Create app.py

app.py

@@ -0,0 +1,384 @@
+import gradio as gr
+import torch
+from transformers import AutoTokenizer, AutoModelForSequenceClassification
+import numpy as np
+import json
+import re
+import time
+from datetime import datetime
+import plotly.graph_objects as go
+import plotly.express as px
+from plotly.subplots import make_subplots
+
+# Initialize SecBERT model
+MODEL_NAME = "jackaduma/SecBERT"
+tokenizer = AutoTokenizer.from_pretrained(MODEL_NAME)
+model = AutoModelForSequenceClassification.from_pretrained(MODEL_NAME)
+
+# Threat patterns and keywords
+THREAT_PATTERNS = {
+    "malware": ["trojan", "virus", "worm", "ransomware", "backdoor", "rootkit", "botnet", "keylogger"],
+    "phishing": ["click here", "urgent action", "verify account", "suspended", "limited time", "act now"],
+    "social_engineering": ["confidential", "insider", "exclusive", "secret", "don't tell", "between us"],
+    "data_breach": ["leaked", "exposed", "unauthorized access", "data dump", "credentials", "database"],
+    "network_attack": ["ddos", "injection", "exploit", "payload", "shell", "reverse", "buffer overflow"],
+    "apt": ["advanced persistent", "nation state", "targeted", "spear phishing", "zero day", "lateral movement"]
+}
+
+DEMO_EXAMPLES = [
+    "Urgent: Your account has been suspended! Click this link immediately to verify your identity and restore access.",
+    "Our new trojan variant uses advanced persistence mechanisms and lateral movement techniques to maintain access.",
+    "The APT group deployed custom malware with zero-day exploits targeting financial institutions.",
+    "Database containing 2.3 million user credentials was found exposed on an unprotected server.",
+    "Hi there! Hope you're having a great day. Looking forward to our meeting tomorrow at 2 PM.",
+    "The SQL injection vulnerability allows attackers to dump the entire user database via union select queries."
+]
+
+def analyze_threat_patterns(text):
+    """Analyze text for cybersecurity threat patterns"""
+    threat_scores = {}
+    detected_threats = []
+    
+    text_lower = text.lower()
+    
+    for threat_type, keywords in THREAT_PATTERNS.items():
+        score = 0
+        found_keywords = []
+        
+        for keyword in keywords:
+            if keyword in text_lower:
+                score += 1
+                found_keywords.append(keyword)
+        
+        if score > 0:
+            threat_scores[threat_type] = {
+                "score": min(score / len(keywords), 1.0),
+                "keywords": found_keywords
+            }
+            detected_threats.append(threat_type)
+    
+    return threat_scores, detected_threats
+
+def get_threat_level(threat_scores):
+    """Calculate overall threat level"""
+    if not threat_scores:
+        return "safe", 0.0
+    
+    max_score = max(threat_info["score"] for threat_info in threat_scores.values())
+    
+    if max_score >= 0.4:
+        return "critical", max_score
+    elif max_score >= 0.25:
+        return "high", max_score
+    elif max_score >= 0.15:
+        return "medium", max_score
+    else:
+        return "low", max_score
+
+def create_threat_visualization(threat_scores, overall_level, overall_score):
+    """Create interactive threat visualization"""
+    if not threat_scores:
+        # Safe visualization
+        fig = go.Figure(go.Indicator(
+            mode = "gauge+number",
+            value = 0,
+            domain = {'x': [0, 1], 'y': [0, 1]},
+            title = {'text': "🟢 SAFE"},
+            gauge = {
+                'axis': {'range': [None, 1]},
+                'bar': {'color': "green"},
+                'steps': [{'range': [0, 1], 'color': "lightgray"}],
+                'threshold': {'line': {'color': "red", 'width': 4},
+                           'thickness': 0.75, 'value': 0.8}
+            }
+        ))
+    else:
+        # Threat level colors
+        colors = {
+            "safe": "green",
+            "low": "yellow", 
+            "medium": "orange",
+            "high": "red",
+            "critical": "darkred"
+        }
+        
+        # Main gauge
+        fig = go.Figure(go.Indicator(
+            mode = "gauge+number+delta",
+            value = overall_score,
+            domain = {'x': [0, 1], 'y': [0, 1]},
+            title = {'text': f"🚨 {overall_level.upper()} THREAT"},
+            delta = {'reference': 0.5},
+            gauge = {
+                'axis': {'range': [None, 1]},
+                'bar': {'color': colors[overall_level]},
+                'steps': [
+                    {'range': [0, 0.15], 'color': "lightgreen"},
+                    {'range': [0.15, 0.25], 'color': "yellow"},
+                    {'range': [0.25, 0.4], 'color': "orange"},
+                    {'range': [0.4, 1], 'color': "red"}
+                ],
+                'threshold': {'line': {'color': "black", 'width': 4},
+                           'thickness': 0.75, 'value': 0.8}
+            }
+        ))
+    
+    fig.update_layout(
+        height=300,
+        font={'color': "white", 'family': "Arial"},
+        paper_bgcolor="rgba(0,0,0,0.1)",
+        plot_bgcolor="rgba(0,0,0,0)"
+    )
+    
+    return fig
+
+def create_threat_breakdown(threat_scores):
+    """Create threat category breakdown chart"""
+    if not threat_scores:
+        return None
+    
+    categories = list(threat_scores.keys())
+    scores = [threat_scores[cat]["score"] for cat in categories]
+    
+    colors = px.colors.qualitative.Set3
+    
+    fig = go.Figure(data=[
+        go.Bar(
+            x=categories,
+            y=scores,
+            marker_color=colors[:len(categories)],
+            text=[f"{s:.1%}" for s in scores],
+            textposition='auto',
+        )
+    ])
+    
+    fig.update_layout(
+        title="Threat Categories Detected",
+        xaxis_title="Threat Type",
+        yaxis_title="Threat Score",
+        height=400,
+        font={'color': "white"},
+        paper_bgcolor="rgba(0,0,0,0.1)",
+        plot_bgcolor="rgba(0,0,0,0)"
+    )
+    
+    return fig
+
+def highlight_threats_in_text(text, threat_scores):
+    """Highlight detected threats in the original text"""
+    if not threat_scores:
+        return text
+    
+    highlighted_text = text
+    colors = ["#ff6b6b", "#4ecdc4", "#45b7d1", "#96ceb4", "#ffeaa7", "#dda0dd"]
+    
+    color_idx = 0
+    for threat_type, threat_info in threat_scores.items():
+        color = colors[color_idx % len(colors)]
+        for keyword in threat_info["keywords"]:
+            pattern = re.compile(re.escape(keyword), re.IGNORECASE)
+            highlighted_text = pattern.sub(
+                f'<mark style="background-color: {color}; padding: 2px 4px; border-radius: 3px; font-weight: bold;">{keyword}</mark>',
+                highlighted_text
+            )
+        color_idx += 1
+    
+    return highlighted_text
+
+def analyze_cybersecurity_threat(text, progress=gr.Progress()):
+    """Main threat analysis function"""
+    progress(0, desc="Initializing analysis...")
+    time.sleep(0.5)
+    
+    progress(0.2, desc="Scanning for threat patterns...")
+    threat_scores, detected_threats = analyze_threat_patterns(text)
+    time.sleep(0.3)
+    
+    progress(0.5, desc="Calculating threat levels...")
+    overall_level, overall_score = get_threat_level(threat_scores)
+    time.sleep(0.3)
+    
+    progress(0.7, desc="Generating visualizations...")
+    gauge_chart = create_threat_visualization(threat_scores, overall_level, overall_score)
+    breakdown_chart = create_threat_breakdown(threat_scores)
+    time.sleep(0.3)
+    
+    progress(0.9, desc="Highlighting threats in text...")
+    highlighted_text = highlight_threats_in_text(text, threat_scores)
+    
+    # Generate detailed analysis
+    analysis_report = generate_analysis_report(threat_scores, overall_level, overall_score, detected_threats)
+    
+    progress(1.0, desc="Analysis complete!")
