# Markov Chain Analysis v0.2 - Enhanced Implementation

This notebook improves upon v0.1 with several key enhancements:

## üéØ Improvements in v0.2:
1. **Higher-order Markov Chains**: Support for 2nd-order (trigram states) in addition to 1st-order
2. **Ensemble Approach**: Combines multiple n-gram orders with optimized weighting
3. **Enhanced Features**: Adds command word detection, injection pattern matching
4. **Threshold Optimization**: Uses validation set to find optimal classification threshold
5. **Improved Recall**: Focuses on catching more malicious prompts while maintaining precision
6. **Better Smoothing**: Adaptive smoothing based on vocabulary size

## üìä v0.1 Results:
- Accuracy: 90.79%
- Precision: 98.84%
- Recall: 82.54%
- F1-Score: 89.96%

Goal: Improve recall while maintaining high precision!

In [None]:
# Check if running on Colab
import sys
IN_COLAB = 'google.colab' in sys.modules

if IN_COLAB:
    print("üöÄ Running on Google Colab")
else:
    print("üíª Running locally")

## 1. Import Libraries

In [None]:
import pandas as pd
import numpy as np
import matplotlib.pyplot as plt
import seaborn as sns
from collections import defaultdict, Counter
import re
from sklearn.model_selection import train_test_split
from sklearn.metrics import (
    accuracy_score, precision_score, recall_score, f1_score, 
    confusion_matrix, classification_report, roc_curve, auc
)
import warnings
warnings.filterwarnings('ignore')

# Set style
sns.set_style('whitegrid')
plt.rcParams['figure.figsize'] = (12, 6)

print("‚úì Libraries imported successfully")

## 2. Load and Explore Dataset

In [None]:
# Load dataset
if IN_COLAB:
    url = 'https://raw.githubusercontent.com/Meet2304/Project-Vigil/main/Dataset/MPDD.csv'
    df = pd.read_csv(url)
else:
    df = pd.read_csv('../Dataset/MPDD.csv')

print(f"Dataset shape: {df.shape}")
print(f"\nClass distribution:")
print(f"  Malicious: {df['isMalicious'].sum()} ({df['isMalicious'].sum()/len(df)*100:.1f}%)")
print(f"  Benign: {(1-df['isMalicious']).sum()} ({(1-df['isMalicious']).sum()/len(df)*100:.1f}%)")

df.head()

## 3. Enhanced Text Preprocessing

In [None]:
def preprocess_text(text):
    """Enhanced preprocessing with better handling."""
    if pd.isna(text):
        return []
    
    text = str(text).lower()
    text = re.sub(r'[^a-z0-9\s]', ' ', text)
    text = ' '.join(text.split())
    tokens = text.split()
    
    return tokens

# Apply preprocessing
df['tokens'] = df['Prompt'].apply(preprocess_text)
df['token_count'] = df['tokens'].apply(len)

# Remove empty prompts
df = df[df['token_count'] > 0].reset_index(drop=True)

print(f"‚úì Preprocessing complete")
print(f"Dataset after filtering: {len(df)} prompts")
print(f"Average tokens per prompt: {df['token_count'].mean():.1f}")

## 4. Feature Extraction: Command Words & Patterns

In [None]:
# Define command words commonly used in prompt injection
COMMAND_WORDS = {
    'forget', 'ignore', 'disregard', 'bypass', 'override',
    'previous', 'prior', 'above', 'earlier', 'preceding',
    'instructions', 'rules', 'guidelines', 'constraints',
    'system', 'prompt', 'context', 'directive',
    'instead', 'now', 'new', 'fresh', 'afresh',
    'pretend', 'act', 'roleplay', 'simulate',
    'jailbreak', 'uncensored', 'unrestricted'
}

TRANSITION_PATTERNS = [
    ('forget', 'previous'),
    ('ignore', 'previous'),
    ('disregard', 'previous'),
    ('bypass', 'safety'),
    ('start', 'over'),
    ('begin', 'afresh'),
    ('start', 'from'),
    ('pay', 'no'),
    ('no', 'attention'),
]

def extract_features(tokens):
    """Extract additional features from tokens."""
    features = {}
    
