Hugging Face's logo

Wall06
/
AEGIS-SWARM

English
cybersecurity
phishing-detection
quishing
nlp
computer-vision
ensemble-learning
Model card Files
xet
 Community

AEGIS-SWARM: Intelligent Multi-Modal Threat Triage System

AEGIS-SWARM is an Intelligent Multi-Modal Threat Triage System designed to detect phishing threats across multiple modalities including text messages, emails, URLs, and QR codes. The system integrates machine learning, natural language processing, computer vision, and real-time analytics into a unified cybersecurity ecosystem.

Model Architecture

The system operates using two specialized agents:

1. ShieldAI NLP Agent

  • This agent is responsible for phishing text and email detection.
  • It processes textual inputs using TF-IDF vectorization (5,000 features, unigrams and bigrams).
  • It extracts 13 handcrafted cybersecurity heuristic features, such as urgency indicators and suspicious keyword patterns.
  • Classification is performed by a Soft Voting Ensemble consisting of Logistic Regression, Random Forest, and Gradient Boosting.
  • The model was trained on 24,206 samples sourced from the SMS Spam Collection Dataset and the Kaggle Phishing Email Dataset.

2. Visual Auditor Agent

  • This agent handles QR code URL extraction and malicious URL classification.
  • It utilizes OpenCV to decode and extract raw URL strings from uploaded QR images.
  • It processes the extracted URLs using character-level TF-IDF (3,000 features, n-grams 2-4).
  • It evaluates 15 handcrafted structural URL heuristic features.
  • Classification is performed by a Soft Voting Ensemble of Logistic Regression and Random Forest algorithms.
  • The model was trained on a balanced dataset of 21,220 URLs extracted from over 200,000 QR code images.

Performance Metrics

Both models were evaluated on held-out test sets following standard train/test split procedures:

  • ShieldAI NLP Agent: Achieved 94.34% accuracy and an AUC-ROC score of 0.9856. It demonstrated a precision of 94.84% and a recall of 87.78%.
  • Visual Auditor Agent: Achieved 96.44% accuracy and an AUC-ROC score of 0.9924. It demonstrated a high precision of 99.01% and a recall of 93.83%.

System Integration

  • Frontend Integration: The system was designed to connect to a real-time analytics frontend visualization dashboard built with Streamlit.
  • Threat Intelligence Storage: Detected threats can be logged and monitored using a Supabase PostgreSQL cloud database.

Authors

This system was developed by Muhammad Abdullah for the Artificial Intelligence course at COMSATS University Islamabad - Lahore Campus, under the supervision of Engr. Abu Bakr Talha Jalil.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support