BINCOM DEV CENTER · CYBERSECURITY TRACK · DAY 4
SIEM Log Analysis
SIEM ELK STACK SECURITY ONION INCIDENT RESPONSE AI RISK MITRE ATT&CK

Simulated a brute-force SSH attack using Hydra, detected and analyzed it via SIEM tooling, then performed a full AI risk assessment on IBM's Adversarial Robustness Toolbox. Three deliverables — incident analysis, AI risk report, and SIEM dashboard.

VIEW DETAILS ↓
AREAS COVERED
Detection
SIEM Log Collection & Correlation
Deployed Security Onion / ELK Stack for log ingestion from auth.log. Configured alert rules to detect SSH brute-force patterns — 847 events correlated across a 10-minute window.
Attack Simulation
Brute-Force SSH with Hydra
Simulated credential stuffing via Hydra against a lab SSH target. Mapped to MITRE ATT&CK T1110 (Brute Force), T1110.001 (Password Guessing), T1021.004 (SSH).
Incident Response
NIST SP 800-61 Analysis
Full incident write-up across all 4 NIST IR phases — Preparation, Detection & Analysis, Containment/Eradication/Recovery, and Post-Incident Activity. IOC table and timeline included.
AI Risk
AI Risk Assessment — IBM ART
Assessed IBM Adversarial Robustness Toolbox across 6 AI risk categories: data poisoning, model inversion, membership inference, prompt injection, misuse/abuse, and hallucinations. Risk register with NIST IR mapping.
DELIVERABLES
D1
Incident Analysis Report
NIST SP 800-61 structured write-up — attack simulation with exact Hydra command, SIEM detection evidence, MITRE ATT&CK mapping, IOC table, attack timeline, and remediation recommendations.
DOWNLOAD ↓
D2
AI Risk Assessment Report
IBM ART tool justification, 6 AI risks assessed with likelihood/impact/CVSS scoring, consolidated risk register, and NIST IR lifecycle integration table. References OWASP LLM Top 10 and MITRE ATLAS.
DOWNLOAD ↓
D3
SIEM Dashboard
Security Onion / Kibana-style dashboard — HIGH severity alert banner, 847-event bar chart, MITRE ATT&CK mapping, auth.log event table, and source/target IP breakdown.
VIEW ↗