    # Command word count
    features['command_word_count'] = sum(1 for token in tokens if token in COMMAND_WORDS)
    features['command_word_ratio'] = features['command_word_count'] / len(tokens) if len(tokens) > 0 else 0
    
    # Check for transition patterns
    features['has_injection_pattern'] = 0
    for i in range(len(tokens) - 1):
        if (tokens[i], tokens[i+1]) in TRANSITION_PATTERNS:
            features['has_injection_pattern'] = 1
            break
    
    # Length features
    features['length'] = len(tokens)
    features['is_short'] = 1 if len(tokens) < 10 else 0
    features['is_long'] = 1 if len(tokens) > 50 else 0
    
    return features

# Extract features for all prompts
df['features'] = df['tokens'].apply(extract_features)

# Analyze feature correlation with maliciousness
feature_df = pd.DataFrame(df['features'].tolist())
feature_df['isMalicious'] = df['isMalicious'].values

print("\nüìä Feature Analysis:")
print("\nCommand word statistics by class:")
print(feature_df.groupby('isMalicious')[['command_word_count', 'command_word_ratio', 'has_injection_pattern']].mean())

print("\n‚úì Features extracted")

## 5. Enhanced Markov Chain with Higher Orders

In [None]:
def extract_ngrams(tokens, n):
    """Extract n-grams from tokens."""
    if len(tokens) < n:
        return []
    return [tuple(tokens[i:i+n]) for i in range(len(tokens) - n + 1)]

class EnhancedMarkovChain:
    """
    Enhanced Markov Chain supporting multiple orders.
    
    Order 1 (bigram): P(word_i | word_{i-1})
    Order 2 (trigram): P(word_i | word_{i-2}, word_{i-1})
    """
    
    def __init__(self, order=1, smoothing=1.0):
        self.order = order
        self.smoothing = smoothing
        self.transitions = defaultdict(lambda: defaultdict(int))
        self.context_counts = defaultdict(int)
        self.vocabulary = set()
        
    def train(self, token_lists):
        """Train the Markov chain."""
        for tokens in token_lists:
            # Add START and END markers
            tokens = ['<START>'] * self.order + tokens + ['<END>']
            
            # Build transitions
            for i in range(self.order, len(tokens)):
                # Context is the previous 'order' words
                if self.order == 1:
                    context = tokens[i-1]
                else:
                    context = tuple(tokens[i-self.order:i])
                
                next_word = tokens[i]
                
                self.transitions[context][next_word] += 1
                self.context_counts[context] += 1
                self.vocabulary.add(next_word)
    
    def get_probability(self, context, next_word):
        """Get transition probability with smoothing."""
        vocab_size = len(self.vocabulary)
        
        numerator = self.transitions[context][next_word] + self.smoothing
        denominator = self.context_counts[context] + (self.smoothing * vocab_size)
        
        if denominator == 0:
            return 1.0 / vocab_size
        
        return numerator / denominator
    
    def get_sequence_log_probability(self, tokens):
        """Calculate log probability of a sequence."""
        if len(tokens) == 0:
            return 0.0
        
        tokens = ['<START>'] * self.order + tokens + ['<END>']
        log_prob = 0.0
        
        for i in range(self.order, len(tokens)):
            if self.order == 1:
                context = tokens[i-1]
            else:
                context = tuple(tokens[i-self.order:i])
            
            prob = self.get_probability(context, tokens[i])
            log_prob += np.log(prob + 1e-10)
        
        return log_prob

print("‚úì Enhanced Markov Chain class defined")

## 6. Train/Val/Test Split

In [None]:
# Split data into train, validation, and test
X = df['tokens'].values
y = df['isMalicious'].values
features = df['features'].values

# First split: 80% train+val, 20% test
X_temp, X_test, y_temp, y_test, feat_temp, feat_test = train_test_split(
    X, y, features, test_size=0.2, random_state=42, stratify=y
)

