Two complementary security tools built for MSCS 640 and MSCS 670 at the Joaan Bin Jassim Academy for Defence Studies.
Multi-class classifier that analyzes raw network flow statistics and classifies each flow as benign or one of seven attack families: DDoS, PortScan, Bot, DoS, Infiltration, Web Attack, Brute Force.
Tier-1 SOC triage agent that investigates alerts and classifies them Malicious or Benign with reasoning. One lead orchestrator dispatches three parallel specialist subagents, then a calibrated risk scorer emits the verdict.