Skip to content

Mormukut976/DeepGuard-AI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.data
.data
 
 
.github/workflows
.github/workflows
 
 
data
data
 
 
src
src
 
 
.gitignore
.gitignore
 
 
DeepGuard.py
DeepGuard.py
 
 
Dockerfile
Dockerfile
 
 
README 2.md
README 2.md
 
 
README.md
README.md
 
 
adversarial_demo.py
adversarial_demo.py
 
 
dashboard.py
dashboard.py
 
 
llm_security_detector.py
llm_security_detector.py
 
 
log_anomaly_detector.joblib
log_anomaly_detector.joblib
 
 
mitre_mapper.py
mitre_mapper.py
 
 
network_anomaly_detector.joblib
network_anomaly_detector.joblib
 
 
requirements.txt
requirements.txt
 
 
run_api.py
run_api.py
 
 
run_api_v2.py
run_api_v2.py
 
 
security.yml
security.yml
 
 
test_api.py
test_api.py
 
 
test_detectors.py
test_detectors.py
 
 
train_model.py
train_model.py
 
 

Repository files navigation

🛡️ DeepGuard AI - Enterprise Cybersecurity Platform

Python FastAPI Streamlit MITRE ATT&CK Docker License

AI-powered, multi-modal cybersecurity threat detection with MITRE ATT&CK integration, adversarial robustness testing, and enterprise SIEM support.

🚀 Key Features

Feature Description Status
📧 Phishing Detection DistilBERT-based email analysis
🔐 LLM Security Prompt injection detection (Zelis AI compliant)
📊 Log Anomaly Isolation Forest for anomaly detection
🌐 Network Security Real-time packet capture
🎯 MITRE ATT&CK Complete v14.0 mapping
🛡️ Adversarial Robustness FGSM/PGD attack simulation
📤 SIEM Integration Microsoft Sentinel + Slack/Email
🔧 CI/CD Security Bandit + Safety + Trivy

🏗️ Architecture

DeepGuard AI/ ├── 📧 Phishing Detector (DistilBERT) ├── 📊 Log Anomaly Detector (Isolation Forest) ├── 🌐 Network Anomaly Detector (Isolation Forest) ├── 🔌 FastAPI Backend └── 💻 Streamlit Frontend

text

🛠️ Installation

  1. Clone Repository
git clone <repository-url>
cd DeepGuard-AI
Install Dependencies

bash
pip install -r requirements.txt
Train Models

bash
python train_models.py
Start API Server

bash
python run_api.py
Start Frontend (New Terminal)

bash
streamlit run frontend/app.py
Access System

API Docs: http://localhost:8000/docs

Dashboard: http://localhost:8501

📊 API Endpoints
POST /analyze/phishing - Analyze emails for phishing

POST /analyze/logs - Detect anomalies in system logs

POST /analyze/network - Monitor network traffic

POST /analyze/comprehensive - Complete security scan

GET /system/status - System health check

🧠 ML Models
Phishing Detection: Fine-tuned DistilBERT model

Log Analysis: Isolation Forest for anomaly detection

Network Analysis: Isolation Forest for traffic patterns

🎯 Usage Examples
Phishing Detection
python
import requests

response = requests.post("http://localhost:8000/analyze/phishing", 
    json={"emails": ["You won $1000! Click here..."]}
)
print(response.json())
Comprehensive Scan
python
payload = {
    "emails": [...],
    "logs": [...], 
    "network_traffic": [...]
}
response = requests.post("http://localhost:8000/analyze/comprehensive", json=payload)
📈 Performance
Phishing Detection Accuracy: ~90%

Log Anomaly Detection: ~85%

Network Threat Detection: ~88%

Response Time: < 2 seconds

🔧 Development
Backend: FastAPI + Python

Frontend: Streamlit

ML: PyTorch, Scikit-learn, Transformers

Data: Pandas, NumPy

About

AI-powered cybersecurity threat detection system

Topics

nlp machine-learning owasp cybersecurity mitre-attack ai-security threat-detection fastapi streamlit prompt-injection

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages