Upload 4 files

Dockerfile

@@ -0,0 +1,28 @@
+FROM python:3.10-slim
+
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PIP_NO_CACHE_DIR=1
+
+WORKDIR /app
+
+# Writable cache directory for HF/torch
+RUN mkdir -p /data/.cache && chmod -R 777 /data
+ENV HF_HOME=/data/.cache \
+    TRANSFORMERS_CACHE=/data/.cache \
+    TORCH_HOME=/data/.cache
+
+# System deps (optional but helps with torch wheels)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    build-essential git && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY requirements.txt /app/requirements.txt
+RUN pip install -r /app/requirements.txt
+
+COPY app.py /app/app.py
+
+EXPOSE 7860
+CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]
+
+

README.md

@@ -1,52 +1,41 @@
-Random Forest / XGBoost Model for URL Phishing Detection
-
-This repository contains a trained tree-based classifier for detecting phishing URLs. The model was trained from the `PhiUSIIL_Phishing_URL_Dataset.csv` with lightweight, URL-only lexical and structural features. On the held-out test split it achieved high accuracy and F1.
-
-Highlights
-- Backend: gradient-boosted trees via XGBoost (uses GPU if available; falls back to CPU).
-- Input: raw URL string only (no external DNS/WHOIS calls needed).
-- Features: length, character counts, digit ratio, IPv4 presence, common phishing tokens, scheme/TLD heuristics.
-
-Test metrics (from notebook)
-- accuracy: 0.9952
-- precision: 0.9928
-- recall: 0.9989
-- f1: 0.9958
-- roc_auc: 0.9976
-
-Files
-- `rf_url_phishing_xgboost_bst.joblib`: joblib bundle with the trained model and metadata.
-- `inference.py`: helpers to load the bundle and run `predict_url()`.
-- `requirements.txt`: minimal dependencies for local inference.
-
-Quick start (local)
-1) Install dependencies
-```bash
-pip install -r requirements.txt
-```
+---
+title: PhishWatch Proxy
+emoji: 🛡️
+sdk: docker
+---
+
+# Hugging Face Space - Phishing Text Classifier (Docker + FastAPI)
+
+This Space exposes two endpoints so the Flutter app can call them reliably:
+
+- `/predict` for text/email/SMS classification via Transformers
+- `/predict-url` for URL classification via your scikit-learn Random Forest model
+
+## Files
+- Dockerfile - builds a small FastAPI server image
+- app.py - FastAPI app that loads the model and returns `{ label, score }`.
+- requirements.txt - Python dependencies.
+
+## How to deploy
+1. Create a new Space on Hugging Face (type: Docker).
+2. Upload the contents of this `hf_space/` folder to the Space root (including Dockerfile).
+3. In Space Settings → Variables, add:
+   - MODEL_ID = Perth0603/phishing-email-mobilebert
+   - URL_REPO = Perth0603/Random-Forest-Model-for-PhishingDetection
+   - URL_FILENAME = url_rf_model.joblib  (set to your artifact filename)
+4. Wait for the Space to build and become green. Test:
+   - GET `/` should return `{ status: ok, model: ... }`
+   - POST `/predict` with `{ "inputs": "Win an iPhone! Click here" }`
+   - POST `/predict-url` with `{ "url": "https://example.com/login" }`
+
+## Flutter app config
+Set the Space URL in your env file so the app targets the Space instead of the Hosted Inference API:
 
-2) Predict a single URL
-```python
-from inference import load_bundle, predict_url
-
-bundle = load_bundle("rf_url_phishing_xgboost_bst.joblib")
-result = predict_url(
-    url="http://secure-login-account-update.example.com/session?id=123",
-    bundle=bundle,
-    threshold=0.5,
-)
-print(result)
+```
+{"HF_SPACE_URL":"https://<your-space>.hf.space"}
 ```
 
-Bundle contents
-The joblib bundle contains:
-- `model`: trained XGBoost booster
-- `feature_cols`: ordered list of feature names expected by the model
-- `url_col`: original URL column name
-- `label_col`: label column name used in training
-- `model_type`: string identifying the backend (here: `xgboost_bst`)
-
-License
-This model is provided for research and educational purposes only. Evaluate thoroughly before use in production.
-
-
+Run the app:
+```
+flutter run --dart-define-from-file=hf.env.json
+```

app.py

@@ -0,0 +1,177 @@
+import os
+os.environ.setdefault("HOME", "/data")
+os.environ.setdefault("XDG_CACHE_HOME", "/data/.cache")
+os.environ.setdefault("HF_HOME", "/data/.cache")
+os.environ.setdefault("TRANSFORMERS_CACHE", "/data/.cache")
+os.environ.setdefault("TORCH_HOME", "/data/.cache")
+
+from fastapi import FastAPI
+from fastapi.responses import JSONResponse
+from pydantic import BaseModel
+from transformers import AutoTokenizer, AutoModelForSequenceClassification
+from huggingface_hub import hf_hub_download
+import joblib
+import torch
+import re
+import numpy as np
+import pandas as pd
+try:
+    import xgboost as xgb  # type: ignore
+except Exception:
+    xgb = None  # optional; required if bundle uses xgboost
+
+
+MODEL_ID = os.environ.get("MODEL_ID", "Perth0603/phishing-email-mobilebert")
+URL_REPO = os.environ.get("URL_REPO", "Perth0603/Random-Forest-Model-for-PhishingDetection")
+URL_REPO_TYPE = os.environ.get("URL_REPO_TYPE", "model")  # model|space|dataset
+# NOTE: set to your artifact filename, e.g. rf_url_phishing_xgboost_bst.joblib
+URL_FILENAME = os.environ.get("URL_FILENAME", "rf_url_phishing_xgboost_bst.joblib")
+
+# Ensure writable cache directory for HF/torch inside Spaces Docker
+CACHE_DIR = os.environ.get("HF_CACHE_DIR", "/data/.cache")
+os.makedirs(CACHE_DIR, exist_ok=True)
+
+app = FastAPI(title="Phishing Text Classifier", version="1.0.0")
+
+
+class PredictPayload(BaseModel):
+    inputs: str
+
+
+# Lazy singletons for model/tokenizer
+_tokenizer = None
+_model = None
+_url_bundle = None  # holds dict: {model, feature_cols, url_col, label_col, model_type}
+
+
+def _load_url_model():
+    global _url_bundle
+    if _url_bundle is None:
+        # Prefer local artifact if present (e.g., committed into the Space repo)
+        local_path = os.path.join(os.getcwd(), URL_FILENAME)
+        if os.path.exists(local_path):
+            _url_bundle = joblib.load(local_path)
+            return
+        # Download model artifact from HF Hub
+        model_path = hf_hub_download(
+            repo_id=URL_REPO,
+            filename=URL_FILENAME,
+            repo_type=URL_REPO_TYPE,
+            cache_dir=CACHE_DIR,
+        )
+        _url_bundle = joblib.load(model_path)
+
+
+# URL feature engineering (must match training)
+_SUSPICIOUS_TOKENS = ["login", "verify", "secure", "update", "bank", "pay", "account", "webscr"]
+_ipv4_pattern = re.compile(r'(?:\d{1,3}\.){3}\d{1,3}')
+
+def _engineer_features(df: pd.DataFrame, url_col: str, feature_cols: list[str] | None = None) -> pd.DataFrame:
+    s = df[url_col].astype(str)
+    out = pd.DataFrame(index=df.index)
+    out['url_len'] = s.str.len().fillna(0)
+    out['count_dot'] = s.str.count(r'\.')
+    out['count_hyphen'] = s.str.count('-')
+    out['count_digit'] = s.str.count(r'\d')
+    out['count_at'] = s.str.count('@')
+    out['count_qmark'] = s.str.count('\?')
+    out['count_eq'] = s.str.count('=')
+    out['count_slash'] = s.str.count('/')
+    out['digit_ratio'] = (out['count_digit'] / out['url_len'].replace(0, np.nan)).fillna(0)
+    out['has_ip'] = s.str.contains(_ipv4_pattern).astype(int)
+    for tok in _SUSPICIOUS_TOKENS:
+        out[f'has_{tok}'] = s.str.contains(tok, case=False, regex=False).astype(int)
+    out['starts_https'] = s.str.startswith('https').astype(int)
+    out['ends_with_exe'] = s.str.endswith('.exe').astype(int)
+    out['ends_with_zip'] = s.str.endswith('.zip').astype(int)
+    return out if feature_cols is None else out[feature_cols]
+
+
+def _load_model():
+    global _tokenizer, _model
+    if _tokenizer is None or _model is None:
+        _tokenizer = AutoTokenizer.from_pretrained(MODEL_ID, cache_dir=CACHE_DIR)
+        _model = AutoModelForSequenceClassification.from_pretrained(MODEL_ID, cache_dir=CACHE_DIR)