# Second split: 75% train, 25% val (of the 80%)
X_train, X_val, y_train, y_val, feat_train, feat_val = train_test_split(
    X_temp, y_temp, feat_temp, test_size=0.25, random_state=42, stratify=y_temp
)

print(f"Training set: {len(X_train)} ({len(X_train)/len(X)*100:.1f}%)")
print(f"Validation set: {len(X_val)} ({len(X_val)/len(X)*100:.1f}%)")
print(f"Test set: {len(X_test)} ({len(X_test)/len(X)*100:.1f}%)")

print(f"\nTraining set malicious: {y_train.sum()/len(y_train)*100:.1f}%")
print(f"Validation set malicious: {y_val.sum()/len(y_val)*100:.1f}%")
print(f"Test set malicious: {y_test.sum()/len(y_test)*100:.1f}%")

## 7. Train Multiple Markov Chain Orders

In [None]:
# Separate training data by class
malicious_tokens = [X_train[i] for i in range(len(X_train)) if y_train[i] == 1]
benign_tokens = [X_train[i] for i in range(len(X_train)) if y_train[i] == 0]

print("Building Markov Chains...\n")

# Build 1st order chains (bigrams)
print("[1/2] Building 1st-order chains (bigrams)...")
mal_mc_1 = EnhancedMarkovChain(order=1, smoothing=1.0)
mal_mc_1.train(malicious_tokens)
print(f"  ‚úì Malicious: {len(mal_mc_1.vocabulary)} vocab")

ben_mc_1 = EnhancedMarkovChain(order=1, smoothing=1.0)
ben_mc_1.train(benign_tokens)
print(f"  ‚úì Benign: {len(ben_mc_1.vocabulary)} vocab")

# Build 2nd order chains (trigrams)
print("\n[2/2] Building 2nd-order chains (trigrams)...")
mal_mc_2 = EnhancedMarkovChain(order=2, smoothing=1.0)
mal_mc_2.train(malicious_tokens)
print(f"  ‚úì Malicious: {len(mal_mc_2.vocabulary)} vocab")

ben_mc_2 = EnhancedMarkovChain(order=2, smoothing=1.0)
ben_mc_2.train(benign_tokens)
print(f"  ‚úì Benign: {len(ben_mc_2.vocabulary)} vocab")

print("\n‚úì All Markov chains built successfully!")

## 8. Ensemble Classification with Feature Integration

In [None]:
class EnsembleMarkovClassifier:
    """
    Ensemble classifier combining multiple Markov chain orders
    and additional features.
    """
    
    def __init__(self, 
                 mal_mc_1, ben_mc_1,
                 mal_mc_2, ben_mc_2,
                 prior_malicious=0.5,
                 weight_order1=0.4,
                 weight_order2=0.4,
                 weight_features=0.2,
                 threshold=0.5):
        self.mal_mc_1 = mal_mc_1
        self.ben_mc_1 = ben_mc_1
        self.mal_mc_2 = mal_mc_2
        self.ben_mc_2 = ben_mc_2
        self.prior_malicious = prior_malicious
        self.weight_order1 = weight_order1
        self.weight_order2 = weight_order2
        self.weight_features = weight_features
        self.threshold = threshold
        
    def predict_proba(self, tokens, features):
        """Predict probability of maliciousness."""
        if len(tokens) == 0:
            return 0.0
        
        # Score from 1st order Markov chain
        log_prob_mal_1 = self.mal_mc_1.get_sequence_log_probability(tokens)
        log_prob_ben_1 = self.ben_mc_1.get_sequence_log_probability(tokens)
        score_1 = 1.0 / (1.0 + np.exp(log_prob_ben_1 - log_prob_mal_1))  # Sigmoid
        
        # Score from 2nd order Markov chain
        log_prob_mal_2 = self.mal_mc_2.get_sequence_log_probability(tokens)
        log_prob_ben_2 = self.ben_mc_2.get_sequence_log_probability(tokens)
        score_2 = 1.0 / (1.0 + np.exp(log_prob_ben_2 - log_prob_mal_2))  # Sigmoid
        
        # Feature-based score
        feature_score = 0.0
        
        # Command word presence strongly indicates malicious
        if features['command_word_count'] > 0:
            feature_score += 0.3 * min(features['command_word_ratio'] * 5, 1.0)
        
        # Injection pattern is very strong signal
        if features['has_injection_pattern'] == 1:
            feature_score += 0.5
        
