SeaSentinel: An Intrusion Detection System (IDS) designed to enhance the security of GMDSS maritime communications, monitoring for unauthorized access and anomalies.
SeaSentinel provides comprehensive security monitoring for the Global Maritime Distress and Safety System (GMDSS), covering:
- DSC (Digital Selective Calling): Monitor distress alerts and detect unauthorized transmissions
- NAVTEX: Validate navigational warnings and safety broadcasts
- AIS/NMEA: Detect spoofed vessel identities and anomalous position reports
- Voice Communications: Analyze maritime voice channels for suspicious activity
Visit our comprehensive documentation site at https://cywf.github.io/SeaSentinel/ to explore:
- Home - Project overview and quick links
- Rulebook Explorer - Browse detection rules, signatures, and playbooks
- Statistics - Repository metrics and contribution stats
- Discussions - Community conversations
- Development Board - Project roadmap and tasks
- Create Issue - Report bugs or request features
- Docs - Full documentation and GMDSS primer
- Visualizer - System architecture diagrams
The rulebook system uses the following folder conventions:
rules/
├── dsc_rules.yml # DSC protocol detection rules
├── navtex_rules.yml # NAVTEX protocol rules
└── ais_rules.yml # AIS/NMEA rules
signatures/
├── dsc_signatures.yml # DSC signature patterns
├── navtex_signatures.yml # NAVTEX patterns
└── voice_patterns.yml # Voice analysis patterns
playbooks/
├── isolation.md # Isolation procedures
├── triage.md # Triage steps
└── notification.md # Notification protocols
id: dsc-unauthorized-distress
name: Unauthorized DSC Distress Alert
severity: critical
protocol: DSC
description: Detects DSC distress calls from unknown or blacklisted MMSIs
match:
category: distress
format: geographic-areaThe documentation site automatically generates rulebook indexes during CI/CD:
- Rules Index (
site/scripts/index_rules.ts) - Parsesrules/**/*.{yml,yaml,json} - Signatures Index (
site/scripts/index_signatures.ts) - Parsessignatures/**/*.{yml,yaml,json} - Playbooks Index (
site/scripts/index_playbooks.ts) - Parsesplaybooks/**/*.{md,markdown}
All parsing is best-effort and does not require secrets. Data is generated at build time and served statically.
We welcome contributions! Please see our issue templates for:
- Bug Reports - Report issues you encounter
- Feature Requests - Suggest new capabilities
- Documentation - Help improve our docs
This project is licensed under the MIT License - see the LICENSE file for details.
SeaSentinel is a security monitoring tool. All monitoring must comply with:
- Applicable maritime regulations
- Radio licensing requirements
- Privacy laws and data protection regulations
Never monitor communications without proper authorization.