Ransomware Attack Log Analysis

Developed a comprehensive ransomware attack log analysis project, which included creating a database to store and analyze data related to ransomware attacks. The project used realistic attack scenarios to illustrate the analysis of attack patterns, including attack severity, source IP addresses, attack success/failure, and ransom amounts.

Key Features:

We designed and implemented a database structure that included tables for ransomware log entries and attack details.

We added complex queries to analyze attack patterns based on attack severity, source IP addresses, timestamps, and attack success.

We used SQL joins to link related data across multiple tables for deeper analysis.

We created custom reports such as:

Number of attacks by severity and source IP addresses.

Hourly attack trends and ransom amounts by source IP addresses.

Updated logs with additional attack details (such as ransomware type and encrypted file types).

Data analysis was applied to identify high-priority ransomware sources and trends over time.

Result:

Successfully demonstrated the ability to store, process, and analyze complex data using SQL Server.

Gain practical experience with SQL queries, relational databases, and data reporting in a security context.

Technologies used: SQL Server, T-SQL, data analysis