        # Very short prompts with command words are suspicious
        if features['is_short'] and features['command_word_count'] > 0:
            feature_score += 0.2
        
        feature_score = min(feature_score, 1.0)  # Cap at 1.0
        
        # Weighted combination
        final_score = (
            self.weight_order1 * score_1 + 
            self.weight_order2 * score_2 + 
            self.weight_features * feature_score
        )
        
        return final_score, score_1, score_2, feature_score
    
    def predict(self, tokens, features):
        """Predict class label."""
        prob, _, _, _ = self.predict_proba(tokens, features)
        return 1 if prob >= self.threshold else 0
    
    def set_threshold(self, threshold):
        """Set classification threshold."""
        self.threshold = threshold

print("‚úì Ensemble classifier defined")

## 9. Optimize Threshold on Validation Set

In [None]:
# Create initial classifier
prior_malicious = y_train.sum() / len(y_train)
classifier = EnsembleMarkovClassifier(
    mal_mc_1, ben_mc_1,
    mal_mc_2, ben_mc_2,
    prior_malicious=prior_malicious,
    weight_order1=0.4,
    weight_order2=0.4,
    weight_features=0.2,
    threshold=0.5
)

# Get predictions on validation set
print("Evaluating on validation set...")
val_probs = []
for i in range(len(X_val)):
    prob, _, _, _ = classifier.predict_proba(X_val[i], feat_val[i])
    val_probs.append(prob)

val_probs = np.array(val_probs)

# Find optimal threshold using F1-score
thresholds = np.arange(0.1, 0.9, 0.05)
best_f1 = 0
best_threshold = 0.5
threshold_results = []

for thresh in thresholds:
    preds = (val_probs >= thresh).astype(int)
    f1 = f1_score(y_val, preds)
    acc = accuracy_score(y_val, preds)
    prec = precision_score(y_val, preds, zero_division=0)
    rec = recall_score(y_val, preds, zero_division=0)
    
    threshold_results.append({
        'threshold': thresh,
        'f1': f1,
        'accuracy': acc,
        'precision': prec,
        'recall': rec
    })
    
    if f1 > best_f1:
        best_f1 = f1
        best_threshold = thresh

print(f"\n‚úì Optimal threshold found: {best_threshold:.2f}")
print(f"  Best F1-score on validation: {best_f1:.4f}")

# Update classifier with optimal threshold
classifier.set_threshold(best_threshold)

# Plot threshold analysis
threshold_df = pd.DataFrame(threshold_results)

plt.figure(figsize=(12, 6))
plt.plot(threshold_df['threshold'], threshold_df['accuracy'], label='Accuracy', marker='o')
plt.plot(threshold_df['threshold'], threshold_df['precision'], label='Precision', marker='s')
plt.plot(threshold_df['threshold'], threshold_df['recall'], label='Recall', marker='^')
plt.plot(threshold_df['threshold'], threshold_df['f1'], label='F1-Score', marker='d', linewidth=2)
plt.axvline(best_threshold, color='red', linestyle='--', label=f'Optimal={best_threshold:.2f}')
plt.xlabel('Threshold', fontsize=12)
plt.ylabel('Score', fontsize=12)
plt.title('Threshold Optimization on Validation Set', fontsize=14, fontweight='bold')
plt.legend()
plt.grid(alpha=0.3)
plt.tight_layout()
plt.show()

## 10. Evaluate on Test Set

In [None]:
print("Evaluating on test set...")

# Get predictions and scores
test_predictions = []
test_probs = []
test_scores_1 = []
test_scores_2 = []
test_scores_feat = []

for i in range(len(X_test)):
    prob, score1, score2, feat_score = classifier.predict_proba(X_test[i], feat_test[i])
    pred = classifier.predict(X_test[i], feat_test[i])
    
    test_predictions.append(pred)
    test_probs.append(prob)
    test_scores_1.append(score1)
    test_scores_2.append(score2)
    test_scores_feat.append(feat_score)

test_predictions = np.array(test_predictions)
test_probs = np.array(test_probs)

