scalable multi-protocol honeypot platform designed to simulate vulnerable services, capture malicious activity, and analyze attack behavior in real time.

The project started as my final year Computer Engineering project, where I wanted to explore practical cybersecurity, cloud-native architecture, and threat intelligence instead of building a generic CRUD application.

Initially, HoneyCloud was a proof-of-concept with limited functionality. It could capture basic attack events, but the architecture, analytics, real-time monitoring, and deployment pipeline were incomplete.

During this Finish-Up-A-Thon, I revived the project and transformed it into a much more production-ready platform with:

Multi-protocol honeypots (SSH, FTP, HTTP, Telnet, SMTP, and RDP)
FastAPI backend with SQLAlchemy 2
Real-time attack streaming using WebSockets and SSE
Machine learning-based threat classification using TensorFlow/Keras
Attacker profiling and risk scoring
Interactive analytics dashboard
Telegram alert integration
Dockerized deployment with Nginx reverse proxy
Authentication, RBAC, and rate limiting
Automated testing and reporting support

What makes this project meaningful to me is that it combines several areas I genuinely enjoy working on:

cybersecurity
backend engineering
cloud infrastructure
DevOps
AI-assisted development

# Demo

GitHub Repository

https://github.com/Ganesh-403/honeycloud

# Key Features Demonstrated

Real-time attack feed dashboard
Live WebSocket event streaming
Threat analytics and attacker heatmaps
ML-powered malicious activity detection
Honeypot simulation across multiple protocols
Telegram-based alerting system

# Screenshots / Walkthrough Ideas

I have attached these*

# The Comeback Story

When I originally built HoneyCloud as a final year project, the core idea worked, but the system was far from complete.

The earlier version had:

limited protocol coverage
minimal frontend polish
incomplete analytics
weak deployment support
no scalable real-time infrastructure

After revisiting the project, I focused on turning it from an academic prototype into something much closer to a real cybersecurity monitoring platform.

Some of the biggest improvements I made include:

Architecture Improvements

Refactored the backend into a cleaner service-oriented structure
Added repository and dependency injection patterns
Improved configuration management and exception handling

Real-Time Monitoring

Implemented WebSocket-based attack streaming
Added SSE support for event feeds
Built automatic dashboard refresh and live event tracking

Cybersecurity Features

Added attacker profiling and risk tier calculation
Implemented brute-force and credential-stuffing detection
Added block/unblock functionality for suspicious IPs

AI/ML Enhancements

Integrated TensorFlow/Keras LSTM-based attack classification
Built a feature extraction pipeline for malicious behavior detection
Added ML model training and prediction APIs

DevOps & Deployment

Dockerized the entire stack
Added Nginx reverse proxy configuration
Improved environment configuration and deployment setup

Testing & Reliability

Added structured testing for authentication, analytics, events, and ML components
Improved API validation and security handling
Added JWT authentication and token blacklisting

This challenge gave me the motivation to properly finish and polish a project that had strong potential but was left incomplete after academic deadlines.

My Experience with GitHub Copilot

GitHub Copilot played a major role in helping me revive and improve HoneyCloud efficiently.

I used Copilot throughout the project for:

backend API development
refactoring
debugging
Docker configuration
test generation
frontend dashboard improvements

Some areas where Copilot was especially useful:

FastAPI Development

Copilot helped generate route structures, schema validation logic, and repetitive CRUD operations much faster than writing everything manually.

WebSocket & Async Logic

Implementing asynchronous event streaming and WebSocket management required careful handling. Copilot accelerated a lot of the boilerplate and helped me experiment with different approaches quickly.

ML Integration

While integrating TensorFlow/Keras for attack classification, Copilot helped with:

feature extraction pipelines
model loading
preprocessing logic
training endpoint implementation

Refactoring & Cleanup

As the project grew, the codebase became harder to maintain. Copilot helped simplify repetitive sections and improve code organization significantly.

Testing

Generating pytest structures and edge-case tests became much faster with Copilot suggestions.

Documentation

Even parts of the README, deployment instructions, and API examples were improved with Copilot assistance.

One of the biggest advantages was speed. Instead of spending hours searching documentation for repetitive implementation details, I could stay focused on architecture and problem-solving while Copilot handled much of the boilerplate and scaffolding.

This project genuinely became a better and more complete system because of that workflow.

githubchallenge #devchallenge #githubcopilot

DEV Community: Ganesh K.