+    
+    return (
+        gauge_chart,
+        breakdown_chart if breakdown_chart else gr.update(visible=False),
+        f"<div style='padding: 15px; background: rgba(0,0,0,0.1); border-radius: 10px; color: white;'>{highlighted_text}</div>",
+        analysis_report,
+        gr.update(visible=True)
+    )
+
+def generate_analysis_report(threat_scores, overall_level, overall_score, detected_threats):
+    """Generate detailed threat analysis report"""
+    timestamp = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
+    
+    report = f"""
+    ## 🔍 Cybersecurity Threat Analysis Report
+    **Timestamp:** {timestamp}
+    **Overall Threat Level:** {overall_level.upper()} ({overall_score:.1%})
+    
+    ### 📊 Summary
+    """
+    
+    if not threat_scores:
+        report += """
+        ✅ **No cybersecurity threats detected!**
+        
+        The analyzed text appears to be safe and doesn't contain indicators of:
+        - Malware or malicious software
+        - Phishing attempts
+        - Social engineering tactics
+        - Data breach indicators
+        - Network attack patterns
+        - Advanced Persistent Threat (APT) activities
+        """
+    else:
+        report += f"""
+        ⚠️ **{len(detected_threats)} threat categories detected:**
+        
+        """
+        
+        for threat_type, threat_info in threat_scores.items():
+            score_percent = threat_info["score"] * 100
+            keywords = ", ".join(f"`{kw}`" for kw in threat_info["keywords"])
+            
+            report += f"""
+        **{threat_type.upper()}** - {score_percent:.1f}% confidence
+        - Detected keywords: {keywords}
+        
+        """
+        
+        report += """
+        ### 🛡️ Recommendations
+        
+        """
+        
+        if overall_level == "critical":
+            report += "🚨 **IMMEDIATE ACTION REQUIRED** - This content shows strong indicators of cybersecurity threats"
+        elif overall_level == "high":
+            report += "⚠️ **HIGH PRIORITY** - Review and investigate this content immediately"
+        elif overall_level == "medium":
+            report += "🔶 **MODERATE CONCERN** - Monitor and verify the source of this content"
+        else:
+            report += "💡 **LOW PRIORITY** - Minor indicators detected, routine monitoring recommended"
+    
+    return report
+
+# Custom CSS for the interface
+custom_css = """
+.gradio-container {
+    background: linear-gradient(135deg, #667eea 0%, #764ba2 100%) !important;
+    color: white;
+}
+
+.gr-button {
+    background: linear-gradient(45deg, #FF6B6B, #4ECDC4) !important;
+    border: none !important;
+    color: white !important;
+    font-weight: bold !important;
+    transition: all 0.3s ease !important;
+}
+
+.gr-button:hover {
+    transform: translateY(-2px) !important;
+    box-shadow: 0 5px 15px rgba(0,0,0,0.3) !important;
+}
+
+.gr-textbox textarea {
+    background: rgba(255,255,255,0.1) !important;
+    border: 2px solid rgba(255,255,255,0.3) !important;
+    color: white !important;
+}
+
+.gr-markdown {
+    color: white !important;
+}
+
+.threat-highlight {
+    animation: pulse 2s infinite;
+}
+
+@keyframes pulse {
+    0% { opacity: 1; }
+    50% { opacity: 0.7; }
+    100% { opacity: 1; }
+}
+"""
+
+# Build the Gradio interface
+with gr.Blocks(css=custom_css, title="🚨 Cyber Threat Radar") as demo:
+    gr.Markdown("""
+    # 🚨 Cyber Threat Radar Dashboard
+    ### Powered by SecBERT - Real-time Cybersecurity Threat Detection
+    
+    **Upload any text and watch our AI detect hidden cybersecurity threats in real-time!**
+    
+    Try pasting emails, code snippets, news articles, or any suspicious content. Our advanced AI will analyze it for:
+    🦠 Malware indicators • 🎣 Phishing attempts • 👥 Social engineering • 💾 Data breaches • 🌐 Network attacks • 🎯 APT activities
+    """)
+    
+    with gr.Row():
+        with gr.Column(scale=2):
+            input_text = gr.Textbox(
+                label="📝 Enter text to analyze",
+                placeholder="Paste any text here - emails, articles, code, reports...",
+                lines=8,
+                max_lines=15
+            )
+            
+            with gr.Row():
+                analyze_btn = gr.Button("🔍 Analyze Threats", variant="primary", size="lg")
+                clear_btn = gr.Button("🗑️ Clear", variant="secondary")
+            
+            gr.Markdown("### 🎯 Try These Examples:")
+            example_buttons = []
+            for i, example in enumerate(DEMO_EXAMPLES):
+                btn = gr.Button(f"Example {i+1}: {example[:50]}...", variant="secondary", size="sm")
+                btn.click(lambda x=example: x, outputs=input_text)
+                example_buttons.append(btn)
+    
+    with gr.Row():
+        with gr.Column():
+            threat_gauge = gr.Plot(label="🎯 Threat Level Gauge")
+        with gr.Column():
+            threat_breakdown = gr.Plot(label="📊 Threat Categories", visible=False)
+    
+    with gr.Row():
+        highlighted_text = gr.HTML(label="🔍 Text Analysis (Threats Highlighted)")
+    
+    with gr.Row():
+        analysis_report = gr.Markdown(label="📋 Detailed Analysis Report")
+    
+    results_section = gr.Group(visible=False)
+    
+    # Event handlers
+    analyze_btn.click(
+        analyze_cybersecurity_threat,
+        inputs=[input_text],
+        outputs=[threat_gauge, threat_breakdown, highlighted_text, analysis_report, results_section]
+    )
+    
+    clear_btn.click(
+        lambda: ("", None, None, "", gr.update(visible=False)),
+        outputs=[input_text, threat_gauge, threat_breakdown, analysis_report, results_section]
+    )
+
+if __name__ == "__main__":
+    demo.launch(
+        share=True,
+        show_error=True,
+        debug=True,
+        server_name="0.0.0.0",
+        server_port=7860
+    )