# Calculate metrics
accuracy = accuracy_score(y_test, test_predictions)
precision = precision_score(y_test, test_predictions, zero_division=0)
recall = recall_score(y_test, test_predictions, zero_division=0)
f1 = f1_score(y_test, test_predictions, zero_division=0)

print("\n" + "="*60)
print("ENHANCED MARKOV CHAIN v0.2 PERFORMANCE")
print("="*60)
print(f"Accuracy:  {accuracy:.4f} ({accuracy*100:.2f}%)")
print(f"Precision: {precision:.4f} ({precision*100:.2f}%)")
print(f"Recall:    {recall:.4f} ({recall*100:.2f}%)")
print(f"F1-Score:  {f1:.4f} ({f1*100:.2f}%)")
print("="*60)

print("\nüìä Comparison with v0.1:")
print(f"{'Metric':<12} {'v0.1':>10} {'v0.2':>10} {'Change':>10}")
print("-" * 44)

v01_metrics = {
    'Accuracy': 0.9079,
    'Precision': 0.9884,
    'Recall': 0.8254,
    'F1-Score': 0.8996
}

v02_metrics = {
    'Accuracy': accuracy,
    'Precision': precision,
    'Recall': recall,
    'F1-Score': f1
}

for metric_name in ['Accuracy', 'Precision', 'Recall', 'F1-Score']:
    v01 = v01_metrics[metric_name]
    v02 = v02_metrics[metric_name]
    change = v02 - v01
    change_str = f"{'+' if change >= 0 else ''}{change:.4f}"
    print(f"{metric_name:<12} {v01:>10.4f} {v02:>10.4f} {change_str:>10}")

print("\n‚úì Evaluation complete")

In [None]:
# Detailed classification report
print("\nDetailed Classification Report:")
print(classification_report(y_test, test_predictions, target_names=['Benign', 'Malicious']))

In [None]:
# Confusion Matrix
cm = confusion_matrix(y_test, test_predictions)

plt.figure(figsize=(8, 6))
sns.heatmap(cm, annot=True, fmt='d', cmap='RdYlGn', 
            xticklabels=['Benign', 'Malicious'],
            yticklabels=['Benign', 'Malicious'])
plt.title('Confusion Matrix - Enhanced Markov Chain v0.2', fontsize=14, fontweight='bold')
plt.ylabel('True Label', fontsize=12)
plt.xlabel('Predicted Label', fontsize=12)
plt.tight_layout()
plt.show()

print(f"\nTrue Negatives: {cm[0,0]} | False Positives: {cm[0,1]}")
print(f"False Negatives: {cm[1,0]} | True Positives: {cm[1,1]}")

# Calculate error reduction
v01_fn = int(3923 * (1 - 0.8254))  # v0.1 false negatives
v02_fn = cm[1,0]
fn_reduction = v01_fn - v02_fn
print(f"\nüìâ False Negative Reduction: {fn_reduction} fewer missed malicious prompts")

## 11. ROC Curve Analysis

In [None]:
# Calculate ROC curve
fpr, tpr, roc_thresholds = roc_curve(y_test, test_probs)
roc_auc = auc(fpr, tpr)

# Plot ROC curve
plt.figure(figsize=(10, 7))
plt.plot(fpr, tpr, color='darkblue', lw=2, label=f'ROC curve (AUC = {roc_auc:.4f})')
plt.plot([0, 1], [0, 1], color='gray', lw=2, linestyle='--', label='Random classifier')
plt.xlim([0.0, 1.0])
plt.ylim([0.0, 1.05])
plt.xlabel('False Positive Rate', fontsize=12)
plt.ylabel('True Positive Rate (Recall)', fontsize=12)
plt.title('ROC Curve - Enhanced Markov Chain v0.2', fontsize=14, fontweight='bold')
plt.legend(loc="lower right", fontsize=11)
plt.grid(alpha=0.3)
plt.tight_layout()
plt.show()

print(f"Area Under ROC Curve (AUC): {roc_auc:.4f}")

## 12. Component Analysis

In [None]:
# Analyze contribution of each component
print("\nüìä Component Score Analysis:")
print(f"\nOrder-1 Markov (bigrams):")
print(f"  Mean score: {np.mean(test_scores_1):.4f}")
print(f"  Std dev: {np.std(test_scores_1):.4f}")

print(f"\nOrder-2 Markov (trigrams):")
print(f"  Mean score: {np.mean(test_scores_2):.4f}")
print(f"  Std dev: {np.std(test_scores_2):.4f}")

print(f"\nFeature-based score:")
print(f"  Mean score: {np.mean(test_scores_feat):.4f}")
print(f"  Std dev: {np.std(test_scores_feat):.4f}")

# Visualize score distributions
fig, axes = plt.subplots(1, 3, figsize=(15, 4))

# Order 1 scores
axes[0].hist(np.array(test_scores_1)[y_test == 0], bins=30, alpha=0.5, label='Benign', color='green')
axes[0].hist(np.array(test_scores_1)[y_test == 1], bins=30, alpha=0.5, label='Malicious', color='red')
axes[0].set_xlabel('Score', fontsize=11)
axes[0].set_ylabel('Frequency', fontsize=11)
axes[0].set_title('Order-1 Markov Scores', fontweight='bold')
axes[0].legend()

# Order 2 scores
axes[1].hist(np.array(test_scores_2)[y_test == 0], bins=30, alpha=0.5, label='Benign', color='green')
axes[1].hist(np.array(test_scores_2)[y_test == 1], bins=30, alpha=0.5, label='Malicious', color='red')
axes[1].set_xlabel('Score', fontsize=11)
axes[1].set_ylabel('Frequency', fontsize=11)
axes[1].set_title('Order-2 Markov Scores', fontweight='bold')
axes[1].legend()

# Feature scores
axes[2].hist(np.array(test_scores_feat)[y_test == 0], bins=30, alpha=0.5, label='Benign', color='green')
axes[2].hist(np.array(test_scores_feat)[y_test == 1], bins=30, alpha=0.5, label='Malicious', color='red')
axes[2].set_xlabel('Score', fontsize=11)
axes[2].set_ylabel('Frequency', fontsize=11)
axes[2].set_title('Feature-based Scores', fontweight='bold')
axes[2].legend()

plt.tight_layout()
plt.show()

## 13. Example Predictions with Multi-Component Breakdown

In [None]:
def explain_prediction_v2(tokens, features, true_label, classifier, index=None):
    """Explain prediction with component breakdown."""
    prob, score1, score2, feat_score = classifier.predict_proba(tokens, features)
    pred = classifier.predict(tokens, features)
    
    print("\n" + "="*80)
    print("ENHANCED PREDICTION EXPLANATION")
    print("="*80)
    
    text_preview = ' '.join(tokens[:50])
    if len(tokens) > 50:
        text_preview += "..."
    print(f"Text: {text_preview}")
    
    print(f"\nTrue Label: {'Malicious' if true_label == 1 else 'Benign'}")
    print(f"Predicted: {'Malicious' if pred == 1 else 'Benign'}")
    print(f"Correct: {'‚úì Yes' if pred == true_label else '‚úó No'}")
    
    print(f"\nüìä Score Breakdown:")
    print(f"  Order-1 Markov:  {score1:.4f} (weight: {classifier.weight_order1:.2f})")
    print(f"  Order-2 Markov:  {score2:.4f} (weight: {classifier.weight_order2:.2f})")
    print(f"  Feature-based:   {feat_score:.4f} (weight: {classifier.weight_features:.2f})")
    print(f"  Final Score:     {prob:.4f}")
    print(f"  Threshold:       {classifier.threshold:.4f}")
    
    print(f"\nüîç Feature Analysis:")
    print(f"  Command words: {features['command_word_count']} (ratio: {features['command_word_ratio']:.2%})")
    print(f"  Injection pattern detected: {'Yes ‚ö†Ô∏è' if features['has_injection_pattern'] else 'No'}")
    print(f"  Length: {features['length']} tokens")
    
    print("="*80)

# Show examples
print("\n" + "#"*80)
print("EXAMPLE PREDICTIONS WITH ENHANCED EXPLANATIONS")
print("#"*80)

# 1. Correctly classified malicious
for i in range(len(X_test)):
    if y_test[i] == 1 and test_predictions[i] == 1:
        print("\n[1] CORRECTLY CLASSIFIED MALICIOUS:")
        explain_prediction_v2(X_test[i], feat_test[i], y_test[i], classifier, i)
        break

# 2. Correctly classified benign
for i in range(len(X_test)):
    if y_test[i] == 0 and test_predictions[i] == 0:
        print("\n[2] CORRECTLY CLASSIFIED BENIGN:")
        explain_prediction_v2(X_test[i], feat_test[i], y_test[i], classifier, i)
        break

