<a href="https://colab.research.google.com/github/Sakshi4724/Development-of-Interactive-Cyber-Threat-Visualization-Dashboard/blob/main/development_of_interactive_cyber_treat_dasboard.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>


---

### **Python Task: Core Concepts & Libraries**

#### **1. Python Data Types**

Data types specify the type of value a variable holds. In cybersecurity data, correct types are crucial for analysis.

* **Integer (`int`):** Whole numbers (e.g., number of packets, port number).
* **Float (`float`):** Decimal numbers (e.g., threat probability score).
* **String (`str`):** Text (e.g., IP address, Country name).
* **Boolean (`bool`):** True/False values (e.g., is the firewall active?).

**Code Example:**

In [1]:
port_number = 8080          # int
threat_score = 9.5          # float
attacker_ip = "192.168.1.5" # str
is_blocked = True           # bool

print(type(threat_score))   # Output: <class 'float'>

<class 'float'>


---

#### **2. Python Data Structures (List, Tuple, Dict)**

These are containers used to store collections of data.

* **List:** Ordered and **mutable** (changeable). Used for collecting logs that grow over time.
* *Example:* A list of incoming IP addresses.


* **Tuple:** Ordered and **immutable** (unchangeable). Used for fixed data like coordinates or timestamped events that shouldn't be tampered with.
* *Example:* A specific log entry `(Timestamp, Severity)`.


* **Dictionary:** Key-Value pairs. **Mutable**. Used for structured data like JSON logs.
* *Example:* Details of a specific user profile or incident.



**Code Example:**

In [2]:
# LIST: We can add new IPs to the blacklist
blacklist_ips = ["10.0.0.1", "192.168.0.5"]
blacklist_ips.append("172.16.0.1")

# TUPLE: This log entry cannot be changed
incident_log = ("2025-02-04 10:00:00", "Critical")

# DICTIONARY: Storing complex details about an attack
attack_details = {
    "id": 101,
    "type": "SQL Injection",
    "origin": "Brazil",
    "resolved": False
}

print(f"Attack Type: {attack_details['type']}") # Output: SQL Injection

Attack Type: SQL Injection


---

#### **3. Object-Oriented Programming (OOPs)**

OOP helps organize code into "Classes" (blueprints) and "Objects" (instances). This is essential for building modular dashboards.

* **Class & Object:** A `CyberAttack` class is the blueprint; a specific DDoS attack is an object.
* **Encapsulation:** Hiding sensitive data (e.g., hiding the `_admin_password` variable).
* **Inheritance:** Creating specialized classes from a general one (e.g., `Ransomware` inherits from `CyberAttack`).
* **Polymorphism:** Different classes using the same method name (e.g., both `Firewall` and `Antivirus` classes have a `.scan()` method).

**Code Example:**

In [3]:
# Parent Class
class CyberAttack:
    def __init__(self, target_ip, severity):
        self.target_ip = target_ip
        self.severity = severity

    def alert(self):
        return f"General Alert: Attack on {self.target_ip}"

# Inheritance: Child Class
class Ransomware(CyberAttack):
    def __init__(self, target_ip, encryption_key):
        # Using super() to call parent constructor
        super().__init__(target_ip, severity="Critical")
        self.encryption_key = encryption_key

    # Polymorphism: Overriding the alert method
    def alert(self):
        return f"CRITICAL ALERT: Ransomware detected! Key: {self.encryption_key}"

# Creating Objects
generic_attack = CyberAttack("10.1.1.5", "Low")
wannacry = Ransomware("192.168.1.100", "XyZ123")

print(generic_attack.alert()) # Output: General Alert: Attack on 10.1.1.5
print(wannacry.alert())       # Output: CRITICAL ALERT: Ransomware detected! Key: XyZ123

General Alert: Attack on 10.1.1.5
CRITICAL ALERT: Ransomware detected! Key: XyZ123


---

#### **4. Statistical Libraries**

For this data science project, these libraries are mandatory for processing the logs before visualization.

* **Pandas:** The most important library. It handles data in "DataFrames" (tables). You will use this to clean logs.
* **NumPy:** Used for numerical calculations (arrays).
* **Statistics (Built-in):** Simple math functions like mean, median, mode.

**Code Example:**

In [5]:
import pandas as pd
import numpy as np

# Creating a DataFrame (Table)
data = {
    'Attack_Type': ['DDoS', 'Phishing', 'DDoS', 'Malware', 'DDoS'],
    'Packet_Size_MB': [500, 2, 450, 15, 600]
}
# df = pd.read_csv("cyber_logs.csv") # In real project
# or using the dictionary above:
df = pd.DataFrame(data)

# 1. Count occurrences (Frequency Distribution)
print(df['Attack_Type'].value_counts())
# Output: DDoS: 3, Phishing: 1, Malware: 1

# 2. Calculate Mean packet size using NumPy
avg_size = np.mean(df['Packet_Size_MB'])
print(f"Average Attack Size: {avg_size} MB")
# Output: 313.4 MB

Attack_Type
DDoS        3
Phishing    1
Malware     1
Name: count, dtype: int64
Average Attack Size: 313.4 MB
