The objective of this project is to develop an enterprise-level endpoint malware detection system that continuously monitors host activities. The system detects malicious behavior on individual machines by analyzing process execution, file access, and system changes within organizational environments.
Study endpoint security architecture and host-based intrusion detection systems.
Research common endpoint malware attack vectors.
Design a host monitoring agent to track process execution and system resource usage.
Implement file integrity monitoring to detect unauthorized changes.
Log registry or configuration modifications securely.
Correlate multiple host events to identify malicious behavior patterns.
Implement alerting mechanisms for high-risk activities.
Develop dashboards to visualize endpoint health status.
Test system behavior using controlled malware simulations.
Measure system performance impact on host resources.
Document deployment strategies and enterprise scalability concerns.
