AWS-Based Secure Architecture Project

Overview

I participated in building a secure hotel booking web service based on an AWS 2-Tier architecture. The project involved designing and implementing the entire infrastructure, enhancing security measures, and responding to simulated cyber-attacks. We validated the defence system through practical XSS and SQL injection attack testing.

My Role

I was responsible for designing and configuring the AWS VPC and network architecture, verifying and implementing countermeasures for XSS and SQL injection attack scenarios, setting up AWS WAF with region-based IP blocking rules, strengthening perimeter security through firewall and ACL configurations, and integrating security logging with real-time monitoring to establish an effective threat detection and response environment.

Result

• Successfully designed and deployed AWS infrastructure (7 EC2 instances, RDS, S3, Route 53, ElastiCache, and more)
• Effectively blocked major web attacks such as XSS and SQL injection using IP-based defence rules
• Established a real-time security monitoring environment using WAF and GuardDuty
• Implemented an alert and monitoring system with Zabbix, Grafana and Prometheus

Tech Stack

AWS – EC2, RDS, S3, Route 53, CloudFront, ACM, ElastiCache
WAF, Network ACL, IP Blocking, XSS & SQLi Attack Mitigation
Zabbix, Prometheus, Grafana, AWS CLI, CloudWatch, Telegram Alert
Docker, Auto Scaling, Load Balancer

Presentation (PDF)

You can check the project presentation here — Korean PDF available below.

Download