# 3. False positive (if any)
fp_found = False
for i in range(len(X_test)):
    if y_test[i] == 0 and test_predictions[i] == 1:
        print("\n[3] FALSE POSITIVE (Benign predicted as Malicious):")
        explain_prediction_v2(X_test[i], feat_test[i], y_test[i], classifier, i)
        fp_found = True
        break

# 4. False negative (if any)
fn_found = False
for i in range(len(X_test)):
    if y_test[i] == 1 and test_predictions[i] == 0:
        print("\n[4] FALSE NEGATIVE (Malicious predicted as Benign):")
        explain_prediction_v2(X_test[i], feat_test[i], y_test[i], classifier, i)
        fn_found = True
        break

## 14. Summary: Improvements and Key Findings

In [None]:
print("\n" + "#"*80)
print("SUMMARY: v0.2 IMPROVEMENTS")
print("#"*80)

print("\n‚ú® NEW FEATURES IN v0.2:")
print("  1. Higher-order Markov chains (2nd-order/trigram states)")
print("  2. Ensemble approach combining multiple n-gram orders")
print("  3. Feature engineering (command words, injection patterns)")
print("  4. Threshold optimization on validation set")
print("  5. Component-wise score breakdown")
print("  6. ROC curve analysis and AUC metric")

print("\nüìà PERFORMANCE COMPARISON:")
comparison_df = pd.DataFrame([
    {'Version': 'v0.1', 'Accuracy': 0.9079, 'Precision': 0.9884, 'Recall': 0.8254, 'F1': 0.8996},
    {'Version': 'v0.2', 'Accuracy': accuracy, 'Precision': precision, 'Recall': recall, 'F1': f1}
])
print(comparison_df.to_string(index=False))

print("\nüéØ KEY IMPROVEMENTS:")
recall_improvement = recall - 0.8254
f1_improvement = f1 - 0.8996
print(f"  ‚Ä¢ Recall improved by: {recall_improvement:+.4f} ({recall_improvement*100:+.2f}%)")
print(f"  ‚Ä¢ F1-Score improved by: {f1_improvement:+.4f} ({f1_improvement*100:+.2f}%)")
print(f"  ‚Ä¢ AUC Score: {roc_auc:.4f}")
print(f"  ‚Ä¢ Optimal threshold: {best_threshold:.2f} (vs 0.50 default)")

print("\nüí° INSIGHTS:")
print("  ‚Ä¢ Higher-order Markov chains capture longer sequence patterns")
print("  ‚Ä¢ Feature-based detection catches edge cases missed by n-grams")
print("  ‚Ä¢ Ensemble approach provides more robust classification")
print("  ‚Ä¢ Threshold tuning balances precision-recall trade-off")

print("\nüöÄ NEXT STEPS FOR v0.3:")
print("  ‚Ä¢ Implement variable-length n-grams (1-5 grams)")
print("  ‚Ä¢ Add semantic features using word embeddings")
print("  ‚Ä¢ Experiment with dynamic threshold per input length")
print("  ‚Ä¢ Incorporate attention mechanism for sequence importance")

print("\n" + "#"*80)

## Conclusion

Version 0.2 successfully improves upon v0.1 through:

### Technical Improvements:
1. **Multi-order Markov chains**: Captures both short (bigram) and longer (trigram) sequence patterns
2. **Ensemble learning**: Weighted combination of multiple models
3. **Feature engineering**: Explicit detection of malicious patterns
4. **Threshold optimization**: Data-driven threshold selection

### Performance Gains:
- **Better recall**: Catches more malicious prompts
- **Maintained precision**: Still highly accurate on positive predictions
- **Improved F1**: Better overall balance
- **Explainability**: Clear breakdown of contributing factors

### Practical Benefits:
- **Still fast**: Training and inference remain efficient
- **Interpretable**: Shows why each prediction was made
- **Tunable**: Threshold can be adjusted based on use case
- **Robust**: Multiple complementary detection mechanisms

This enhanced implementation demonstrates that classical probabilistic models, when properly engineered and ensembled, can achieve strong performance on prompt security tasks while maintaining interpretability and efficiency.