File size: 3,390 Bytes
ce998c6
 
 
 
 
 
 
 
 
 
 
 
 
 
 
d06d82c
 
 
 
0417a8c
d06d82c
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
0417a8c
 
d06d82c
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
---
title: NetShield  ML Model for Network Attack Detection
emoji: 🛡️
colorFrom: gray
colorTo: red
sdk: gradio
sdk_version: "5.4.0"   # latest stable gradio
app_file: app.py
pinned: false
license: mit
---




# NetworkAttackDetector — Real‑time Network Threat Detection 🛡️

Lightweight Gradio app to predict and explain potential network scan types from request metadata. Built with a scikit‑learn pipeline, ready to run locally. 🚀

---

## Badges

[![Python](https://img.shields.io/badge/Python-3.10%2B-blue.svg)](https://www.python.org/)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](./LICENSE)

---

## Table of Contents

- [Demo](#demo)
- [Features](#features)
- [Installation / Setup](#installation--setup)
- [Usage](#usage)
- [Configuration / Options](#configuration--options)
- [Contributing](#contributing)
- [License](#license)
- [Acknowledgements / Credits](#acknowledgements--credits)

---

## Demo

The repository includes real demo assets under `./demo/`.

- Image preview:

  ![Demo UI](./demo/demo.png)

- Short walkthrough (MP4):

  <video src="./demo/demo.mp4" controls width="640"></video>

---

## Features

- **Interactive UI** using `gradio` via `ui.py``build_ui()`.
- **Pretrained artifacts** loaded from `./models/` via `utils.py``load_artifacts()`.
- **Fast inference** using a serialized scikit‑learn pipeline (`joblib`).
- **Human‑readable prediction** by decoding labels with a fitted encoder.

---

## Installation / Setup

Use a virtual environment for isolation.

```bash
# Create a virtual environment
python -m venv .venv

# Activate it
# On Linux/Mac:
source .venv/bin/activate
# On Windows:
.venv\Scripts\activate

# Install dependencies
pip install -r requirements.txt
```

---

## Usage

Run the Gradio app from the project root:

```bash
python app.py
```

Then open the local URL printed by Gradio (e.g., http://127.0.0.1:7860/).

### Input fields
- `Port` (number)
- `Request Type` (e.g., GET, POST)
- `Protocol` (e.g., HTTP, HTTPS)
- `Payload Size` (number)
- `User Agent` (string)
- `Status` (e.g., 200, 404)

### Output
- A predicted scan type (human‑readable label) returned by `predict_intrusion()`.

---

## Configuration / Options

- **Model artifacts**: The app expects the following files to exist:
  - `models/network_logs_pipeline.joblib`
  - `models/target_encoder.joblib`

- **Changing artifact paths**: Update `utils.py``load_artifacts()` if your models live elsewhere.

- **Environment**: Ensure your Python version satisfies the version in the badge above.

---

## Contributing

Contributions are welcome! Suggestions, issues, and PRs help improve the project.

1. Fork the repo
2. Create a feature branch: `git checkout -b feat/your-feature`
3. Commit changes: `git commit -m "feat: add your feature"`
4. Push to branch: `git push origin feat/your-feature`
5. Open a Pull Request

Please keep PRs focused and include context, screenshots when relevant, and tests if logic changes.

---

## License

This project is licensed under the MIT License — see [LICENSE](./LICENSE) for details.

---

## Acknowledgements / Credits

- Model training and experimentation are illustrated in `network-threat-detection-with-f1-99.ipynb` using `pandas`, `numpy`, `scikit‑learn`, `xgboost`, and `shap`.
- UI is built with `gradio` and model artifacts are loaded with `joblib`.