+        # Warm-up
+        with torch.no_grad():
+            _ = _model(**_tokenizer(["warm up"], return_tensors="pt")).logits
+
+
+@app.get("/")
+def root():
+    return {"status": "ok", "model": MODEL_ID}
+
+
+@app.post("/predict")
+def predict(payload: PredictPayload):
+    try:
+        _load_model()
+        with torch.no_grad():
+            inputs = _tokenizer([payload.inputs], return_tensors="pt", truncation=True, max_length=512)
+            logits = _model(**inputs).logits
+            probs = torch.softmax(logits, dim=-1)[0]
+            score, idx = torch.max(probs, dim=0)
+    except Exception as e:
+        return JSONResponse(status_code=500, content={"error": str(e)})
+
+    # Map common ids to labels (kept generic; your config also has these)
+    id2label = {0: "LEGIT", 1: "PHISH"}
+    label = id2label.get(int(idx), str(int(idx)))
+    return {"label": label, "score": float(score)}
+
+
+class PredictUrlPayload(BaseModel):
+    url: str
+
+
+@app.post("/predict-url")
+def predict_url(payload: PredictUrlPayload):
+    try:
+        _load_url_model()
+        bundle = _url_bundle
+        if not isinstance(bundle, dict) or 'model' not in bundle:
+            raise RuntimeError("Loaded URL artifact is not a bundle dict with 'model'.")
+        model = bundle['model']
+        feature_cols = bundle.get('feature_cols') or []
+        url_col = bundle.get('url_col') or 'url'
+        model_type = bundle.get('model_type') or ''
+
+        row = pd.DataFrame({url_col: [payload.url]})
+        feats = _engineer_features(row, url_col, feature_cols)
+
+        score = None
+        label = None
+
+        if isinstance(model_type, str) and model_type == 'xgboost_bst':
+            if xgb is None:
+                raise RuntimeError("xgboost is not installed but required for this model bundle.")
+            dmat = xgb.DMatrix(feats)
+            proba = float(model.predict(dmat)[0])
+            score = proba
+            label = "PHISH" if score >= 0.5 else "LEGIT"
+        elif hasattr(model, "predict_proba"):
+            proba = model.predict_proba(feats)[0]
+            if len(proba) == 2:
+                score = float(proba[1])
+                label = "PHISH" if score >= 0.5 else "LEGIT"
+            else:
+                max_idx = int(np.argmax(proba))
+                score = float(proba[max_idx])
+                label = "PHISH" if max_idx == 1 else "LEGIT"
+        else:
+            pred = model.predict(feats)[0]
+            if isinstance(pred, (int, float, np.integer, np.floating)):
+                label = "PHISH" if int(pred) == 1 else "LEGIT"
+                score = 1.0 if label == "PHISH" else 0.0
+            else:
+                up = str(pred).strip().upper()
+                if up in ("PHISH", "PHISHING", "MALICIOUS"):
+                    label, score = "PHISH", 1.0
+                else:
+                    label, score = "LEGIT", 0.0
+    except Exception as e:
+        return JSONResponse(status_code=500, content={"error": str(e)})
+
+    return {"label": label, "score": float(score)}
+
+

requirements.txt

@@ -1,34 +1,15 @@
-# Core numerical and IO
-numpy<2.0
-pandas==2.2.2
-joblib>=1.3
-
-# CPU ML fallback
-scikit-learn>=1.3
-
-# GPU array library (imported as `cupy` in the notebook)
-# Pick the CUDA 12.x wheel that matches your GPU drivers
-cupy-cuda12x>=12.0.0
-
-# Optional: used only for the simple GPU availability check in the notebook
-# (You can skip installing torch if you remove the torch check cell.)
-torch>=2.1
-
-# IMPORTANT: RAPIDS (cuDF, cuML) install instructions (NOT via pip)
-# The notebook uses RAPIDS cuDF/cuML for GPU RandomForest. Install via Conda:
-#
-#   conda create -n rapids-24.08 -c rapidsai -c conda-forge -c nvidia \
-#       rapids=24.08 python=3.10 cuda-version=12.2 -y
-#   conda activate rapids-24.08
-#
-# This will install `cudf` and `cuml` compatible with CUDA 12.2. If you're on Windows,
-# use WSL2 (Ubuntu) for best support. Native Windows support for RAPIDS is limited.
-
-# Windows-friendly GPU fallback (no RAPIDS required)
-# XGBoost supports GPU acceleration on native Windows when built with CUDA.
-# pip install xgboost will fetch a prebuilt wheel with GPU support if available.
-xgboost>=2.0
-
-# (Optional) Another alternative with some GPU support (requires separate setup):
-# lightgbm
+--extra-index-url https://download.pytorch.org/whl/cpu
+fastapi==0.115.0
+uvicorn==0.30.6
+transformers==4.46.3
+torch==2.3.1+cpu
+accelerate>=0.33.0
+safetensors>=0.4.3
+
+# URL model dependencies
+huggingface_hub>=0.23.0
+scikit-learn>=1.3.0
+joblib>=1.3.0
+pandas>=2.0.0
+xgboost>=2.0.0