[{"data":1,"prerenderedAt":199},["ShallowReactive",2],{"project-hackathon-cnd":3},{"id":4,"title":5,"description":6,"extension":7,"favorite":8,"icon":9,"meta":10,"publishedAt":185,"readingTime":186,"shortDescription":187,"slug":188,"status":189,"stem":190,"tags":191,"type":197,"__hash__":198},"projects\u002Fprojects\u002Fhackathon-cnd.md","CND Hackathon: Defense-Grade Log Intelligence","A high-stakes cybersecurity challenge organized by the French Ministry of Defense (CND). Representing Université Paris-Dauphine, our team spent 3 days in a high-security military fortress developing ML models to detect stealthy cyber threats in firewall logs.","md",false,"i-ph-shield-check-duotone",{"body":11},{"type":12,"value":13,"toc":173},"minimark",[14,19,32,43,47,50,55,58,74,78,85,103,112,116,123,137,141,167,170],[15,16,18],"h2",{"id":17},"the-setting-fort-de-mont-valérien","The Setting: Fort de Mont-Valérien",[20,21,22,23,27,28,31],"p",{},"This was not a typical university hackathon. Organized by the ",[24,25,26],"strong",{},"Commissariat au Numerique de Defense (CND)",", the event took place over three intense days within the walls of the ",[24,29,30],{},"Fort de Mont-Valerien",", a highly secured military fortress.",[20,33,34,35,38,39,42],{},"Working in this environment underscored the real-world stakes of the mission. Our ",[24,36,37],{},"team of six",", representing ",[24,40,41],{},"Universite Paris-Dauphine",", competed against several elite engineering schools to solve critical defense-related data challenges.",[15,44,46],{"id":45},"the-mission-classifying-the-invisible","The Mission: Classifying the Invisible",[20,48,49],{},"The core task involved processing poorly labeled and noisy firewall logs. In a defense context, a \"missing\" log or a mislabeled entry can be the difference between a minor system bug and a coordinated intrusion.",[51,52,54],"h3",{"id":53},"_1-tactical-log-translation","1. Tactical Log Translation",[20,56,57],{},"Firewall logs are often cryptic and inconsistent. We developed a preprocessing pipeline to:",[59,60,61,68],"ul",{},[62,63,64,67],"li",{},[24,65,66],{},"Feature Extraction:"," Parse raw logs into structured data (headers, flags, payloads).",[62,69,70,73],{},[24,71,72],{},"Contextual Labeling:"," Distinguish between routine system \"bugs\" (non-malicious failures) and actual \"attacks\" (malicious intent).",[51,75,77],{"id":76},"_2-strategic-goal-recalling-the-threat","2. Strategic Goal: Recalling the Threat",[20,79,80,81,84],{},"In military cybersecurity, the cost of a ",[24,82,83],{},"False Negative"," (an undetected attack) is catastrophic.",[59,86,87,97],{},[62,88,89,92,93,96],{},[24,90,91],{},"Model Priority:"," We optimized our classifiers specifically for ",[24,94,95],{},"Recall",". We would rather investigate a few system bugs (False Positives) than let a single attack slip through the net.",[62,98,99,102],{},[24,100,101],{},"Techniques:"," We used ensemble methods (XGBoost\u002FRandom Forest) combined with advanced resampling to handle the heavy class imbalance typical of network traffic.",[104,105,106],"blockquote",{},[20,107,108,111],{},[24,109,110],{},"Key Achievement:"," Our model significantly reduced the rate of undetected threats compared to the baseline configurations provided at the start of the challenge.",[15,113,115],{"id":114},"deployment-interaction","Deployment & Interaction",[20,117,118,119,122],{},"To make our findings operational, we built a ",[24,120,121],{},"Streamlit-based command center",":",[59,124,125,131],{},[62,126,127,130],{},[24,128,129],{},"On-the-Fly Analysis:"," Security officers can paste a single log line to get an immediate \"Bug vs. Attack\" probability score.",[62,132,133,136],{},[24,134,135],{},"Bulk Audit:"," The interface supports CSV uploads, allowing for the rapid analysis of entire daily log batches to highlight high-risk anomalies.",[15,138,140],{"id":139},"technical-stack","Technical Stack",[59,142,143,149,155,161],{},[62,144,145,148],{},[24,146,147],{},"Language:"," Python",[62,150,151,154],{},[24,152,153],{},"ML Library:"," Scikit-learn, XGBoost",[62,156,157,160],{},[24,158,159],{},"Deployment:"," Streamlit",[62,162,163,166],{},[24,164,165],{},"Environment:"," High-security on-site military infrastructure",[168,169],"hr",{},[20,171,172],{},"Representing Dauphine in such a specialized environment was a highlight of my academic year. I can share more details on the feature engineering techniques we used to clean the raw military logs.",{"title":174,"searchDepth":175,"depth":175,"links":176},"",2,[177,178,183,184],{"id":17,"depth":175,"text":18},{"id":45,"depth":175,"text":46,"children":179},[180,182],{"id":53,"depth":181,"text":54},3,{"id":76,"depth":181,"text":77},{"id":114,"depth":175,"text":115},{"id":139,"depth":175,"text":140},"2025-10-28",4,"Cybersecurity threat detection within a high-security military environment.","hackathon-cnd","Completed","projects\u002Fhackathon-cnd",[192,193,194,195,196],"Python","Streamlit","Cybersecurity","Machine Learning","Scikit-learn","Hackathon","lCaqM02oVnhENsgSMAtJg6N-vzsXcO-vNLYGU1ZZl0g",1777982168052]